macOS 10.13 Beta 4 (17A315i): `diskutil apfs listCryptoUsers` command could be labeled more accurately as `diskutil apfs listCryptoKeys`
Originator: | rtrouton | ||
Number: | rdar://33610430 | Date Originated: | 29-Jul-2017 09:54 PM |
Status: | Open | Resolved: | |
Product: | macOS + SDK | Product Version: | 10.13 Beta 4 (17A315i) |
Classification: | UI/Usability | Reproducible: | Always |
Summary: The `listCryptoUsers` function lists both FileVault-enabled users accounts and recovery keys. I recommend that the function be renamed to reflect that it’s not just listing enabled users. Please see below for my suggested rename: diskutil apfs listCryptoKeys Steps to Reproduce: 1. Install macOS 10.14 Beta 4. build 17A315i 2. Convert boot drive to Apple File System (APFS) as part of OS installation 3. Turn on encryption on APFS boot drive and enable one user 4. Run the following command to check the list of enabled users: diskutil apfs listCryptoUsers /dev/drive_id_number_here Expected Results: A list of only FileVault-enabled users computername:~ username$ diskutil apfs listCryptoUsers disk1s1 Cryptographic users (1 found) | +-- 8B2A80E9-4223-4123-9178-32B43A69A46E Type: Local Open Directory computername:~ username$ Actual Results: A list of FileVault-enabled users and the personal recovery key computername:~ username$ diskutil apfs listCryptoUsers disk1s1 Cryptographic users (2 found) | +-- 8B2A80E9-4223-4123-9178-32B43A69A46E | Type: Local Open Directory | +-- EBC6C064-0000-11AA-AA11-00306543ECAC Type: Personal Recovery computername:~ username$ Version: 10.13 Beta 4 (17A315i) Notes:
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!