How to write to HFS+ through AFP/Netatalk without permission denied and cnid_metad error?

debian hfs+ afp netatalk

6,651

Solution 1

May it be something to do with the fact that all your mounts are read-only? All three volumes have the ro attribute in the mount table. Use the rw (read-write) option in the /etc/fstab file if you mount automatically, like so:

/dev/sXXX /media/usb/volume_name type hfsplus rw,nosuid,nodev,noexec,relatime,sync,umask=22,uid=0,gid=0,nls=utf8

Or, if you mount manually, use:

sudo mount /dev/XXX /media/usb/volume_name -t hfsplus -o rw,nosuid,nodev,noexec,relatime,sync,umask=22,uid=0,gid=0,nls=utf8

Solution 2

I have been beating head on wall with similar problem, the error message is exaclty the same: cnid_metad[]: volume "MyVolume" does not support Extended Attributes or read-only volume

Netatalk version used 3.1.8, but basically any 3.x produce the same message.

In my case I was sharing reiserfs file system and I have no need for extended attributes, this is only data access volume. So I wanted to clear error from daemon.log of my Debian linux system server, because its trashing the logs.

Solution is to disable extended attributes at all setting ea = none and fallback to older version of AppleDouble with appledouble = v2.

Put code to Volume section:

[MyVolume]
...
appledouble = v2
ea = none

6,651

Evils

Work in progress...

Updated on September 18, 2022

Comments

Evils almost 2 years

I spend the last 24 hours installing my debian server with all kind of packages. As this server runs in Mac OS X (10.8) Environment, my initial goal was to use this server as a TimeCapsule replacement.

Therefore I installed Netatalk 3.0.2 and avahi-daemon for zeroConfig and Time Machine support.

The harddrives attached to my server are HFS+ formatted with a GUID Partition scheme.

I did set up one volume with one folders for each Mac as TimeCapsule Volumes and added two unix user for them to access those drives and two additional drives as Data Drives. I changed the ownership of the TimeCapsule drives/folders by

chown -R userA:userA /media/usb/TimeCapsuleA
and
chown -R userB:userB /media/usb/TimeCapsuleB

My /etc/afp.conf looks like this

[Global]
hostname = TimeCapsule
log file = /var/log/netatalk.log
uam list = uams_guest.so, uams_dhx.so, uams_dhx2.so,
zeroconf = yes
save password = yes
mimic model = TimeCapsule6,106
log level = default:warn
log file = /var/log/netatalk.log
hosts allow = 192.168.178.0/24

[default_for_all_vol]


[TimeCapsuleA]
path = /media/usb/TimeCapsuleBackup/TimeCapsuleA/
time machine = yes
valid user = usera
invisible dots = yes
search db = yes
ea = auto
cnid scheme = dbd

[TimeCapsuleB]
path = /media/usb/TimeCapsuleBackup/TimeCapsuleB/
time machine = yes
valid user = userb
invisible dots = yes
search db = yes
ea = auto

[PogoPlug1]
path = /media/usb/PogoPlug1/
cnid scheme = dbd
ea = auto 
mac charset = MAC_ROMAN
invisible dots = yes
search db = yes
valid user = userA userB

[OSX-Exchange]
path = /media/usb/OSX-Exchange/
cnid scheme = dbd
ea = auto 
mac charset = MAC_ROMAN
invisible dots = yes
search db = yes
valid user = userA userB

My mount table

/etc/auto.misc on /media/usb type autofs (rw,relatime,fd=6,pgrp=1658,timeout=300,minproto=5,maxproto=5,indirect)
/dev/sdb2 on /media/usb/TimeCapsuleBackup type hfsplus (ro,nosuid,nodev,noexec,relatime,sync,umask=22,uid=0,gid=0,nls=utf8)
/dev/sdc2 on /media/usb/PogoPlug1 type hfsplus (ro,nosuid,nodev,noexec,relatime,sync,umask=22,uid=0,gid=0,nls=utf8)
/dev/sdd2 on /media/usb/OSX-Exchange type hfsplus (ro,nosuid,nodev,noexec,relatime,sync,umask=22,uid=0,gid=0,nls=utf8)

Permissions of /media/usb/

drwxrwxrwx 1 evils evils   20 Feb 27 01:24 OSX-Exchange
drwxrwxr-x 1 evils evils   18 Feb 27 01:19 PogoPlug1
drwxrwxr-x 1 root  root    12 Feb 27 01:00 TimeCapsuleBackup

All drives are mounted through autofs. UserA and UserB are both member of the group 0 and can write to all drive when trying to do this through the terminal.

