Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

rmadsen3

macrumors regular
Original poster
Aug 9, 2022
133
50
Hi, readers. Yesterday I returned a laptop running macOS Monterey. I had set it up so that my $HOME folder has its own APFS volume. Apple Store staffer ran the 'Erase All Content and Settings' thing. Did this operation work to remove data from my nonstandard APFS volumes (remove the volumes themselves?), essentially wiping the drive? Thanks in advance!
 
Can I ask what the purpose of putting your Home directory in a separate APFS volume was?

A standard Monterey install already has two volumes, the locked sealed System Volume, and the -Data volume which contains your Home folder and all your third party apps and all settings. Erase Content and settings puts a new virgin Data volume with the System Volume.
 
  • Love
Reactions: rmadsen3
So does that mean Erase All Contents and Settings does *not* work to erase the other volumes?

I've used dedicated $HOME volume (previously a $HOME partition) for very many years. Makes it easy to do backup. It used to be convenient for reinstalls, too. Dual booting. I like to keep the data compartmentalized, moreso than just inside of the /Users folder.

So does that mean Erase All Contents and Settings does *not* work to erase the other volumes?
 
Erase All Content and settings should delete anything that is not part of the system install.
Don't know if that means erasing/deleting a volume that is not part of the system install. Best way to find out is to actually check for the presence of that volume, after you have selected Erase All Content...
 
  • Love
Reactions: rmadsen3
So does that mean Erase All Contents and Settings does *not* work to erase the other volumes?

I've used dedicated $HOME volume (previously a $HOME partition) for very many years. Makes it easy to do backup. It used to be convenient for reinstalls, too. Dual booting. I like to keep the data compartmentalized, moreso than just inside of the /Users folder.

So does that mean Erase All Contents and Settings does *not* work to erase the other volumes?

I haven't tested it but my belief is that "erase all data and settings" removes everything on the machine except the locked sealed system volume, returning it to factory condition...so yes it would remove your special User APFS volume.

Apple describe "Erase content and settings" as the way to restore it to factory condition. However that article makes special mention of the Bootcamp partition which has to be removed first and that you will be advised so. Since Bootcamp is not an APFS volume and you didn't get any warning I think it confirms yours was returned to factory condition, ie with no left behind volume.

I can see your policy of a separate volume for Home directory made sense in the days before Catalina, but can't see that it does now Apple have effectively done the job for you. The Data volume is absolutely everything that is special to you, your User Directory and all your apps and settings. This is what Time Machine and CCC backup and the whole restore process is geared to marrying a backup of the Data volume to the System volume.

Have you actually tried to do a whole machine restore with your separate Home Directory volume?

It feel like you are fighting Apple all the way doing this!
 
  • Love
Reactions: rmadsen3
Since you've already returned the laptop, I take it that you're just looking for reassurance that your data is safe. Unless someone tries it, no one will know for sure. I suspect you have nothing to worry about.

The Bootcamp issue Mike raises gives me slight pause. Before reading that I would have just suspected that Apple wipes the entire drive, recreates the partition map, creates the APFS container, and creates the system volume in that container. Perhaps they do that and there's some other reason that the Bootcamp partition needs special attention.

But, it's hard to believe that Apple would leave other volumes around in the APFS container. Some people install other versions of the OS in there. Apple must cater for such things.
 
  • Love
Reactions: rmadsen3
I haven't tested it but my belief is that "erase all data and settings" removes everything on the machine except the locked sealed system volume, returning it to factory condition...so yes it would remove your special User APFS volume.

Apple describe "Erase content and settings" as the way to restore it to factory condition. However that article makes special mention of the Bootcamp partition which has to be removed first and that you will be advised so. Since Bootcamp is not an APFS volume and you didn't get any warning I think it confirms yours was returned to factory condition, ie with no left behind volume.
This page says 'Erase All Contents and Settings' does indeed remove other volumes?

What does Erase Assistant do?​

Erase Assistant does the following things on your Mac:
  • Signs you out of Apple services, such as iCloud.
  • Turns off Find My and Activation Lock, so the Mac you’re erasing is no longer associated with you.
  • Erases your content and settings, and any apps that you installed.
  • Erases all volumes (not just the volume you’re on). If you installed Windows on your Mac using Boot Camp Assistant, the BOOTCAMP volume is also erased.
  • Erases all user accounts and their data (not just your own user account).
https://support.apple.com/guide/mac-help/erase-your-mac-mchl7676b710/mac
 
This page says 'Erase All Contents and Settings' does indeed remove other volumes?

What does Erase Assistant do?​

Erase Assistant does the following things on your Mac:
  • Signs you out of Apple services, such as iCloud.
  • Turns off Find My and Activation Lock, so the Mac you’re erasing is no longer associated with you.
  • Erases your content and settings, and any apps that you installed.
  • Erases all volumes (not just the volume you’re on). If you installed Windows on your Mac using Boot Camp Assistant, the BOOTCAMP volume is also erased.
  • Erases all user accounts and their data (not just your own user account).
https://support.apple.com/guide/mac-help/erase-your-mac-mchl7676b710/mac
Interesting that seems to say different about the Bootcamp partition from the Apple link I posted!

Note that what it does not do is erase the whole drive and reinstall the System. It leaves the locked sealed System Volume in place unless it detects it has been modified somehow (which implies it is corrupt since it is not possible for a user to modify it). It only erases the -Data volume.

