diskutil(8) BSD System Manager's Manual diskutil(8)
diskutil -- modify, verify and repair local disks
diskutil [quiet] verb [options]
diskutil manipulates the structure of local disks. It provides informa- tion about, and allows the administration of, the partitioning schemes, layouts, and formats of disks. This includes hard disks, solid state disks, optical discs, CoreStorage volumes, and AppleRAID sets. It gener- ally manipulates whole volumes instead of individual files and directo- ries.
Each verb is listed with its description and individual arguments. list [-plist] [device] List disks. If no argument is given, then all disks and all of their partitions are listed. If -plist is specified, then a property list will be emitted instead of the normal user-readable output. If a device is specified, then instead of listing all families of whole disks and their partitions, only one such family is listed. In that case, specifying either the whole disk or any of its slices will work. A script could interpret the results of the diskutil list -plist output and use diskutil info -plist as well as diskutil listFilesystems -plist for more detailed information. See the DEVICES section below for the various forms that the device specification may take for this and all of the other diskutil verbs. The top-to-bottom appearance of partitions in diskutil list always indicates the on-disk ordering. BSD disk identifiers may, in certain circumstances, not appear in slice-numerical order when viewed this way. This is normal and is likely the result of a recent partition map editing operation in which volumes were kept mounted. info | information [-plist] device Get detailed information about a specific whole disk or parti- tion. If -plist is specified, then a property list instead of the normal user-readable output will be emitted. activity Continuously display system-wide disk manipulation activity as reported by the Disk Arbitration framework until interrupted with a signal (e.g. by typing Control-C). This can be useful to watch system-wide activity of disks com- ing on-line or being ejected, volumes on disks being mounted or unmounted, volumes being renamed, etc. However, this out- put must never be parsed; programs should become Disk Arbitra- tion clients instead. For debugging information, such as the monitoring of applica- tions dissenting (attempting to deny) activities for disks for which they have registered an interest, you must use the log- ging features of the diskarbitrationd daemon. Programs needing this information must become Disk Arbitration clients. listFilesystems [-plist] Show the file system personalities available for formatting in diskutil when using the erasing and partitioning verbs. This is a subset of the complete set of personalities exported by the various file system bundles that may be installed in the system. Also shown are some shortcut aliases for common per- sonalities. See the FORMAT section below for more details. If -plist is specified, then a property list instead of the normal user-readable output will be emitted. unmount | umount [force] device Unmount a single volume. Force will force-unmount the volume (less kind to any open files; see also umount (8)). unmountDisk | umountDisk [force] device Unmount an entire disk (all volumes). Force will force- unmount the volumes (less kind to any open files; see also umount (8)). You should specify a whole disk, but all volumes of the whole disk are attempted to be unmounted even if you specify a partition. eject device Eject a disk. Media will become offline for the purposes of being a data store for file systems or being a member of con- structs such as software RAID or direct data. Additionally, removable media will become eligible for safe manual removal; automatically-removable media will begin its physical (motor- ized) eject sequence. mount [readOnly] [-mountPoint path] device Mount a single volume. If readOnly is specified, then the file system is mounted read-only, even if the volume's under- lying file system and/or device and/or media supports writing; even the super-user may not write to it; this is the same as the rdonly option to mount (8). If a -mountPoint is speci- fied, then that path, rather than the standard path of /Vol- umes/VolumeName, will be used as the view into the volume file content; a directory at that path must already exist. mountDisk device Mount an entire disk (all mountable volumes). You should specify a whole disk, but all volumes of the whole disk are attempted to be mounted even if you specify a partition. rename | renameVolume device name Rename a volume. Volume names are subject to file system-spe- cific alphabet and length restrictions. enableJournal device Enable journaling on an HFS+ volume. This works whether or not the volume is currently mounted (the volume is temporarily mounted if necessary). Ownership of the affected disk is required. disableJournal [force] device Disable journaling on an HFS+ volume. This normally works whether or not the volume is currently mounted (the volume is temporarily mounted if necessary). If the force option is specified, then journaling is disabled directly on disk; in this case, the volume must not be mounted. Ownership