Now when I try to access the TimeCapsuleA Volume as UserA through, I get full write access and I can use the volume as TimeMachine Backup Volume. But when I access OSX-Exchange or PogoPlug1 with the same user who's part of the group 0, I don't get any write access, what's really strange as I can write to the same disc with the same user through the terminal. When I change the ownership to exactly this user, I get write access again, but then only this particular user is able to write again and none of the others in the same gid or in the valid user parameter is able to write.

Now as I have several users who need to access those data drives, I need to find a way how to write to the same drive without changing the ownership each time the writing user changes.

My netatalk log file outputs this when starting netatalk:

Feb 27 00:59:08.422374 cnid_dbd[3314] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineFH" does not support Extended Attributes or read-only volume
Feb 27 00:59:08.423147 cnid_dbd[3314] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineNS" does not support Extended Attributes or read-only volume
Feb 27 00:59:08.423549 cnid_dbd[3314] {netatalk_conf.c:196} (W:AFPDaemon): volume "PogoPlug1" does not support Extended Attributes or read-only volume
Feb 27 00:59:08.423828 cnid_dbd[3314] {netatalk_conf.c:196} (W:AFPDaemon): volume "OSX-Exchange" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.658562 cnid_metad[3460] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineFH" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.659329 cnid_metad[3460] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineNS" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.659725 cnid_metad[3460] {netatalk_conf.c:196} (W:AFPDaemon): volume "PogoPlug1" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.660002 cnid_metad[3460] {netatalk_conf.c:196} (W:AFPDaemon): volume "OSX-Exchange" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.799875 afpd[3459] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineFH" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.800798 afpd[3459] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineNS" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.801209 afpd[3459] {netatalk_conf.c:196} (W:AFPDaemon): volume "PogoPlug1" does not support Extended Attributes or read-only volume
Feb 27 01:04:34.801534 afpd[3459] {netatalk_conf.c:196} (W:AFPDaemon): volume "OSX-Exchange" does not support Extended Attributes or read-only volume
Feb 27 01:04:53.508492 afpd[3464] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineFH" does not support Extended Attributes or read-only volume
Feb 27 01:04:53.508942 afpd[3464] {netatalk_conf.c:196} (W:AFPDaemon): volume "TimeMachineNS" does not support Extended Attributes or read-only volume
Feb 27 01:04:53.509239 afpd[3464] {netatalk_conf.c:196} (W:AFPDaemon): volume "PogoPlug1" does not support Extended Attributes or read-only volume
Feb 27 01:04:53.509531 afpd[3464] {netatalk_conf.c:196} (W:AFPDaemon): volume "OSX-Exchange" does not support Extended Attributes or read-only volume

Even though I have full write access when the ownership matches with the logged in user.

These are the errors I get when I try to create a new folder through AFP:

Feb 27 01:05:08.355873 afpd[3467] {ad_open.c:976} (E:Default): ad->ad_ops->ad_mkrf(ad_p) failed: Permission denied

Any help will be highly appreciated!

Evils over 11 years

You're right that it's ro mounted in this example, but this just happened mistakenly when I copy pasted the output for this question here. Normally (and especially when the error occured) all drives were mounted read write.
Peter Pablo over 6 years

This helped me to get going again on a Raspberry Pi, that has an external HDD attached, mounted with a NTFS and EXT4 partition. After applying your suggested change to afp.conf I could (again) create/rename/delete files. Beforehand I only had read-only access.