BTW The much loved "clean install" by wiping the whole drive and re-installing the system is fairly pointless these days (unless changing the macOS version). The locked signed sealed System Volume is checked every boot and if it is not verified the machine won't start and you will be told to reinstall a new one from Recovery. If it is verified, a snapshot is made and the machine boots from the snapshot. So if the machine boots the System Volume is good.
 
Note that what it does not do is erase the whole drive and reinstall the System. It leaves the locked sealed System Volume in place unless it detects it has been modified somehow (which implies it is corrupt since it is not possible for a user to modify it). It only erases the -Data volume.

I believe you, but it's surprising. People do modify their system volumes (people on these forums have done it and described the technique). And, as you mention, there is a chance the volume has become corrupt. I wonder why Apple would spend the extra effort to conditionally reinstall the System Volume, rather than just doing it.

Do you have some reference that explicitly states the the system volume is not touched during a full erase?
 
I believe you, but it's surprising. People do modify their system volumes (people on these forums have done it and described the technique). And, as you mention, there is a chance the volume has become corrupt. I wonder why Apple would spend the extra effort to conditionally reinstall the System Volume, rather than just doing it.

Do you have some reference that explicitly states the the system volume is not touched during a full erase?
I didn't say the System Volume is not touched during a full erase...I said the the System Volume is not erased when the "Erase Content and Settings" is done...only the Data volume is erased. A full erase would erase the System Volume.

Maybe there are some deep geeks who have found ways to modify the locked sealed system volume, but I am very surprised and would be interested in any links, and how they defeat the verification step. This article about Big Sur includes this para:

"Once the System volume has been installed, a hierarchy of SHA-256 hashes is made to cover every file on that volume individually, and its file system metadata, in a hierarchical structure culminating in a single top-level hash known as the Seal. That is then verified against a value which is signed by Apple, providing a chain of trust for everything in that System volume. When that has been completed correctly, a snapshot is made of this System volume, which is specially designated as a System snapshot and blessed".

I believe Monterey has tightened it down further. It certainly isn't something that could be done by any normal means...that is the whole purpose!

Because of the way Apple merges what is on the Sealed System Volume with what is on the Data volume into a single coherent "Applications, Library, System, Users" in Finder it may appear you are changing something in the System Volume which is actually on the Data volume.
 
  • Like
Reactions: kitKAC
I didn't say the System Volume is not touched during a full erase...I said the the System Volume is not erased when the "Erase Content and Settings" is done...only the Data volume is erased. A full erase would erase the System Volume.

My bad. Let me try again, with what I meant to ask...

Do you have some reference that explicitly states the the system volume is not erased when "Erase Content and Settings" is done? By that, I mean erased and recreated.
 
That link to the erase assistant (in post #8) states:
Note: If your version of macOS has been modified, Erase Assistant can’t erase your Mac and displays an alert indicating you need to first reinstall macOS. Reinstall macOS, then use Erase Assistant.
From Apple's support article
macOS Monterey includes Erase All Content and Settings, a way to quickly and securely erase all of your settings, data, and apps, while maintaining the operating system currently installed. If your Mac includes this feature when using macOS Monterey, use it instead of other utilities to erase your Mac.
The erase all content doesn't take long enough to give any time to download much of anything, let alone the full install. Can you think of a method that would rebuild the system without needing to download the system files to actually do that?
 
That link to the erase assistant (in post #8) states:
From Apple's support article

The erase all content doesn't take long enough to give any time to download much of anything, let alone the full install. Can you think of a method that would rebuild the system without needing to download the system files to actually do that?

That makes a lot of sense. So "Erase all Contents and Settings..." doesn't recreate the container. Good to know.
 
I don't think the original question has been answered.

Does "Erase..." only delete the Data volume (role = Data)? Or does it remove all volumes without the system roles? On Intel, the system roles are Preboot, Recovery, VM and System.

The separate "Home" volume probably has no assigned role.
 
I just created a "Home" volume in the container and it does show as "(No specific role)".

One thing I'll say to reassure the OP, I suspect Apple will completely wipe the disk and reinstall the OS (what I thought "Erase.." meant).

I wish I had a computer that I could use to test this whole Erase thing. Apple's comment "Erases all volumes (not just the volume you’re on)." leaves me wondering what "the volume you're on" even means. In terms of data, the OP was "on" two volumes and only one probably had the "Data" role.
 
  • Love
Reactions: rmadsen3
Per the security guide:

In macOS 10.15 or later, an APFS container used to start up the Mac must contain at least five volumes, the first three of which are hidden from the user:
[...]
A data volume is created for each additional system volume.

Reading between the lines, anything that is not part of the big four listed in #15 get erased would be my guess.
 
  • Love
Reactions: rmadsen3
Apple's comment "Erases all volumes (not just the volume you’re on)." leaves me wondering what "the volume you're on" even means. In terms of data, the OP was "on" two volumes and only one probably had the "Data" role.

I think Apple regards the "volume you are on" as the Data Volume not the System Volume. The machine boots from a snapshot of the System Volume, not the System Volume itself, so a running machine is in fact only 'on' the Data volume, which contains all your apps, data, settings, Home directory etc.
 
  • Love
Reactions: rmadsen3
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.