Expanding your DIY Time Capsule with multiple logins

This is a more advanced configuration of my previous guide to create a Linux based Time Capsule. It’s not hard, but it’s not needed for most people.

Why multiple logins to the same Time Capsule?

Normally at home, you don’t mind your backup being exposed to family members, but at some situations, like at an office, you would want the backups to be separate from each other with separate logins. Or else User A can easily get access to User B’s files.

“What?!!” Yup, you can in your home restore a mac from another family members backup, and if you know your way around terminal etc, you can easily break the password, and get access to every file on that computer.

Also with multiple logins, you can assign quotas for the different users, so that one user won’t fill up the common Time Capsule device.

How to create separate logins

I called it an advanced configuration, but it’s fairly simple. You will need a separate login per user, and create a password. Log back in to the Linux shell, either through VirtualBox or SSH in terminal.

Log in with sudo su to get root access:

sudo su

Create a new user:

useradd tmuser1

Add password

passwd tmuser1

(Write password)

You have now created a user “tmuser1” which has the password you just typed in. Of course you can create any username you like.

Next a directory for backup is needed. We will use the same parent directory as earlier.

cd /mnt/TimeCapsuleData/

Create a directory for the user, preferably with the same name, and give the user ownership of the directory.

mkdir tmuser1
chown -R tmuser1:tmuser1 tmuser1

The chown line explained:

Chown = Change ownership
-R = Recursive (subfolders)

tmuser1:tmuser1 tmuser1 = user:usergroup directory.

Now you have created a user with a password, and a Time Capsule directory for that user with correct permissions. The only thing remaining is to make it available for the user.

nano /etc/netatalk/AppleVolumes.default

Scroll down to the bottom using Ctrl+V.

If you followed my last guide, you should have one line between the disabled “Home Directory” entry, and “End of file”.
Create a new line after the other one, write:

/mnt/TimeCapsuleData/tmuser1 "TmUser1" cnidscheme:dbd options:usedots,upriv,tm volsizelimit:512000 allow:tmuser1

This will create a AFP share on the tmuser1 directory we just created, and will have the name TmUser1, ready for Time Machine and will allow the user tmuser1 to backup up to 512GB. Do this for every user.

After this you should either restart the netatalk service, or reboot the server, and you are ready to choose the share on Time Machine on the user’s Mac. You will have one “drive” available for each added user listed, and they need the username and password to connect. Don’t worry, you will not get a share for each user in Finder, only one “TimeCapsule” will be listed.

To restart netatalk service:

service netatalk restart

To restart the server:

reboot now

I currently have 20 users running, and it is working great!

Please comment if you have any questions.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s