fguisso
commented
5 years ago Why not to use tmutil disable?
Open mirkoschubert opened 5 years ago
fguisso
commented
5 years ago Why not to use tmutil disable?
mirkoschubert
commented
5 years ago @fguisso
tmutil disable disables the whole automatic backup, not just the local snapshots. 😏
tedhagos
commented
5 years ago Read from somewhere;
To disable local snapshots sudo tmutil disablelocal
To enable it again sudo tmutil enablelocal
mirkoschubert
commented
5 years ago @tedhagos As I mentioned above: The verb disablelocal was removed from tmutil in High Sierra and has never shown up again. 😄
tedhagos
commented
5 years ago @mirkoschubert. Sorry, I just pasted it straight from my nvALT without testing it; just tested in in Mojave now; it's (still) not there
JayBrown
commented
5 years ago You need to (1) list all snapshots (or rather their dates), and then (2) delete them… and do that on a regular basis, i.e. with a LaunchDaemon.
This is important, because TM snapshots are (for all intents and purposes) public, i.e. with the right forensic software and your Mac slaved in target disk mode, an atttacker can grab the contents of your snapshots including extended attributes, even with T2-encryption at rest.
I'm boggled that Apple thought removing tmutil disablelocal was a good idea, while leaving users' data open like this.
The option in
.macosto disable local snapshots (time machine) is redundant, becausetmutildoes not have the optiondisablelocalanymore. As far as I know this applies to Sierra and High Sierra.There is no substitute for this functionality, so the option should be deleted. All you can do is check if any local snapshot is stored (
tmutil listlocalsnapshots /) and delete then one by one if necessary (tmutil deletelocalsnapshots [date]).