of the affected disk is required. moveJournal external | internal [journalDevice] device external will create a 512MB Apple_Journal partition out of journalDevice and an HFS+ partition will be created out of the remaining space if available; journalDevice must be a parti- tion, not a whole-disk. The journal for device will then be moved externally onto the newly created Apple_Journal parti- tion. internal will move the journal for device back locally. Moving the journal works whether or not the volume is mounted, provided journaling is enabled on that volume. No errors are currently supported to flag attempts to move journals on vol- umes that do not have journaling enabled. Ownership of the affected disk(s) is required. enableOwnership device Enable ownership of a volume. The on-root-disk Volume Data- base at /var/db/volinfo.database is manipulated such that the User and Group ID settings of files, directories, and links (file system objects, or "FSOs") on the target volume are taken into account. This setting for a particular volume is persistent across ejects and injects of that volume as seen by the current OS, even across reboots of that OS, because of the entries in this OS's Volume Database. Note thus that the setting is not kept on the target disk, nor is it in-memory. For some locations of devices (e.g. internal hard disks), con- sideration of ownership settings on FSOs is the default. For others (e.g. plug-in USB disks), it is not. When ownership is disabled, Owner and Group ID settings on FSOs appear to the user and programs as the current user and group instead of their actual on-disk settings, in order to make it easy to use a plug-in disk of which the user has phys- ical possession. When ownership is enabled, the Owner and Group ID settings that exist on the disk are taken into account for determining access, and exact settings are written to the disk as FSOs are created. A common reason for having to enable ownership is when a disk is to contain FSOs whose User and Group ID set- tings, and thus permissions behavior overall, is critically important, such as when the plug-in disk contains system files to be changed or added to. See also the vsdbutil command. Running as root is required. disableOwnership device Disable ownership of a volume. See enableOwnership above. Running as root is required. verifyVolume device Verify the file system data structures of a volume. The appropriate fsck program is executed and the volume is left mounted or unmounted at it was before the command. Ownership of the disk to be verified is required. repairVolume device Repair the file system data structures of a volume. The appropriate fsck program is executed and the volume is left mounted or unmounted at it was before the command. Ownership of the affected disk is required. verifyDisk device Verify the partition map layout of a whole disk intended for booting or data use on a Macintosh. The checks further include, but are not limited to, the integrity of the EFI Sys- tem Partition, the integrity of any Core Storage Physical Vol- ume partitions, and provisioning of space for boot loaders. Ownership of the disk to be verified is required; it must be a whole disk and must have a partition map. repairDisk device Repair the partition map layout of a whole disk intended for booting or data use on a Macintosh. The repairs further include, but are not limited to, the repair or creation of an EFI System Partition, the integrity of any Core Storage Physi- cal Volume partitions, and the provisioning of space for boot loaders. Ownership of the affected disk is required; it must be a whole disk and must have a partition map. verifyPermissions [-plist] device Verify the permissions of a Mac OS X boot volume. The data that guides the permissions verification is written during the installation process. Ownership of the disk to be verified is required. repairPermissions [-plist] device Repair the permissions of a Mac OS X boot volume. The data that guides the permissions repair is written during the installation process. Ownership of the affected disk is required. eraseDisk format name [APM[Format] | MBR[Format] | GPT[Format]] device Erase an existing disk, removing all volumes and writing out a new partitioning scheme containing one new empty file system volume. If the partitioning scheme is not specified, then an appropriate one for the current machine is chosen. Format is discussed below in the section for the partitionDisk verb. Ownership of the affected disk is required. eraseVolume format name device Erase an existing volume or write out a new empty file system if there was none. Format is discussed below in the section for the partitionDisk verb. Ownership of the affected disk is required. reformat device Erase an existing volume by writing out a new empty file sys- tem of the same personality (type) and with the same volume name. Ownership of the affected disk is required. eraseOptical [quick] device Erase optical media (CD/RW, DVD/RW, etc.). Quick specifies whether the disc recording system software should do a full erase or a quick erase. Ownership of the affected disk is required. zeroDisk [force] device Erase a device, writing zeros to the media. The device can be a whole-disk