?

Log in

No account? Create an account
fun with filevault - Benjamin C. Wiley Sittler [entries|archive|friends|userinfo]
Benjamin C. Wiley Sittler

[ website | bsittler ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

fun with filevault [Jun. 24th, 2006|03:03 pm]
Benjamin C. Wiley Sittler

i've been using apple's filevault on mac os x 10.4 for a while now, but i've noticed in the last several months that space is not actually reclaimed after i delete files, even when i tell filevault to reclaim it (it asks on logout). so i found the command-line equivalents and got back 40% of my hard disk this morning.

to do this you must have access to an admin account and either it must be a different account from the one with the filevault in question, or you must enable the text-input feature on the login screen. to get started, log out of your session and type the special >console username to get a text-based login. log into your admin account on the text console and run the following commands. i'll assume the account with the filevault is called user. the usual disclaimers apply — it worked for me, but always back up everything before touching a filesystem repair tool!

first, repair any damage to the image. enter passwords as prompted and note where the Apple_HFS device is; i assume /dev/disk1s2.

$ sudo hdiutil attach -nomount -stdinpass ~user/user.sparseimage
$ sudo fsck_hfs -yf /dev/disk1s2
$ sudo hdiutil detach /dev/disk1s2

second, compact the image to reclaim unused space.

$ sudo hdiutil compact -stdinpass ~user/user.sparseimage

log out, cross fingers, and log in normally as user.

linkReply

Comments:
[User Picture]From: rubrick
2006-06-25 08:04 am (UTC)
Did you by any chance send a bug report to Apple? They'd appreciate knowing about a FileVault break that was that significant.
(Reply) (Thread)
[User Picture]From: bsittler
2006-06-26 04:59 am (UTC)
i'm guessing they are aware of the problem, since someone else has mentioned it in their forums already:

http://discussions.apple.com/message.jspa?messageID=2144090

i used that thread's fix, sans the graphical tools and external drive.
(Reply) (Parent) (Thread)
[User Picture]From: bsittler
2006-07-13 04:16 pm (UTC)
it looks like the filevault problem may be different from the one mentioned in their forums. is there any way to file a bug with apple without going through some complicated login process? i'd like to just give them the bug report, URL, and email address...
(Reply) (Parent) (Thread)
[User Picture]From: rubrick
2006-07-13 05:39 pm (UTC)
I'm not sure if there is; I don't think I've ever filed an Apple bug when not working at Apple, so I'm not really familiar with the process. If I knew someone on the FileVault team I'd put you in touch, but I don't think I do. I could file a bug myself, of course, but they'd probably lazily go back to me, rather than you, for further information.

Going through the login process is probably the best way to actually get the bug noticed (especially if it's a good, well-documented bug).
(Reply) (Parent) (Thread)
[User Picture]From: bsittler
2006-07-13 09:34 pm (UTC)
ok. it's not so well-documented since i still don't know what caused it. i still have to manually reclaim free space after i delete stuff -- the automagic reclaim-on-logout thingy gives me a rainbow wheel and then exits without reclaiming. still no idea why. :(

i think that i actually prefer the manual method in some ways (at least i can see error messages if something's broken!) so i'll not worry about getting this problem officially reported or fixed unless i learn more.
(Reply) (Parent) (Thread)
From: (Anonymous)
2006-07-08 07:01 pm (UTC)

HELP

I don't know if you can help but I have a serious problem with my spareimage. You seem to know few tricks about FileVault. Would you be able to help me? If so you can contact me on frankie.hnrg@mac.com

I'd be really grateful!
(Reply) (Thread)
From: (Anonymous)
2006-07-09 01:44 am (UTC)

Re: HELP

sure, i'll follow up via email and post here if i don't get a response
(Reply) (Parent) (Thread)
[User Picture]From: bsittler
2006-07-13 04:11 pm (UTC)

Re: HELP

(the follow-up was me, i forgot to log in)
(Reply) (Parent) (Thread)
[User Picture]From: bsittler
2006-07-13 09:42 pm (UTC)

Follow-up from email by Francesco Cerminara at 2006-07-13T10:08:00+07:00

I am happy to be named. If it happens to somebody else, I think I can help. As you did for me. Here is my full account of the events. Let me know if it makes sense. I am not an IT expert. You may want to edit it a bit. [I've not edited Francesco words as they're quite clear and readable.-bsittler]

I was logged out from my own account because of a fatal logical corruption that took place on my account's sparseimage. I used Disk Warrior 3 to run a first scan of the disk using the bootable CD it comes with. I transferred the encrypted home folder into another computer. And performed a clean reformat of the HD. After that I reinstalled every single piece of SW I had. I created a new admin account with a different name and password before adding the old account and passoword. On the new account I left FileVault off. On the new old account I switched it on. I then logged into the new old account once. That created a new sparseimage with the same account name I had before. I logged out. Logged into my new new account and using another computer connected to first one via firewire (press T at start up and the computer will be seeing by the other one as a target disk only) I re-installed the old sparseimage. What I had now was a good clean HD with a corrupted sparseimage. No use in logging back into the old account. The sparseimage was still corrupted. So I used Disk Warrior again to scan the entire HD. The sparseimage did not mount but I was able to see the Home folder after I had keyed in my original password (the same one for the new old account). That way I was able to have Disk Warrior constructing a recovered Home folder. However, after I ran Disk Warrior a second time, straight away after the first scan the sparseimage mounted and Disk Warrior was then able to reconstruct the entire directory. I was then able to log back into my original account and recovered pretty much everything I thought I had lost. To be on safe side I ran Data Rescue II on the HD and recovered files I had deleted years ago. An happy ending. One thing I have learnt is to back up RELIGIOUSLY. Backup from Apple is very good. But you can also use SYNK, more flexible and powerful and available for a small price.

Thanks so much again!

Amazing how people club together irrespective of their location (I am in London, UK) thanks to the internet.

[i absolutely agree with Francesco about backups, btw -bsittler]
(Reply) (Parent) (Thread)