Section 11.7. File Sharing Services

Mac OS X's native file-sharing method is the Apple Filing Protocol (AFP) . As with related technologies such as SMB and NFS, it lets users of other computers (often, but not necessarily , other Macs) mount volumes of your local filesystem onto their own.

Both the command-line and GUI interfaces for administering AFP are very simple. To turn on AFP, activate the Personal File Sharing checkbox in the Sharing preference pane's Services tab. This simply launches the AppleFileServer daemon (which resides in /usr/sbin ). AppleFileServer takes no arguments; it makes all your machine's volumes and User folders available for mounting on other computers. The program stores its configuration information (including the location of log files, whether it allows Guest access, and so on) in the /Library/Preferences/com.apple.AppleFileServer. plist file.

Toggling this checkbox in the Sharing pane also modifies the AFPSERVER line in /etc/hostconfig , read by the startup script /System/Library /StartupItems/AppleShare/AppleShare (see the next section).

The AFP server handles user authentication through Directory Services, in most cases referring to NetInfo for the list of volumes it's allowed to provide to the requesting user. This list, of course, varies depending on the type of account that user has on the server.

Users with no accounts can log in as Guest and are allowed only to mount the Public directories (as defined by the sharedDir property of each user's NetInfo record) within each home directory on the server. Once the volume is mounted, its permission system applies just as if that same user were logged into the machine and accessing the filesystem directly. Therefore, guest users can copy items from Public and add items to /Public/Drop Box , as those items' Unix permissions dictate .

Users with Standard accounts on the server can also access the Public folders of the other user accounts, and additionally have access to their own entire home directories. Users with Admin accounts can choose to mount not only their own entire home directory but also any physical partition or mounted volume on the server.

You can specify additional share points by adding a SharePoints subdirectory to the /config directory in NetInfo and for each share point creating a subdirectory to it with these properties:

Name

Label for the NetInfo subdirectory.

afp_name

Label to identify the share point on the network.

directory_path

Absolute path to the local directory to be shared.

afp_shared

Use a value of 1 to turn on sharing for the share point or to turn it off.

afp_use_parent_owner

Switches whether items added to the shared directory should inherit their owner and group properties from the parent directory (use a value of 1 ) or maintain the default behavior of inheriting ownership from the user (use a value of ).

afp_use_parent_privs

Switches whether items added to the shared directory should inherit their permissions from the parent directory (use a value of 1 ), or maintain the default behavior of giving read/write permissions to the owner and read-only permissions to everyone else (use a value of ).

You can allow or disallow guest access to the share point by adjusting those permissions locally on the shared directory. Stop and restart Personal File Sharing once you've configured the share point to make it available. Note that Admin users will not see these share points listed when connecting since they already can access all directories on the server.

If you prefer the convenience of an all-in-one GUI application, the donation-ware utility SharePoints (http://www.hornware.com/sharepoints) makes adding share points quick and easy.