fdesetup changes in macOS 10.13 (17A360a): Exit Code 136

Originator:dksnelson
Number:rdar://34371492 Date Originated:09/11/2017
Status:New Resolved:
Product:macOS + SDK Product Version:macOS 10.13 Beta (17A360a)
Classification:Security Reproducible:Always
 
Area:
Terminal

Summary:

While testing a custom Bash script to re-issue a personal FileVault Recovery Key with macOS 10.13 (17A360a) and an APFS-formatted drive, we’re receiving an Exit Code of 136, which is NOT listed in the man page for fdesetup.

We’re seeing the following errors in the logs:

Unloading FDERecoveryAgent...
/System/Library/LaunchDaemons/com.apple.security.FDERecoveryAgent.plist: Could not find specified service

Error: Unable to change key.
2017-09-11 08:19:30  FAILED: FileVault Configuration Tool exited with return code: 136.

The script works as expected while running macOS 10.12.6 (16G29).



---



Steps to Reproduce:

Run the script "recoveryKeyReissue.sh" via Terminal.



---



Expected Results:

Exit 0



---



Actual Results:

Unloading FDERecoveryAgent...
/System/Library/LaunchDaemons/com.apple.security.FDERecoveryAgent.plist: Could not find specified service

Error: Unable to change key.
2017-09-11 08:19:30  FAILED: FileVault Configuration Tool exited with return code: 136.



---



Version/Build:

macOS 10.13 Beta (17A360a)

Comments

10.13 Beta (17A362a)

I was able to reproduce the issue with 10.13 Beta (17A362a)


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!