There are two Mac OSX boxes in my household. I used a different mount point for each OSX Mavericks computer on separate RAID 1 volumes, though I could have used LVM mount points to allow the backup to “grow” nicely.
The newer releases of OS X requires Netatalk 2.2.x+. Mac OS X 10.9 “Mavericks” works great with the version of netatalk shipped with Debian 7.0 (Wheezy), the topic of this guide.
Run the following commands:
aptitude update aptitude install netatalk avahi-daemon avahi-utils
Setting up Netatalk
Let’s do some configs…
Change your /etc/netatalk/AppleVolumes.default file to export the Time Machine volume. At the end of the file you’ll find a line that reads:
~/ "Home Directory"
Comment out this line by adding a “#”, since we’ll later create a time machine user that will not have a home directory, and this may cause you to encounter an error.
#~/ "Home Directory"
Then add another line below it:
/opt/timemachine "Time Machine" options:usedots,upriv,tm
- /opt/timemachine is your backup folder.
- “Time Machine” is the label to identify the Time Machine volume.
The rest of the line contains various parameters to allow the Mac to “play nice” with this server as a Time Machine target. It’s important to add the options:tm at the end of the line so that Netatalk enables various special options for Time Machine. You can also add fancy options to restrict access to users logging in with specified accounts.
The next config file is /etc/netatalk/afpd.conf. Comment the last line like this:
# - -tcp -noddp -uamlist uams_dhx.so,uams_dhx2.so -nosavepassword
…and add this:
- -tcp -noddp -uamlist uams_guest.so,uams_dhx.so,uams_dhx2.so
I am not sure if this command is actually needed for it to work, but it worked.
Restart netatalk for the new configuration to take effect:
sudo service netatalk restart
For an additional layer of security I decided to create a dedicated user account that will only have access to the write to the backup folder. Time Machine will ask for this information on initial setup.
sudo useradd -s /bin/false timemachine sudo passwd timemachine sudo chown -R timemachine:timemachine /opt/timemachine
This takes care of the server side.
Now configure your OS X installation so it sees unsigned time machine volumes. Open the terminal app and execute the following command:
defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1