Wed 19 Dec 2007
Now that I’ve had Leopard for a while I think I’ve settled the dispute between Time Machine and File Vault. Time Machine won out.
The problem was that FileVault works by setting up an encrypted disk image that is mounted in the /Users directory, rather than /Volumes where things you mount yourself (like DMGs) go. This allows you to pretty much transparently interact with your files, blissfully unaware that they’re being encrypted/decrypted on the fly, however to Time Machine your whole home folder is just one file. So while I’ve heard something about being able to access stuff by digging around in the bowels of the directory structure that Time Machine sets up on the external hard drive, you can’t use Finder’s interactive file restore system, making it much less useful IMO. After all, backup is an old problem that has solutions, but the whole point of Time Machine is to make it easy enough to actually use.
So my solution was to instead put everything that I wanted encrypted into an actual encrypted disk image that I just mount myself. This also had the benefit of slightly speeding up my system, especially login.
April 16th, 2008 at 23.18
nope, this doesn’t work for a host of files that I’d want encrypted (e.g. ~/Library/Mail/* )
April 23rd, 2008 at 12.24
@G
You could try moving your ~/Library/Mail to the encrypted disk image and then making a symbolic link to it. If the disk image was called “foo”, this is how that’d work:
cd ~/Library/Mail; ln -s /Volumes/foo/Mail
Of course, you’ll have to mount the encrypted disk image before you fire up Mail, or it will likely just move the link out of the way and make a brand new Mail directory.
This should work for other files, too. It’s kludgey, but the half-ass integration of TimeMachine and FileVault given to us by Apple requires kludgey fixes.
Tony
N.B. If you put a lot of stuff in that disk image that will be frequently modified, your backup system will be making frequent copies of a very large file. It’s a sadly heavy-weight solution to the problem.
April 25th, 2008 at 11.35
There appears to be a lot of confusion in this realm, so let me add some clarity.
Leopard introduce the concept of a sparse bundle image. In a bundle the image is “banded” into small 8mB files. More information about this can be found here:
http://macosx.com/article/live-filevaultsparse-bundle-backups-in-leopard.html
There still exists a problem however. Time machine will not backup your sparse disk image (file vault home directory) if it’s mounted.
http://www.radiotope.com/content/os-105-time-machine-and-file-vault
One last obstacle… how do you get Time Machine to deal with backing up large files like VMWare images? When you create a vmware image you can tell the install to use 2gB files, which helps, but doesn’t solve the issue. People who do video editing are just screwed.
In the long run Apple could solve this issue using a ZFS filesystem (which does true journaling), therefore allowing for the writing of only data deltas.
-Rob