1# This file looks empty when viewed with "vi". In fact, there is one 2# '~', so users with no AppleVolumes file in their home directory get 3# their home directory by default. 4 5# 6# volume format: 7# :DEFAULT: [all of the default options except volume name] 8# path [name] [casefold:x] [options:z,l,j] \ 9# [allow:a,@b,c,d] [deny:a,@b,c,d] [dbpath:path] [password:p] \ 10# [rwlist:a,@b,c,d] [rolist:a,@b,c,d] [limitsize:value in bytes] \ 11# [preexec:cmd] [root_preexec:cmd] [postexec:cmd] [root_postexec:cmd] \ 12# [allowed_hosts:IPv4 address[/IPv4 netmask bits]] \ 13# [denied_hosts:IPv4 address[/IPv4 netmask bits]] \ 14# ... more, see below ... 15# 16# name: volume name. it can't include the ':' character 17# 18 19# 20# variable substitutions: 21# you can use variables for both <path> and <name> now. here are the 22# rules: 23# 1) if you specify an unknown variable, it will not get converted. 24# 2) if you specify a known variable, but that variable doesn't have 25# a value, it will get ignored. 26# 27# the variables: 28# $b -> basename of path 29# $c -> client's ip or appletalk address 30# $d -> volume pathname on server 31# $f -> full name (whatever's in the gecos field) 32# $g -> group 33# $h -> hostname 34# $i -> client ip without tcp port or appletalk network 35# $s -> server name (can be the hostname) 36# $u -> username (if guest, it's whatever user guest is running as) 37# $v -> volume name (either ADEID_NAME or basename of path) 38# $z -> zone (may not exist) 39# $$ -> $ 40# 41 42# 43# casefold options [syntax: casefold:option]: 44# tolower -> lowercases names in both directions 45# toupper -> uppercases names in both directions 46# xlatelower -> client sees lowercase, server sees uppercase 47# xlateupper -> client sees uppercase, server sees lowercase 48# 49# allow/deny/rwlist/rolist format [syntax: allow:user1,@group]: 50# user1,@group,user2 -> allows/denies access from listed users/groups 51# rwlist/rolist control whether or not the 52# volume is ro for those users. 53# allowed_hosts -> Only listed hosts and networks are allowed, 54# all others are rejected. Example: 55# allowed_hosts:10.1.0.0/16,10.2.1.100 56# denied_hosts -> Listed hosts and nets are rejected, 57# all others are allowed. Example: 58# denied_hosts: 192.168.100/24,10.1.1.1 59# preexec -> command to be run when the volume is mounted, 60# ignore for user defined volumes 61# root_preexec -> command to be run as root when the volume is mounted, 62# ignore for user defined volumes 63# postexec -> command to be run when the volume is closed, 64# ignore for user defined volumes 65# root_postexec -> command to be run as root when the volume is closed, 66# ignore for user defined volumes 67# veto -> hide files and directories,where the path matches 68# one of the "/" delimited vetoed names. Matches are 69# partial, e.g. path is /abc/def/file and veto:/abc/ 70# will hide the file. 71# adouble -> specify the format of the metadata files. 72# default is "v2". netatalk 1.x used "v1". 73# "osx" cannot be treated normally any longer. 74# volsizelimit -> size in MiB. Useful for TimeMachine: limits the 75# reported volume size, thus preventing TM from using 76# the whole real disk space for backup. 77# Example: "volsizelimit:1000" would limit the 78# reported disk space to 1 GB. 79 80 81# 82# codepage options [syntax: options:charsetname] 83# volcharset -> specifies the charset to be used 84# as the volume codepage 85# e.g. "UTF8", "UTF8-MAC", "ISO-8859-15" 86# maccharset -> specifies the charset to be used 87# as the mac client codepage 88# e.g. "MAC_ROMAN", "MAC_CYRILLIC" 89# 90# perm -> default permission value 91# OR with the client requested perm 92# Use with options:upriv 93# dperm -> default permission value for directories 94# OR with the client requested perm 95# Use with options:upriv 96# fperm -> default permission value for files 97# OR with the client requested perm 98# Use with options:upriv 99# umask -> set perm mask 100# Use with options:upriv 101# dbpath:path -> store the database stuff in the following path. 102# cnidserver:server[:port] 103# -> Query this servername or IP address 104# (default:localhost) and port (default: 4700) 105# for CNIDs. Only used with CNID backend "dbd". 