Are you using FileVault? If so, where does it consume the extra space?

Discussion in 'OS X' started by Avery1, Apr 21, 2010.

  1. macrumors member

    Joined:
    Mar 14, 2010
    #1
    My understanding is that FileVault requires 2x the space of the home directory, to function.

    After talking to AppleCare, my understanding is that FileVault works by storing the entire home directory as an encrypted disk image. Fair enough, this makes sense.

    However, I'm going to configure my Mac Pro with an SSD as the boot disk, and plan to move my home directory off to the non-boot disk. With FileVault enabled, this raises a couple concerns for the SSD Boot disk.

    So, the main question is: Will it write the 'second' copy of my home directory to the boot disk, or wherever the home directory lives? AC indicated that the extra space was needed under /Users, but I'm not sure if it is under /Users/<username> or directly under /Users.

    If you have FileVault enabled, can you look and let me know?

    Thanks,
    Avery
     
  2. macrumors 68020

    Krevnik

    Joined:
    Sep 8, 2003
    #2
    It doesn't use twice the space. The encrypted disk image is where all your data is stored, and it mounts it in place of your home directory when you
    log in. It takes up the same amount of space it would otherwise.
     
  3. thread starter macrumors member

    Joined:
    Mar 14, 2010
    #3
    So... in my scenario, I am looking to install a SSD as a boot drive for OS applications only, in my mac pro. I will have a secondary raid1 array, and I presume I will move the home directory to live on this array.

    In this scenario, are you saying that I do not have to be concerned about the SSD (which is smaller than the HDD) space being utilized? Just want to be sure before I open the packaging on the new drives...
     
  4. macrumors 68020

    Krevnik

    Joined:
    Sep 8, 2003
    #4
    With FileVault on, you won't move the home folder, you will need to move the disk image.

    The home folder in the case of FileVault is a decoy, it doesn't actually exist (other than as a mount point for the disk image).

    I'm not sure you can move the disk image easily, but you will need to look up some more on FileVault to know how to do it, because it is more complicated than just a home folder.
     
  5. thread starter macrumors member

    Joined:
    Mar 14, 2010
    #5
    Alright, thanks for the insight. I'll dig deeper.
     
  6. Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #6
    The 2x space might be in consideration of when you turn FileVault on or off. It require twice the space of your home directory to be free in order to turn it on or off, which it uses as a temporary spot.
     
  7. thread starter macrumors member

    Joined:
    Mar 14, 2010
    #7
    angelwatt -- I suspect that's the case and think you're probably right; however, when I asked the folks at Apple Care -- they seemed to indicate it would consume 2x the space, real-time. Then again, they frequently tend to be confused by the level of questions that are asked or just not know the answer. Too bad there isn't better documentation somewhere.

    I thought of spinning up a virtual machine to do a test, but apparently you can't do that with Mac OS :(
     
  8. Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #8
    Well, as a user of FileVault for 3+ years I can tell you with 100% certainty that using FileVault does not use 2x the HD space. It uses potentially a few MB at most for some extra file info somewhere, but it's absolutely nowhere near 2x the size of your data.
     
  9. thread starter macrumors member

    Joined:
    Mar 14, 2010
    #9
    Did a little testing on a fresh install...

    I moved my home directory to a second disk, then added a few gigs of data.

    I then enabled FileVault.

    Via sudo du -hs, the home directory appeared to be 3.3GB and contained visible files.

    As a second admin user, I logged in and poked around with sudo.

    The new home directory @ /Volumes/disk2/Users2/avery showed the size to be 4.1 GB and via sudo I could see a single file called avery.sparsebundle that could not be read/opened further.

    appeared to have 3.3GB by user; 4.1 GB by second admin user
    Added 5.5 GB of data to the home directory
    appeared to have 8.5GB by user; 9.3 GB by second admin user

    So, it seems there is some inflation of size -- though it is relatively fixed or a small % gain. However, it is difficult to verify in entirety where the other used disk comes from. When I did a sudo find . -size +500000000c, the sparsebundle did not show up, so it is possible the OS also stores other files that are not recognizable by `find` .

    The good news is that at first glance, it appears to show up local to where the home directory resides.

    One other note: when I copied lots of MP3s prior to encryption and after encryption, the transfer/write rate was only about 3% slower after enabling encryption. Logout is slightly slower.
     
  10. Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #10
    You do realize that there is over head needed to encrypt/decrypt files which is why you're seeing a slight degradation in performance. The higher physical space usage could also be attributed to that, i.e., the physical file's encrypted image.
     
  11. thread starter macrumors member

    Joined:
    Mar 14, 2010
    #11
    Thanks. Yep, encryption does require additional processing.

    However, based on my initial observations and readings, the mounted disk image is unencrypted at login and encrypted at logout -- so in theory, there should be no or minimal overhead to processing transactions, once logged in. The 3% during copy is likely a margin-of error, but if not... well, it's 3%.

    I posted up the above details mainly as a point of reference for others with similar questions.
     
  12. macrumors 65816

    Joined:
    Jan 9, 2007
    #12
    No , the sparsedisk image is mounted at login and then any data read or written to it is decrypted/encrypted on the fly.

    So the the data is always encrypted on the disk, and only when you access it is it decrypted as data is read from the disk so you can read files. It actually never writes unencrypted data to the sparse image (talk about a security hole). So there is a performance penalty, but on modern Macs you should barely notice it.

    It would take forever to unencrypt a large disk image and then reencrypt it. It would also be a major security problem. All a criminal wanting to look at your data would have to do is unplug the mac and leave the disk unencrypted.


    Now if someone has access to your system or you have file sharing on, people could get to the data since when you're logged in as the data is available to be read at that point. Password protecting your screen saver and keeping file sharing off is a good practice when using FIlevault if you're really paranoid.

    As for the size of the disk image file, there is directory information and a used block map that takes up space above the actual data files. So the disk image will be larger than all the data on it.
     
  13. macrumors 6502a

    iPhysicist

    Joined:
    Nov 9, 2009
    Location:
    Dresden
    #13
    I use File Vault from beginning. My Home Directory shows 500GB but I do not have a 500GB Drive. Mine is 250GB, so maybe this is ment with 2 times more space "required".
     

Share This Page