Installing Netatalk on a Solaris System.

These notes cover compiling and installing Netatalk, setting up Netatalk shared volumes, printing from Unix computers to AppleTalk printers, and printing from Macintoshes to printers connected to Unix hosts. These instructions refer to netatalk-1.6.4 and Solaris 9 on a Sparc based platform. There should be no differences for Solaris 7 or 8, and some parts may be applicable to Unix based operating systems other than Solaris.
Now for the disclaimer...
These are just a few notes I threw together. I don't claim that they are complete or even accurate. If you have any questions, ask the Netatalk folks. If I've made any mistakes, please let me know.

Netatalk-2.0.3 / Solaris 10

I haven't got Netatalk-2.0.3 to run under Solaris 10 yet, but it sounds like other people on the web have. It will compile after applying the fix described here. (I couldn't apply the patch, I just edited sys/solaris/tpi.c). The Solaris host shows up on the list generated when you click on the "Network" icon but when I double click on the name of the Solaris host I get an error pop-up "This file server uses an incompatible version of the AFP file protocol. You cannot connect to it." This might be something to do with Mac OS 10.4, but the problem does not occur on a Sun running netatalk 1.6.4 / Solaris 9. Printing didn't work either. Enough messing about for now, I'll wait for the next version of netatalk. The rest of these notes are a bit out of date, referring as stated above to netatalk-1.6.4 / Solaris 9.

What is Netatalk?

Netatalk is a small suite of programs that allow:

Do You Need It?

If your intended use is to allow a Macintosh to access a printer on a computer running Unix, and the Mac is running MacOS X, try using the printer setup utility on the Mac, and setting the type of printer connection to "IP Printing", using the computer's name or IP address as the printer address. MUCH simpler!


Netatalk requires Berkeley DB avalailable from Sleepycat Software.
If you install this in a nonstandard location, say   /space/local   you'll probably need to tell the Solaris linker where to find the libdb library, using the command
crle -u -l /space/local/lib
Netatalk supports BDB 4.1.25 and 4.2.52 (the latter being the recommended version).

Things that make life difficult


Installing Netatalk

  1. Obtain and install Berkeley DB.
    Point your browser at docs/index.html in the downloaded source, and follow the instructions for building on UNIX/POSIX systems.
    If you're using Gnu C, you'll have to set the CC environment variable to tell it to use gcc. For example if your shell is bash, type
    export CC
    before running the configure script.
    C shell users would type
    setenv CC gcc
  2. Obtain netatalk.
  3. Untar the source, change into the netatalk directory, and run configure.
    To run configure using the default options, simply type
    However if you want to install in /space/local rather than /usr/local, and Berkeley DB is in /space/local/BerkeleyDB.4.1/ for example, you would type
    ./configure --prefix=/space/local --with-bdb=/space/local/BerkeleyDB.4.1
    If configure can't find the Berkeley DB libraries, it will eventually (after about 270 lines of the usual configure output) print out an error:
    configure: error: Berkeley DB library not found!
    There are many other configure options, which can be displayed by typing
      ./configure --help
    Support for tcp wrappers is included by default, although there is a configure option to remove it. Tcp wrappers appears to be used for controlling access to printers. See docs/Netatalk-Manual.html for further details. The documentation is better than before, but I haven't taken time to read it all, and can't comment on how easy it is to set up.
  4. type   make
  5. type (as root)   make install-strip
    (make install also works, but make install-strip gives smaller executables).

