jridgewell
commented
7 years ago It's been a few years since I upgraded my mac, and don't use this anymore. I don't know what's required to support AFPS.
I'd be happy to accept a PR.
Open paviro opened 7 years ago
jridgewell
commented
7 years ago It's been a few years since I upgraded my mac, and don't use this anymore. I don't know what's required to support AFPS.
I'd be happy to accept a PR.
BrianAker
commented
7 years ago What do you use? Or have you found a method that allows you to bypass the need for this?
I have an alternative method where by I boot into one account and from there mount drives before launching into my own account, but that is a bit cumbersome.
On Aug 23, 2017, at 00:10, Justin Ridgewell notifications@github.com wrote:
It's been a few years since I upgraded my mac, and don't use this anymore. I don't know what's required to support AFPS.
I'd be happy to accept a PR.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
paviro
commented
7 years ago I switched to using a fusion drive got now :)
Am 23.08.2017 um 13:36 schrieb Brian Aker notifications@github.com:
What do you use? Or have you found a method that allows you to bypass the need for this?
I have an alternative method where by I boot into one account and from there mount drives before launching into my own account, but that is a bit cumbersome.
On Aug 23, 2017, at 00:10, Justin Ridgewell notifications@github.com wrote:
It's been a few years since I upgraded my mac, and don't use this anymore. I don't know what's required to support AFPS.
I'd be happy to accept a PR.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
jridgewell
commented
7 years ago I upgraded to a new macbook without a cd drive, so I don't have a second hard drive anymore. Are you using AFPS?
paviro
commented
7 years ago Yes that’s the main reason the old script does no longer work.
Am 23.08.2017 um 19:25 schrieb Justin Ridgewell notifications@github.com:
I upgraded to a new macbook without a cd drive, so I don't have a second hard drive anymore. Are you using AFPS?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
jridgewell
commented
7 years ago Do you mean the install script? Or is it the unlock commands?
paviro
commented
7 years ago I think both. It does not find any drives anymore on install and I think you no longer use core storage commands for mounting and unlocking but haven’t checked in detail.
Am 23.08.2017 um 19:25 schrieb Justin Ridgewell notifications@github.com:
I upgraded to a new macbook without a cd drive, so I don't have a second hard drive anymore. Are you using AFPS?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
jridgewell
commented
7 years ago That's probably because of my horrible bash scripting. Can you give the output of
diskutil cs info `mount | grep " / " | cut -d " " -f 1`Will do when I am at home. If it is the command from the installer without changes I can already give you the output: nothing :)
Am 23.08.2017 um 19:58 schrieb Justin Ridgewell notifications@github.com:
That's probably because of my horrible bash scripting. Can you give the output of
diskutil cs info
mount | grep " / " | cut -d " " -f 1— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
jridgewell
commented
7 years ago This is just one of the commands the installer runs, I'm trying to figure out what changed in the text we try to parse.
paviro
commented
7 years ago Will do tonight :)
Am 23.08.2017 um 19:58 schrieb Justin Ridgewell notifications@github.com:
That's probably because of my horrible bash scripting. Can you give the output of
diskutil cs info
mount | grep " / " | cut -d " " -f 1— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
ressl
commented
7 years ago Apfs has changed a lot.