106# This option here overrides any setting from 107# afpd.conf:cnidserver. 108# password:password -> set a volume password (8 characters max) 109# cnidscheme:scheme -> set the cnid scheme for the volume, 110# default is [:DEFAULT_CNID_SCHEME:] 111# available schemes: [:COMPILED_BACKENDS:] 112# ea -> none|auto|sys|ad 113# Specify how Extended Attributes are stores. default 114# is auto. 115# auto: try "sys" (by setting an EA on the shared 116# directory itself), fallback to "ad". Requires 117# writable volume for performing the test. 118# Note: options:ro overwrites "auto" with "none." 119# sys: Use filesystem EAs 120# ad: Use files in AppleDouble directories 121# none: No EA support 122# 123 124# 125# miscellaneous options [syntax: options:option1,option2]: 126# tm -> enable TimeMachine support 127# prodos -> make compatible with appleII clients. 128# crlf -> enable crlf translation for TEXT files. 129# noadouble -> don't create .AppleDouble unless a resource 130# fork needs to be created. 131# ro -> mount the volume as read-only. 132# mswindows -> enforce filename restrictions imposed by MS 133# Windows. this will also invoke a default 134# codepage (iso8859-1) if one isn't already 135# specified. 136# nohex -> don't do :hex translations for anything 137# except dot files. specify usedots as well if 138# you want that turned off. note: this option 139# makes the / character illegal. 140# usedots -> don't do :hex translation for dot files. note: when 141# this option gets set, certain file names 142# become illegal. these are .Parent and 143# anything that starts with .Apple. 144# invisibledots -> don't do :hex translation for dot files. note: when 145# this option gets set, certain file names 146# become illegal. these are .Parent and 147# anything that starts with .Apple. also, dot 148# files created on the unix side are marked invisible. 149# limitsize -> limit disk size reporting to 2GB. this is 150# here for older macintoshes using newer 151# appleshare clients. yucko. 152# nofileid -> don't advertise createfileid, resolveid, deleteid 153# calls 154# root_preexec_close -> a non-zero return code from root_preexec close the 155# volume being mounted. 156# preexec_close -> a non-zero return code from preexec close the 157# volume being mounted. 158# nostat -> don't stat volume path when enumerating volumes list 159# upriv -> use unix privilege. 160# illegalseq -> encode illegal sequence in filename asis, 161# ex "\217-", which is not a valid SHIFT-JIS char, 162# is encoded as U\217 - 163# nocnidcache -> Don't store and read CNID to/from AppleDouble file. 164# This should not be used as it also prevents a CNID 165# database rebuild with `dbd`! 166# caseinsensitive -> The underlying FS is case insensitive (only 167# test with JFS in OS2 mode) 168# dropbox -> Allows a volume to be declared as being a "dropbox." 169# Note that netatalk must be compiled with dropkludge 170# support for this to function. Warning: This option 171# is deprecated and might not work as expected. 172# dropkludge -> same as "dropbox" 173# nodev -> always use 0 for device number, helps when the 174# device number is not constant across a reboot, 175# cluster, ... 176# 177 178# The line below sets some DEFAULT, starting with Netatalk 2.1. 179:DEFAULT: options:upriv,usedots 180 181# The "~" below indicates that Home directories are visible by default. 182# If you do not wish to have people accessing their Home directories, 183# please put a pound sign in front of the tilde or delete it. 184~ 185 186# End of File 187