Now for the tricky bit -

The dreaded kernel driver

You have to compile a kernel driver as described in the README.platforms file in the doc subdirectory of the distribution.
  1. First determine if you are running a 32 or 64 bit kernel. Type
     isainfo -b
    This will simply print 32 or 64.
  2. Change to the sys/solaris directory and edit Makefile.kernel to set the compiler flags for the compiler you are using.
    If you are compiling a 64 bit driver, uncomment the line SPARC64=true. If using gcc, uncomment the line LDSHAREDFLAGS = -shared -64 and comment out the line without the -shared -64 option.
    You should also add the option -m64 and, depending on your processor type, uncomment the -mcpu=ultrasparc option.
    (Try the Sun Documentation Center for information about the processor in your Sun).
  3. Edit /etc/netconfig, adding the following line at the bottom:
    ddp        tpi_clts      -    appletalk ddp   /dev/ddp        -
    This makes the socket library aware of the AppleTalk protocol family.
  4. Compile and install the kernel driver by typing (as root)
    make -f Makefile.kernel kinstall
    Amongst all the other messages displayed as compilation occurs, you may see
    rem_drv ddp
    Driver (ddp) not installed.
    *** Error code 1 (ignored)
    Here it is attempting to remove the old kernel driver. Since this is a first time installation, there wasn't anything to remove, so it prints an error message which is ignored. No problem.

    You may also see

    add_drv -m '* 0666 root sys' ddp
    Warning: 32-bit version of driver found at /usr/kernel/drv/sparcv9/ddp.
    32-bit driver (ddp) not loadable on 64-bit kernel.
    Here it is attempting to install a 32 bit driver in a 64 bit kernel. In this case you would need to check the compiler flags in your makefile to make sure you are compiling a 64 bit driver. Then remove the ddp and *.o files and do another make.

    If you successfully compile a driver suitable for your system (32 or 64 bit), check to see that it installs. This is where things always go wrong for me! I get this:

    add_drv -m '* 0666 root sys' ddp
    devfsadm: driver failed to attach: ddp
    Warning: Driver (ddp) successfully added to system but failed to attach
  5. If your driver fails to attach, you could try a different compiler, or give up and use my 64 bit driver. Apologies to the 32 bit kernel people - I used to have a 32 bit driver but can't find it now. Of course you can't use this 64 bit driver in a 32 bit kernel, and you definitely can't use this driver on an Intel based Sun!
    Right-click on the 64 bit driver link, select "Save Link Target As", copy it to your netatalk-1.6.4/sys/solaris directory as "ddp", and repeat the make...
    cp ddp64sparc netatalk-1.6.4/sys/solaris/ddp
    make -f Makefile.kernel kinstall
    Since ddp was the last thing you copied into that directory, it should try and install it without repeating the actual compilation.
  6. If you manage to get the driver to attach, you're ready to continue.
    As part of the previous step, the Makefile installed the file /etc/init.d/atalk with a link to it from /etc/rc2.d/S79atalk
    Change to the /etc/init.d directory and look at the atalk file. It contains lines like
            if [ -x /atalkd ]; then
                    /atalkd;                echo ' atalkd\c'
    to start the various daemons. Clearly it won't work in its present form, since your executables (including atalkd in the example above) are not in the root directory. In my atalkd file I've added these two lines after the first set of comments:
    Of course change this if you did not install in /usr/local.
    Then change the start section to this:
            echo 'starting appletalk daemons: \c'
            if [ -x ${SBIN}/atalkd ]; then
                    ${SBIN}/atalkd;         echo ' atalkd\c'
            if [ -x ${BIN}/nbprgstr ]; then
                    ${BIN}/nbprgstr -p 4 `hostname|sed 's/\..*$//'`:Workstation
                    ${BIN}/nbprgstr -p 4 `hostname|sed 's/\..*$//'`:netatalk
                                                    echo ' nbprgstr\c'
            if [ -x ${SBIN}/papd ]; then
                    ${SBIN}/papd;                   echo ' papd\c'
            if [ -x ${SBIN}/afpd ]; then
                    ${SBIN}/afpd;                   echo ' afpd\c'
            if [ -x ${SBIN}/timelord ]; then
                    ${SBIN}/timelord;               echo ' timelord\c'
            echo '.'
    and similarly for the stop section.
  7. Change to the configuration file directory (default /usr/local/etc/netatalk). Edit atalkd.conf, adding the name of your network interface as the last line. This might be le0, hme0, eri0 or something similar. If you're not sure, type ifconfig -a to display the type of your network interface.
    The last line of atalkd.conf should thus look like this:
    There are things you can edit in the other configuration files, but that should do for now.
  8. Now to see if it works! Type (as root)
    /etc/rc2.d/S79atalk start
    After 30 to 60 seconds you should see
    starting appletalk daemons:  atalkd nbprgstr papd afpd.
    Also, if you have another look at atalkd.conf you should see that it has added your AppleTalk zone name and other information to the last line...
    hme0 -phase 2 -net 101-104 -addr 103.186 -zone "RSC"
    If you want, you can also check that there is a "/dev/ddp" link...
    > ls -l /dev/ddp
    lrwxrwxrwx  1 root  sys  29 Feb  9 11:05 /dev/ddp -> ../devices/pseudo/clone@0:ddp
  9. Checking that it works