or a partition. In either case, in order to be useful again, zero'd whole-disks will need to be (re)parti- tioned, or zero'd partitions will need to be (re)formatted with a file system, e.g. by using the partitionDisk, eraseDisk, or eraseVolume verbs. If you desire a more sophis- ticated erase algorithm or if you need to erase only free space not in use for files, use the secureErase verb. The force parameter causes best-effort, non-error-terminating, forced unmounts and shared-mode writes to be attempted; how- ever, this is still no guarantee against drivers which claim the disk exclusively. In such cases, you may have to first unmount all overlying logical volumes (e.g. CoreStorage or AppleRAID), or, if a disk is partially damaged in just the wrong way, even un-install a kext or erase the disk elsewhere. Ownership of the affected disk is required. randomDisk [times] device Erase a whole disk, writing random data to the media. Times is the optional (defaults to 1) number of times to write ran- dom information. The device can be a whole-disk or a parti- tion. In either case, in order to be useful again, randomized whole-disks will need to be (re)partitioned, or randomized partitions will need to be (re)formatted with a file system, e.g. by using the partitionDisk or eraseDisk verbs. If you desire a more sophisticated erase algorithm or if you need to erase only free space not in use for files, use the secureErase verb. Ownership of the affected disk is required. secureErase [freespace] level device Erase, using a secure method, either a whole-disk (including any and all partitions), or, only the free space (not in use for files) on a currently-mounted volume. Erasing a whole- disk will leave it useless until it is partitioned again. Erasing freespace on a volume will leave it exactly as it was from an end-user perspective, with the exception that it will not be possible to recover deleted files or data using utility software. If you need to erase all contents of a partition but not its hosting whole-disk, use the zeroDisk or randomDisk verbs. Ownership of the affected disk is required. Level should be one of the following: o 0 - Single-pass zero-fill erase. o 1 - Single-pass random-fill erase. o 2 - US DoD 7-pass secure erase. o 3 - Gutmann algorithm 35-pass secure erase. o 4 - US DoE algorithm 3-pass secure erase. partitionDisk device [numberOfPartitions] [APM[Format] | MBR[Format] | GPT[Format]] [part1Format part1Name part1Size part2Format part2Name part2Size part3Format part3Name part3Size ...] (re)Partition a disk, removing all volumes. All volumes on this disk will be destroyed. The device parameter specifies which whole disk is to be partitioned. The optional numberOfPartitions parameter specifies the number of parti- tions to create; if given then the number of parameter triplets (see below) is expected to match; else, the number of triplets alone given will determine the number of partitions created. The optional partitioning scheme parameter forces a particular partitioning scheme; if not specified, a suitable default is chosen. They are: o APM[Format] specifies that an Apple Partition Map scheme should be used. This is the traditional Apple partitioning scheme used to start up a Pow- erPC-based Macintosh computer, to use the disk as a non-startup disk with any Mac, or to create a multi- platform compatible startup disk. o MBR[Format] specifies that a Master Boot Record scheme should be used. This is the DOS/Windows-com- patible partitioning scheme. o GPT[Format] specifies that a GUID Partitioning Table scheme should be used. This is the partitioning scheme used to start up an Intel-based Macintosh computer. For each partition, a triplet of the desired file system for- mat, volume name, and size must be specified. Several other diskutil verbs allow these triplets as well (and for them, the numberOfPartitions parameter is also optional). The triplets must be as follows: o Format names are of the form HFS+, MS-DOS, etc.; a list of formatable file systems (more precisely, personalities exported by the installed file system bundles) and common aliases is available from the listFilesystems verb. Format guides diskutil both in what partition type to set for the partitions (slices) as well as what file system structures to lay down therein, using the file system bundle's plist's FormatExecutable setting (which usually points to the appropriate formatter program such as newfs_hfs (8)). You can also specify a format of Free Space to skip an area of the disk. Addition- ally, you can specify the partition (personality) type manually and directly with a format of %<human- readable partition type>% such as %Apple_HFS% or %<GPT partition type UUID constant>% such as %48465300-0000-11AA-AA11-00306543ECAC%; these imply a name of %noformat% (below). Human-readable types must be known to the system but UUID types (GPT scheme only) can be arbitrary. o Names are the initial volume names; they must con- form to file system specific restrictions. If a name of %noformat% is specified, then the partition is left blank such that the partition space is carved out, the partition type is set according to the file system format name, the partition space is partially erased, but