Separate names with a comma.
Discussion in 'macOS Catalina (10.15)' started by STOCK411, Jun 3, 2019.
Interesting! I’ve just installed, so haven’t had a chance to poke around much. This explains the shift to APFS as it’s far easier to create and move volumes non-destructively
Here's what this looks like in Disk Utility...
How does it appear in Finder? Do you still see folders like /System or are they hidden away now?
It appears in the Finder like before.
Can you still override Gatekeeper with right-click + open?
Interesting. I suppose /System is now linked to the new volume somehow. I'll have to give it a go on my spare machine at some point
Can I still edit my System Directory if I so choose?
Every time I install MacOS I change the volume clicker back to the one to the true Mac OS X volume clicker.
Yes, the system partition is writable with SIP disabled.
That's a plus, but I do wonder if that will break other apps. In the business world, separating the OS and data and apps has always been the best approach.
Hmmmm..... lemmmmeeeesssseeee here....
Since back to my earliest days of Mac'ing (late 80's), I've partitioned my drives so that the "System files" resided in their own partition.
I've ALWAYS kept my data on a separate volume (partition).
This made it fast and easy to backup my data, and if anything went wrong with the "system partition", the data partition was usually still fine.
And for years others told me what I was doing was unnecessary.
Well, well, well...!
Looks like Apple itself has finally come around to "my way of doing it".
That is -- segregate the OS files into their own "space".
Call it "a partition", or call it "a container", or call it whatever you like ("a rose by any other name...")
That's what they're doing.
Who had it right...?
To be fair, in the old days doing this required you to partition the storage space so you'd dedicated space to the system, and unused space in the system partition wouldn't be available for data.
APFS has made it possible to do this without this waste of space. So your idea had merit, it was just inefficient to implement. Now that it is, Apple has done it.
I hope the read-only system partition is identical across all systems and has absolutely no local configuration data. This would make it really easy to restore a machine to factory state; just nuke and recreate the data partition!
Always wondered why they kept throwing everything in one pot. a2
This might not be possible. Are /bin and /sbin part of the system volume or is it just /System?
Can someone explain why a read-only volume is needed for the System when we already have SIP, which protects that particular location (among others) from tampering/unauthorized modifications? Based on what @redheeler mentioned above, the System volume can be modified with SIP turned off, so what is the point of just putting it into a new volume? Does it confer additional benefits?
Maybe it's easier to implement. Instead of hacking things around to protect some folders you just use the standard way to make a read-only volume.
I hope it is; it would be silly if they went out of the way to make the installation model similar to iOS and not do it the same way.
When you do "erase all content and settings" in iOS, the system nukes the data partition on the devices, throws away the decryption key, and creates a fresh one. That's how it can do it so quickly.
I wonder how this works for someone who has existing system and data partitions already separated. The way my configuration works is, I have one partition dedicated to macOS, my user folder (nothing of importance stored there), and all applications. The separate data partition consists of all my data, documents, etc. I think they're both containers under the same main drive, using AFPS. If I upgrade to Catalina this fall, how will the installer handle that?
Separate volumes make backup, cloning, HDD/SSD upgrades and recovery more simple. So I agree with you.
My guess is that the fact it is still editable with SIP disabled is a bug. The benefit is that updates & upgrades become much easier when you have a precisely known set of bits to modify, without having to worry about any sort of alterations behind your back. This is more about simplicity for Apple's deployment of new updates than about security.
Apple says it’s read-only. You say it’s writeable. Those statements are at odds. I’m not sure which is more likely correct.
For anyone else looking in to this, Apple call the feature ROSV in the OSInstaller (there is a lot of references to “ROSV Install"). Trying to install manually without the ‘Data’ volume in the APFS container seems to only install the system stuff, and the resulting install crashes when trying to init userland.
It looks like Catalina on HFS+ is a no-go until we get this sorted
If MacOS has its own partition and read-only, many BSD or Unix programs might outright break and not work. Unless MacOS has some sort of virtual system folder that program can read/write, I am not sure about the compatibility here.
Based on this info, I am pretty sure Apple is now laying the foundation to ditch intel processor and much of the UNIX thing in the near future.
Will this work on an iMac late 2012. All previous versions of 10, caused iMac to run super slow and would not revognize my hard drives nor my Ethernet connection.