diskutil cs info `mount | grep " / " | cut -d " " -f 1`
/dev/disk1s1 is not a CoreStorage diskdiskutil apfs
Usage: diskutil [quiet] ap[fs] <verb> <options>
where <verb> is as follows:
list (Show status of all current APFS Containers)
convert (Nondestructively convert from HFS to APFS)
create (Create a new APFS Container with one APFS Volume)
createContainer (Create a new empty APFS Container)
deleteContainer (Delete an APFS Container and reformat disks to HFS)
resizeContainer (Resize an APFS Container and its disk space usage)
addVolume (Export a new APFS Volume from an APFS Container)
deleteVolume (Remove an APFS Volume from its APFS Container)
eraseVolume (Erase contents of, but keep, an APFS Volume)
changeVolumeRole (Change the Role metadata bits of an APFS Volume)
unlockVolume (Unlock an encrypted APFS Volume which is locked)
lockVolume (Lock an encrypted APFS Volume (diskutil unmount))
listCryptoUsers (List cryptographic users of encrypted APFS Volume)
changePassphrase (Change the passphrase of a cryptographic user)
setPassphraseHint (Set or clear passphrase hint of a cryptographic user)
encryptVolume (Start async encryption of an unencrypted APFS Volume)
decryptVolume (Start async decryption of an encrypted APFS Volume)
updatePreboot (Update the APFS Volume's related APFS Preboot Volume)
diskutil apfs <verb> with no options will provide help on that verbdiskutil apfs list
APFS Container (1 found)
|
+-- Container disk1 DCD081F1-B6B7-4EE8-B750-F69252F2F822
====================================================
APFS Container Reference: disk1
Capacity Ceiling (Size): 999590961152 B (999.6 GB)
Capacity In Use By Volumes: 431271096320 B (431.3 GB) (43.1% used)
Capacity Available: 568319864832 B (568.3 GB) (56.9% free)
|
+-< Physical Store disk0s2 9CE096C6-D65F-4FBC-8FEE-9E987D76284E
| -----------------------------------------------------------
| APFS Physical Store Disk: disk0s2
| Size: 999590961152 B (999.6 GB)
|
+-> Volume disk1s1 8D4E430C-8810-37E7-9625-94DC5F634411
| ---------------------------------------------------
| APFS Volume Disk (Role): disk1s1 (No specific role)
| Name: Macintosh HD (Case-insensitive)
| Mount Point: /
| Capacity Consumed: 428373557248 B (428.4 GB)
| Encrypted: Yes (Unlocked)
|
+-> Volume disk1s2 9FC6CF2D-ACD7-4362-A8E6-76208117CA83
| ---------------------------------------------------
| APFS Volume Disk (Role): disk1s2 (Preboot)
| Name: Preboot (Case-insensitive)
| Mount Point: Not Mounted
| Capacity Consumed: 22331392 B (22.3 MB)
| Encrypted: No
|
+-> Volume disk1s3 F8C3B80B-59E3-48B1-8197-C6E7C106E252
| ---------------------------------------------------
| APFS Volume Disk (Role): disk1s3 (Recovery)
| Name: Recovery (Case-insensitive)
| Mount Point: Not Mounted
| Capacity Consumed: 519995392 B (520.0 MB)
| Encrypted: No
|
+-> Volume disk1s4 B24BC1A6-BE7D-447C-859D-50690FFA60B4
---------------------------------------------------
APFS Volume Disk (Role): disk1s4 (VM)
Name: VM (Case-insensitive)
Mount Point: /private/var/vm
Capacity Consumed: 2147504128 B (2.1 GB)
Encrypted: No
Taffjones
commented
7 years ago Hi,
I've made some modifications to the code that should allow this to work with APFS. It works when I run from terminal EXCEPT I'm asked to re-authorize halfway through execution and it doesn't work at all during startup (password is not found). I think it's an Apple issue in the SecItem calls as discussed here ...
https://forums.developer.apple.com/thread/88888 https://forums.developer.apple.com/thread/87095
So, it seems to be blocked until Apple fix this. I'm on 10.13.2 Beta (17C60c) btw, and can't validate against other versions.
Simon
ressl
commented
7 years ago @Taffjones That sounds very good. :-) Can you publish your changes?
Taffjones
commented
7 years ago Ok, but the install script isn’t updated yet (I modified the keychain entry manually) and the Apple bug is a blocker... I’ll have some time to work a bit more on Monday.
Simon
tldr;
For the record, the unlock command is the same for both file systems except one has apfs and the other has cs in the middle. My logic is to store the fs type in the comment field of the keychain entry so the couple of lines of code I’ve added to the executable can plug it into the right part of the command.
Taffjones
commented
7 years ago Looks like I don't have push access (probably a good thing to be honest)!
I've attached the files I've changed in this zip - @jridgewell maybe you can incorporate them for me.
NOTE - This still needs the Apple keychain bug fix before it'll work
juanjonol
commented
6 years ago In case this helps anyone, my fork of Unlock supports APFS. Keep in mind that I haven't tested it yet as well as I would like and that you need to install Python 3.
galaxy4public
commented
5 years ago I don't mean to hijack the thread, but for APFS I created a pure bash-based solution to unlock encrypted volumes at startup, see https://github.com/openwall-com-au/BootUnlock (the project can create a package even without any development tools installed, or you can use the released package over there) :)
dmedina2015
commented
3 years ago Absolutely great job @jridgewell for CS and @galaxy4public for APFS. Just moved my home folder to an SD Card and was struggling with this lack of MacOS feature. Just thank you!
Any plans for AFPS support? :)