a file system structure is not laid down with any file system's formatter program (e.g. newfs_hfs (8)); this is useful for setting up partitions that will contain user-defined (not nec- essarily file system) data. For a triplet whose format is Free Space or a directly-specified parti- tion type, its name is ignored but a dummy name must be present. o Sizes are floating point numbers followed by a let- ter or percent sign as described in the SIZES sec- tion at the end of this page (e.g. 165536000B, 55.3T, 678M, 75%, R). The last partition may be lengthened to the end of the disk. You can specify an exact size for your last partition by spec- ifying it as the penultimate triplet and specifying an addi- tional (last) triplet as Free Space. Ownership of the affected disk is required. resizeVolume device [ limits | R | size [numberOfPartitions] [part1Format part1Name part1Size part2Format part2Name part2Size part3Format part3Name part3Size ...] ] Non-destructively resize a volume. You may increase or decrease its size. A size of limits will print the range of valid values for the target partition, taking into account current file system and partition map conditions such as files in use and other (immovable) partitions following the target. You can grow a volume (back) to its maximum size possible, provided no new partitions have been created that are in the way, by specifying R for the new volume size. You should use R instead of attempting an absolute value such as 100% because the latter cannot count partition map overhead. When decreasing the size, new partitions may optionally be created to fill the newly-freed space. To do this, specify the numberOfPartitions, format, name, and size parameters in the same manner as the triplet description for the partitionDisk verb. Resizing a volume that is currently set as the computer's startup disk will invalidate that setting; use the Startup Disk System Preferences panel or bless (8) to reset the resized volume as the startup disk. Device refers to a volume; the volume's file system must be journaled HFS+. Valid sizes are a number followed by a capi- tal letter multiplier or percent sign suffix as described in the SIZES section at the end of this page (e.g. 1.5T, 128M, 50%). Ownership of the affected disk is required. splitPartition device [numberOfPartitions] [part1Format part1Name part1Size part2Format part2Name part2Size part3Format part3Name part3Size ...] Destructively split a volume into multiple partitions. You must supply a list of new partitions to create in the space of the old partition; specify these with the numberOfPartitions, format, name, and size parameters in the same manner as the triplet description for the partitionDisk verb. Device refers to a volume. Ownership of the affected disk is required. mergePartitions [force] format name fromDevice toDevice Merge two or more partitions on a disk. All data on merged partitions other than the first will be lost. Data on the first partition will be lost as well if the force argument is given. If force is not given, and the first partition has a resizable file system (e.g. JHFS+), the file system will be preserved and grown in a data-preserving manner; your format and name parameters are ignored in this case. If force is not given, and the first partition is not resizable, you are prompted if you want to format. You will also be prompted to format if the first partition has an (HFS) Allocation Block Size which is too small to support the required growth of the first par- tition; see the -b option for newfs_hfs (8). If force is given, the final resulting partition is always (re)formatted. You should do this if you wish to (re)format to a new file system type. You will be prompted to confirm. Format and name must always be given, but they have an effect only when force is given. Merged partitions are required to be ordered sequentially on disk (see diskutil list for the actual on-disk ordering). All partitions in the range, except for the first one, must be unmountable. Ownership of the affected disk is required. appleRAID | ar raidVerb [...] AppleRAID verbs can be used to create, manipulate and destroy AppleRAID volumes (Software RAID). AppleRAID supports three basic types of RAID sets: o "stripe" - Striped Volume (RAID 0) o "mirror" - Mirrored Volume (RAID 1) o "concat" - Concatenated Volume (Spanning) Of these three basic types, only the "mirror" type increases fault-tolerance. Mirrors may have more than two disks to fur- ther increase their fault-tolerance. Striped and concaten- tated volumes are, in fact, more vulnerable to faults than single disk volumes. From these basic types, "stacked" or "nested" RAID volumes can be created. Stacked RAID sets that make use of mirrored RAID sets are fault-tolerant. For example, these are some of the more common combinations of stacked RAID sets: o RAID 50 - A striped RAID set of hardware RAID 5 disks. o RAID 10 - A striped RAID set of mirrored RAID sets. o RAID 0+1 - A mirrored RAID set of striped RAID sets. o Concatenated Mirror - A concatenation of mirrored RAID sets. When creating new RAID sets or adding disks, if possible, it is better to specify the entire disk instead of a partition on that disk. This allows the