macOS 10.13 Beta 4 (17A315i): `diskutil apfs listCryptoUsers` command could be labeled more accurately as `diskutil apfs listCryptoKeys`
| Originator: | rtrouton | ||
| Number: | rdar://33610430 | Date Originated: | 29-Jul-2017 09:54 PM |
| Status: | Open | Resolved: | |
| Product: | macOS + SDK | Product Version: | 10.13 Beta 4 (17A315i) |
| Classification: | UI/Usability | Reproducible: | Always |
Summary:
The `listCryptoUsers` function lists both FileVault-enabled users accounts and recovery keys. I recommend that the function be renamed to reflect that it’s not just listing enabled users. Please see below for my suggested rename:
diskutil apfs listCryptoKeys
Steps to Reproduce:
1. Install macOS 10.14 Beta 4. build 17A315i
2. Convert boot drive to Apple File System (APFS) as part of OS installation
3. Turn on encryption on APFS boot drive and enable one user
4. Run the following command to check the list of enabled users:
diskutil apfs listCryptoUsers /dev/drive_id_number_here
Expected Results:
A list of only FileVault-enabled users
computername:~ username$ diskutil apfs listCryptoUsers disk1s1
Cryptographic users (1 found)
|
+-- 8B2A80E9-4223-4123-9178-32B43A69A46E
Type: Local Open Directory
computername:~ username$
Actual Results:
A list of FileVault-enabled users and the personal recovery key
computername:~ username$ diskutil apfs listCryptoUsers disk1s1
Cryptographic users (2 found)
|
+-- 8B2A80E9-4223-4123-9178-32B43A69A46E
| Type: Local Open Directory
|
+-- EBC6C064-0000-11AA-AA11-00306543ECAC
Type: Personal Recovery
computername:~ username$
Version:
10.13 Beta 4 (17A315i)
Notes:
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!