"fdesetup add " fails when using a recoverykey instead of a user/password combination
| Originator: | armin.praher | ||
| Number: | rdar://33262770 | Date Originated: | July 12 2017, 2:58 PM |
| Status: | Open | Resolved: | |
| Product: | macOS | Product Version: | 10.13 Beta 3 |
| Classification: | Bug | Reproducible: | Always |
Summary: Trying to add a user to FileVault2 using 'fdesetup add' exits with 17 and fails when using RecoveryKey as a user and the recoverykey as password. Steps to Reproduce: Enable FV2 with fdesetup enable Create a new user with system preferences Delete the newly added user from FV2 with fdesetup remove -user newuser Create an inputplist where the authorizing user is RecoveryKey and the password the recoverykey as returned by fdesetup enable cat input.plist | fdesetup add -inputplist -verbose Expected Results: The user foo from the attached plist is added to filevault2 Observed Results: The command fails and returns 17 cat input.plist | fdesetup add -inputplist -verbose fdesetup: auth info dictionary path = stdin fdesetup: device path = / OD user 'admin' could not be authenticated. Adding user 'foo' to existing FileVault Error: user could not be added (-69578). Error: Unable to add one or more users to FileVault. Version: macOS 10.13 Beta3 / Build 17A306f Notes: The same behaviour is seen when not using an inputplist but the interactive mode with the recoverykey instead of the password Attached is the plist I used Configuration: Systemdisk is formatted with APFS
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!