software to reformat the entire disk using the most current partition layouts. When using whole disks, the type of partitioning used is selected based on the platform type (PPC = APMFormat, Intel = GPTFormat). GPT and APM partition formats cannot be mixed in the same RAID set. In addition to whole disk and partition device names, AppleRAID uses UUIDs to refer to existing RAID sets and their members. Existing RAID sets may also be specified by mount point (e.g. /Volume/raidset). In many cases, using the UUID for the device argument is preferred because disk device names may change over time when disks are added, disks are removed or when the system is rebooted. If RAID members have been physically disconnected from the system or are no longer responding, you must use the member's UUID as the command argument. Messages in the system log will refer to RAID sets and their member disks by UUID. For more information on spec- ifying device arguments see the "DEVICES" section below. AppleRAID is not a replacement for backing up your data. Backups should be always be performed on a regular basis and before modifying any RAID set using these commands. The following is a list of appleRAID sub-verbs with their descriptions and individual arguments. list [-plist | UUID] Display AppleRAID volumes with current status and associated member disks. If UUID is specified, only list the RAID set with that AppleRAID Set UUID. If -plist is specified, then a property list will be emitted instead of user-formatted output. The -plist and UUID arguments may not both be spec- ified. diskutil listRAID is a deprecated synonym for diskutil appleRAID list. create mirror | stripe | concat setName format devices ... Create a new RAID set consisting of multiple disks and/or RAID sets. setName is used for both the name of the created RAID volume and the RAID set itself (as displayed in list). e.g. 'diskutil cre- ateRAID stripe MyArray JHFS+ disk1 disk2 disk3 disk4'. Ownership of the affected disks is required. diskutil createRAID is a deprecated syn- onym for diskutil appleRAID create. delete raidVolume Destroy an existing RAID set. If the RAID set is a mirror with a resizable file system, delete will attempt to convert each of the member partitions back into a non-RAID volume while retaining the contained file system. For concatenated RAID sets with a resizable file system, delete will attempt to shrink the file system to fit on the first mem- ber partition and convert that to a non-RAID vol- ume. Ownership of the affected disks is required. diskutil destroyRAID is a deprecated synonym for diskutil appleRAID delete. repairMirror raidVolume newDevice Repair a degraded mirror by adding a "new" disk given as newDevice to the RAID mirror set whose exported disk device or set UUID is given as raidVolume. The new disk must be the same size or larger than the existing disks in the RAID set. After running this command, you should manually remove the old (orphaned, failed) member(s) with diskutil appleRAID remove. Ownership of the affected disk is required. diskutil repairMirror is a deprecated synonym for diskutil appleRAID repairMirror. add type newDevice raidVolume Add a new member or hot spare to an existing RAID set. Type can be either member or spare. New disks are added live, the RAID volume does not need to be unmounted. Mirrored volumes support adding both members and hot spares, concatenated volumes only support adding members. When adding to a mir- rored RAID set, the new disk must be the same size or larger than the existing disks in the RAID set. Adding a hot spare to a mirror will enable autore- building for that mirror. Adding a new member to a concatenated RAID set appends the member and expands the RAID volume. Ownership of the affected disk is required. diskutil addToRAID is a depre- cated synonym for diskutil appleRAID add. remove oldDevice raidVolume Remove a member or spare from an existing RAID set. Old disks are removed live; the RAID volume does not need to be unmounted. For missing devices, oldDevice must be the device's UUID. Online mirror members with a resizable file system will be con- verted to non-RAID volumes, spare and offline mem- bers will be marked free. For concatenated RAID sets, only the last member can be removed. For resizable file systems remove will first attempt to shrink the concatenated RAID set so that the file system fits on the remaining disks. Ownership of the affected disk is required. diskutil removeFromRAID is a deprecated synonym for diskutil appleRAID remove. enable mirror | concat device Convert a non-RAID disk partition containing a resizable file system (such as JHFS+) into an unpaired mirror or single disk concatenated RAID set. Disks that were originally partitioned on Mac OS X 10.2 Jaguar or earlier or were partitioned to be Mac OS 9 compatible may not be resizable. Own- ership of the affected disk is required. diskutil enableRAID is a deprecated synonym for diskutil appleRAID enable. update key value raidVolume Update the key value parameters of an existing RAID set. Valid keys are: o AutoRebuild - If true, the system attempts to rebuild degraded mirrored volumes automatically. When looking for devices for rebuild, AppleRAID first looks for hot