How to edit AFP/Netatalk default permissions?

Hi;

I am having an issue where AFP connected users are creating files that can’t be accessed by others.

I’d like to modify the AFP shared volumes with the perm setting, e.g.

directory perm = 0777
file perm = 0777

Any attempt to modify this is of course overwritten by Rockstor, and I am not sure how to modify the settings from the GUI.

Alternatively, if the ACL settings on the share (0777) were being followed, this would be OK too; my goal is to have any users of a particular group be able to read and write the files.

Can anyone provide some assistance or suggestions on how to do this the Rockstor-way?

Or if there is no Rockstor-way, a workaround?

I’m stuck with the AFP requirement for my users, unfortunately.

Searching through indicates I think this is the same issue here:

https://github.com/rockstor/rockstor-core/issues/584

Although edits made to the global section also appear to be wiped out for me; I’m not sure if this would fix this issue, either.

Help?

@smanley Hello again.

Ok looks like you’ve found the relevant open issue on expanding AFP config options.

Until someone adds this capability you could try ‘hard wiring’ your required config. Have a look at the following code on your own system:

You should be able to alter / add similar lines to pop in your required config. Your installed instance of this file is located at:

/opt/rockstor/src/rockstor/system/services.py

The nano editor is pre-installed (-c for line numbers). A restart of the Rockstor service will be required for your changes to take effect though:

systemctl restart rockstor

Obviously be careful with exact indent etc (spaces) and it might be as well to copy the file to, for example, /root first just in case it all goes pear shaped.

Hope that helps and let us know how you get on.

I think that’s a hard stop for my experiment with Rockstor on production kit.

I’ll keep things mirrored but will have to migrate to another option for users.

@smanley

OK, yes we are a little weak on the AFP side for config options. It’s just not been request much and has essentially remained unchanged for quite a while now as a result. I imagine someone will get to it at some point so do consider noting here and/or in the issue you found your ‘missing’ options, most notably those’s that we can add via a tick or some drop down that can keep the Web-UI simple and accessible. Obviously an anything goes custom option is usefully but it would be nice to add the most common, desired options as easy ui elements. Although of course time machine is coming to samba in time, along with spotlight (I think it was) which will be nice. And the newer OSX versions are seeming to favour SMB protocol over the AFP so it does look like the AFP protocol is on the way out.

Oh well all in good time; and do please consider popping in your desired settings in order of preference. I’m unlikely myself to get to this soon but we have had a recent code contribution on AFP:

And I’m due to do some maintenance by way of follow up on that issue at some time so prioritised requests on missing config items are welcome.

All the best and thanks for your query/contribution.

Almost any reasonably current Mac should be able to use SMB.

I think everything since about Leopard has started pushing towards using SMB rather than AFP.

1 Like