About OS X Lion NAS Time Machine compatibility, Netatalk & GPL violations

While many NAS-vendors like QNAP updated their products to ensure compatibility with AFP-shares in OS X Lion 10.7, things look different when it comes to Time Machine support. Most NAS-vendors still use an older version of Netatalk which supports AFP-shares in Lion (at least when using the DHX2 authentication module) but not the new Time Machine features introduced in AFP 3.3 like “Replay Cache”.

In order to ensure compatibility with OS X Lion’s Time Machine, NAS-vendors will have to use the latest Netatalk v2.2. Users trying to connect to a NAS-based Time Machine volume using an older Netatalk version are greeted with this error message:

The network backup disk does not support the required AFP features

Now, here’s the catch: the current Netatalk maintainer NetAFP.com decided to make this important release closed source, only releasing it to customers who are paying for commercial support (looks like you’re lucky if you own a Netgear or Drobo NAS!). With this move the maintainer deliberately grossly violates the GPL license which Netatalk is based upon in order to blackmail NAS-vendors into paying for commercial support. Make sure to check out Matthew Keller’s insightful response to NetAFP’s new closed source strategy. While both sides have their points I agree with Matthew that violating the GPL in order to earn money doesn’t sound like a solid business model.

Since NAS-vendors who advertise Time Machine compatibility in their products are in a locked-in situation, they only have two choices:

  1. Fork the last available Netatalk version and continue the development on their own (or better: form an alliance between NAS-vendors to advance development of Netatalk)
  2. Pay the current maintainer for commercial support and in turn get access to GPL-based software

I just hope things get sorted out quickly so we can all continue to use Time Machine backups using our Linux-based NAS’ with OS X Lion.

AFP broken for Linux-based NAS in Mac OS X Lion 10.7

AFP network connections to many Linux-based NAS units aren’t working in Mac OS X Lion 10.7 developer preview. After hitting the connect button a message pops up saying:

The version of the server you are trying to connect to is not supported. Please contact your system administrator to resolve the problem.

The Time Machine backup feature present in many NAS obviously isn’t working as well because it’s based on AFP too.

You may say that this is a developer preview, things will change for the final release. That’s obviously true. But my source also says that this connection problem most likely has to do with Apple discontinuing support for DHCAST128 (or DHX) authentication in Lion because it was considered insecure. Instead, the successor of DHCAST128 should be used: the more secure DHX2 user authentication module. DHX2 is supported since Mac OS X 10.2 and supports up to 256 characters for passwords (hell yeah, that should be enough). It relies on CAST-128 in cipher block chaining mode for encryption.

I checked my QNAP NAS for available afpd/netatalk UAMs and DHX2 isn’t present, so it most likely wouldn’t work with Lion. Well, if it weren’t for Time Machine, I could always resort to SMB.

[/usr/local/etc/netatalk/uams] # ls -la
drwxr-xr-x      1024 Jan 31 23:08 ./
drwxr-xr-x      1024 Feb 25 20:14 ../
lrwxrwxrwx        14 Feb 25  2011 uams_clrtxt.so -> uams_passwd.so*
lrwxrwxrwx        18 Feb 25  2011 uams_dhx.so -> uams_dhx_passwd.so*
-rwxr-xr-x     10959 Jan 31 23:08 uams_dhx_passwd.so*
-rwxr-xr-x      5304 Jan 31 23:08 uams_guest.so*
-rwxr-xr-x      6996 Jan 31 23:08 uams_passwd.so*

AFP authentication might work if a uams_dhx_2_passwd.so authentication module was present and configured. It may not be a bad idea to raise this issue with your NAS vendor if you plan to use Lion in the near future.

Rumor has it that some NAS vendors intentionally disable DHX2 in netatalk because it’s a lot more CPU intensive. This could lead to longer login times when accessing AFP shares on NAS’ units with slow CPUs.

Update 2-26-2011: It has been verified that Lion is able to connect to a Linux host running netatalk 2.1.2 supporting the DHX2 UAM in afpd.

Update 7-15-2011: Check out this post for a status update on Time Machine support in OS X Lion 10.7.

How to auto backup a Gmail account to a QNAP NAS

It’s pretty straightforward to (incrementally) backup all emails in a Gmail account to a QNAP NAS. There’s a QNAP NAS solution using Getmail but it comes with some limitations. I prefer to use Gmail-Backup. It doesn’t need any configuration files and it doesn’t have a 100 messages per session limit. It stores all mails in the .eml format, which not only works on Windows PCs but is compatible with Apple Mail as well. You can even restore deleted emails using Gmail-Backup from the NAS back to a Gmail account.

Here’s how I installed Gmail-Backup on my QNAP TS-439 PRO II+. This tutorial should work with all Intel-based QNAP TS-* models but obviously I only have the 439 to test with. I’m looking forward for your feedback if it works on your QNAP NAS model as well. Please make sure you enabled IMAP in your Gmail account settings. Gmail-Backup works for “Gmail for your domain” (it’s part of “Google Apps” now) accounts as well.

The tutorial is divided into three parts. The first part shows how to install the Optware QPKG on the NAS. This package installer is needed in order to (easily) install Python on the NAS. The 2nd part deals with the installation of Gmail-Backup and the third shows how to automate the backup using cron. It probably is helpful to have some command line skills. Continue reading

Waking up a NAS from Mac OS X at boot time using Wake-on-LAN (WOL)

Please see this post for a more recent version which works in OS X 10.11 El Capitan and newer.

Do you own a Wake-on-LAN (WOL) capable NAS (network attached storage) unit? Is your computer a Mac? Want to save on your energy bill?

The consumer NAS units you can buy these days are actually small Linux computers with a software RAID and a bunch of S-ATA hard drives inside. Depending on the make and model, some NAS units consume a considerable amount of energy even in standby mode. For instance, my QNAP NAS still consumes around 25W after all disks spun down. However, once I shut my NAS down, it only consumes 1W in deep sleep mode. It just keeps its network adapter barely alive so it’s able to “hear” a Wake-on-LAN signal.

Continue reading