    • Try getzones and nbplkup (described below). You should see a list of names.
    • You should be able to go to a Macintosh and see the name of your Unix computer in the display of shareable AppleTalk volumes.
      In MacOS X click on the "Network" globe icon, then double-click on your AppleTalk zone.
      In earlier versions of MacOS, select Chooser then AppleShare. Don't attempt to share your Unix disk yet unless you've already set up the necessary files -see below.
    • If your computer does not appear in the list of shareable AppleTalk volumes, try this on a Mac running OS X:
        Finder   ->   Go   ->   Connect to Server
      In the window that appears, set the server address to
        afp://fred/     where fred is the name of your Sun computer. Click on the Connect button. Fill in the name and password of the account you are using on the Sun, then click Connect again.
      This works for me on a PC running Debian, but not on a Sun running Solaris 10. If it works for you, you might want to install one of the "Zeroconf" programs, such as Bonjour or Avahi. I haven't tried these yet, so you're on your own!


What Some of the Programs Do.

See the man pages for further information. These programs require the AppleTalk daemon to be running in order to work.

Daemon Programs

Setting Up a Netatalk Share

Firstly, decide what you want to share.
The configuration file for this is /usr/local/etc/netatalk/AppleVolumes.default
This file is self-documenting to an extent, so you should read the comments if you want further information. For now, the line of interest is the only uncommented line. This line (the last one in the file) contains a single tilde ~ character, which means that when a user mounts a Unix volume he sees his home directory and all the files in it. Users can override this on an individual basis by creating either a .AppleVolumes or a AppleVolumes file (i.e. with or without a leading dot) in their home directory containing the name of the volume they wish to mount. So for example a user might create a .AppleVolumes file containing the single line
And then create a directory on the Unix host called AppleStuff. You can have multiple folders, each with its own entry on a separate line, if you want.

To do this on a system-wide basis, edit the system AppleVolumes.default default file instead, replacing the last line with ~/AppleStuff or some other name of your choosing.

Now see if you can connect from the Mac to the shared Unix volume.
When you attempt to use a shared volume, you double-click on the name of your Unix host in the list of available volumes in your AppleTalk zone. You should then see a popup window prompting for a Name and Password. Type in the name and password of a user on the Sun, then click on "Connect".
If you get a message "Sorry, the password you entered was incorrect, please reenter it" and you know you typed in the correct password, you might need to edit afpd.conf. Uncomment the last line, and remove , so that it looks like this

 - -transall -uamlist -nosavepassword
Then stop and restart netatalk...
/etc/rc2.d/S79atalk stop   then   /etc/rc2.d/S79atalk start
All this does is remove the Diffie-Hellman eXchange method from the list of available User Authentication Modules. This forces it to use the less secure method of transmitting passwords in the clear. You can see the available UAMs by listing the contents of the /usr/local/etc/netatalk/uams directory.

Try to mount the shared volume on the Macintosh again. If you succeed you will see the Unix directory you configured in the previous step.

