Jump to content

Simple Script For Enabling Legacy FileVault


  • Please log in to reply
No replies to this topic

#1
459below

459below

    InsanelyMac Protégé

  • Members
  • Pip
  • 7 posts

Hello,

 

I just wanted to share this little script based on Mac the Knife's post here: http://www.insanelym...c-osx-107-lion/

#!/bin/bash
if [ $UID != 0 ]; then
	echo "Run me as with sudo"
	exit 0
fi
echo "enter a master recovery password:"
read MASTER_PASSWORD
echo "enter username"
read USER_NAME
echo "enter size of sparsebundle (eg. 500g)"
read SIZE

SBUID=$(id -u $USER_NAME)
SBGID=$(id -g $USER_NAME)

security create-filevaultmaster-keychain -p $MASTER_PASSWORD /Library/Keychains/FileVaultMaster.keychain
#"security export" is broken! we need to do this manually
security unlock-keychain -p $MASTER_PASSWORD /Library/Keychains/FileVaultMaster.keychain
while [ ! -f /Library/Keychains/FileVaultMaster.cer ]
do
	read -p "Add /Library/Keychains/FileVaultMaster.keychain in KeyChainAccess.app and export the certificate to /Library/Keychains/FileVaultMaster.cer You will need to export to a user owned folder first. Press ENTER to continue."
done
chown 0:0 /Library/Keychains/FileVaultMaster.cer
chmod 600 /Library/Keychains/FileVaultMaster.cer
chmod 644 /Library/Keychains/FileVaultMaster.keychain

cd /Users/$USER_NAME
echo "Enter your user password."
hdiutil create -size $SIZE -encryption -agentpass -certificate /Library/Keychains/FileVaultMaster.cer -uid $SBUID -gid $SBGID -mode 0700 -fs "HFS+J" -type SPARSEBUNDLE -layout SPUD -volname "$USER_NAME" $USER_NAME.sparsebundle
chown -R $SBUID:$SBGID /Users/$USER_NAME/$USER_NAME.sparsebundle
du -h -d 1 /Users/$USER_NAME
df -h
read -p "Check that you have the size of the homefolder free on the disk. Press enter to continue."
mkdir sbdest
hdiutil attach -owners on -mountpoint sbdest $USER_NAME.sparsebundle
rsync -avxHEP ./ sbdest/ -exclude="$USER_NAME".sparsebundle/ -exclude="sbdest/"
hdiutil detach sbdest
rmdir sbdest
cd /private/var/db/dslocal/nodes/Default/users/
cp -i $USER_NAME.plist $USER_NAME.plist.bak
eval "defaults write /private/var/db/dslocal/nodes/Default/users/$USER_NAME.plist home_loc -array '\"<home_dir><url>file://localhost/Users/$USER_NAME/$USER_NAME.sparsebundle</url></home_dir>\"'"
echo "Remember to delete/move everything in /home/$USER_NAME except /home/$USER_NAME/$USER_NAME.sparsebundle or you will waste space besides keeping a clear text copy of your data on your HD"

I will not explain how to use it or what each command does. Just google it. And of course: Use it at your own risk.

 

Regards,

below

 

Edit:

 

The system claims incorrectly that the FileVault-password and user-password differ after a software update. This message pops up right after boot, but before login. Hitting cancel and logging in afterwards, should fix it.







0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

© 2014 InsanelyMac  |   News  |   Forum  |   Downloads  |   OSx86 Wiki  |   Mac Netbook  |   PHP hosting by CatN  |   Designed by Ed Gain  |   Logo by irfan  |   Privacy Policy