If you share the Mac with other people you should unmount your AppleTalk volume before leaving the Mac. Under MacOS 9 this is nice and intuitive - you just drag your Netatalk icon to the trash. Under MacOS X the only way I've seen to do this is to log off from the Mac.

Printing from a Unix host to an AppleTalk printer

When a Unix host is running Netatalk it's pretty easy to get it to use pap to send print jobs to Appletalk printers.

First create a printer as usual, but setting its printer port to /dev/null. The printer type and file contents should both be set to PostScript. The Print Server should be set to the name of the computer running Netatalk. There are various scripts etc. to set up printers under Solaris. For Solaris 9 and earlier, I use admintool. For Solaris 10, use printmgr.

When you create a printer, a file named after the printer is created in /etc/lp/interfaces. So if you created a printer "fred", there will now be a file /etc/lp/interfaces/fred. Simply replace the contents of fred with the following.

# pap script for lp systems

chdir "/etc/lp/printers/`basename $0`"

if [ -r "$6" ]; then
    /usr/local/bin/pap "$6"
    exit $?

exit 2
If necessary, change /usr/local/bin to the directory where pap is installed.

You also need to create a .paprc file. This file tells pap the printer name and appletalk zone.
If you created a printer "fred", there will be a directory /etc/lp/printers/fred. Change to this directory and use an editor to create a   .paprc   containing the text:

Replace "fred" with your printer name, and "RSC" with your zone name.
LaserWriter is the default type (works for all printers) and the zone defaults to that of the local host, so this could be shortened to simply
If you don't know your printer's name, you can get a list of available printers with the command
nbplkup :LaserWriter
The printer fred should now be usable whenever Netatalk is running.

Printing from Macintoshes to a Printer Connected to a Unix Host

This is sort of the reverse of the previous section. There we were using pap to send print requests, here we are using papd (pap daemon) to receive print requests. This also isn't too hard, the only minor difficulty might be obtaining a suitable PPD file (see below).

First, you need to have a PostScript printer that works under Solaris. If you haven't already done so, set up a printer. It doesn't matter whether the printer is directly connected to the computer running Netatalk, or a remote printer. I prefer to use admintool for this (see previous section) but there are other methods. If you've just set up a printer, you'd better test it to make sure it works from within Solaris - after all, if it doesn't work from Solaris, there's no way it will work with netatalk. You could try printing one of the Postscript images in /usr/openwin/share/images/PostScript. For example if your printer is called fred, try

lp -d fred /usr/openwin/share/images/PostScript/

Now that you're sure the printer is working, the next step is to make netatalk use it. You do this by editing the papd.conf file (default location: /usr/local/etc/netatalk). To the end of this file add something similar to the following:

        :pr=|/usr/bin/lp -d fred:\
Here MacLaserjet is the printer name that Macintoshes will see, and fred is the name that the Unix host knows the printer by.

Notice the last line. It refers to a PostScript Printer Description (PPD) file. PPD files are text files that describe the printer's available features. You should try to obtain one suitable for the make and model of printer you are using. However we have been using the same PPD file with three different brands of printers without problem, so obtaining the exact PPD for your printer may not be critical. Once you have a PPD file, copy it to the location you gave in the :pd line of the papd.conf file (/usr/local/etc/ in the example above).
(Actually I don't know enough about how this works to say for sure whether the PPD file is even used. You might like to try leaving out the last line altogether and see what happens).

As mentioned in the papd.conf section of the CONFIGURE file in the doc directory of the netatalk distribution, PPD files are available from Adobe Inc, via anonymous ftp
      or   //pub/adobe/printerdrivers/win/all/ppdfiles)
  or from the printer's manufacturer.

If you have access to a Macintosh running MacOS X, there are a ton of PPD files in the /Library/Printers/PPDsContents/Resources/en.lproj directory.

When you've set up these files, you'll need to kill and restart papd.


Last revised 18 July 2006 -

Anyone, including people from the Netatalk project, is free to copy this and use all or part of it with or without attribution as part of their own documentation.