spares and then degraded members. Use a value of "1" for true and "0" for false. o SetTimeout - Controls how long the system waits (in seconds) for a missing device before degrading a mirrored raid set. Also controls the amount of time you have to disconnect all devices from an unmounted mirror without degrading it. Ownership of the affected disk is required. diskutil updateRAID is a deprecated synonym for diskutil appleRAID update. coreStorage | cs coreStorageVerb [...] CoreStorage verbs can be used to create, manipulate and destroy CoreStorage volumes. CoreStorage maintains a world of virtual disks, somewhat like RAID, in which one can easily add or remove imported backing store disks, as well as exported usable volumes, to or from a pool (or several pools). This provides the user with flexibil- ity in allocating their hardware; user or operating system data can span multiple physical disks seamlessly, for example. Apple CoreStorage defines four types of objects, instances of which are uniquely represented by a UUID: o Logical Volume Group (LVG) o Physical Volume (PV) o Logical Volume Family (LVF) o Logical Volume (LV) The Logical Volume Group (LVG) is the top or "pool" level; zero or more may exist during any OS boot time session. An LVG imports one or more Physical Volumes (PVs). A PV repre- sents a device that feeds the LVG storage space; a PV is nor- mally real media but it can be a disk image or even an AppleRAID Set. A disk offered to be a PV must be a partition and the encompassing scheme must be GPT. An LVG exports zero or more Logical Volume Families (LVFs). An LVF contains properties which govern and bind together all of its descendant Logical Volumes (LVs). These properties provide settings for Full Disk Encryption (FDE) (such as whether the LVG is encrypted, which users have access, etc) and other ser- vices. A Logical Volume Family (LVF) exports one or more Logical Vol- umes (LVs). A Logical Volume (LV) exports a dev node, upon which a file system (such as Journaled HFS+) resides. For more information on specifying device arguments, see the DEVICES section below. CoreStorage is not a replacement for backing up your data. Backups should be always be performed on a regular basis and before modifying any CoreStorage volumes using these commands. The following is a list of coreStorage sub-verbs with their descriptions and individual arguments. list [-plist | UUID] Display a tree view of the CoreStorage world for all current logical volume groups (LVGs) with mem- ber disks (PVs) and exported volumes (LVFs and LVs), with properties and status for each level. If -plist is specified then a property list will be emitted instead of the formatted tree output; the UUIDs can be used with the diskutil coreStorage information verb to get properties for the object represented by that UUID. If UUID is specified then an attempt is made to list only that UUID (whatever type of CoreStorage object it may repre- sent). The -plist and UUID arguments may not both be specified. info | information [-plist] UUID | device Display properties of the CoreStorage object (LVG, PV, LVF, or LV) associated with the given CoreStor- age UUID or disk. convert device [-stdinpassphrase | -passphrase [passphrase]] Convert a regular Journaled HFS+ or Case-sensitive Journaled HFS+ volume (must be on a partition and within a GPT partitioning scheme) into a CoreStor- age logical volume. If -passphrase is specified, the on-disk bytes will be encrypted. You will be prompted for a new passphrase interactively, or you can specify the passphrase on the command line. Alternatively, if you specify -stdinpassphrase the standard input is read for the passphrase so that a program could execute diskutil and send the passphrase through a pipe without having to expose it as a command-line parameter. The volume must be resizable (the above types are) and also mounted. Conversion is done live and in- place; targeting the boot volume is supported; as much of the conversion as possible is done before an eject or reboot is necessary. After slightly shrinking the source volume to make room for CoreStorage data structures at the end, its partition type is changed to Apple_CoreStorage and it becomes a CoreStorage Physical Volume. A new CoreStorage Logical Volume Group is then cre- ated with this Physical Volume as the backing store, followed by the creation of a Logical Volume Family and Logical Volume pair. At this point, the new CoreStorage PV/LVG/LVF/LV stack is ready for use, although the "old" mount- point must first be unmounted; yet it might not be unmountable. This will occur if the target (now the PV) is the current boot volume. Just before exiting, diskutil coreStorage convert will try to unmount the target disk (which is now the "old" mount point and the new PV). If success- ful (target is not the boot disk), the volume now becomes mounted from the LV. If unsuccessful (tar- get is the boot disk), a reboot is necessary. At this point, if no encryption was specified, all is done. Otherwise, the bytes-on-disk will begin to be encrypted in-place by CoreStorage automatically "in the background" while the PV/LVG/LVF/LV stack continues to be usable. Encryption progress may be monitored with diskutil coreStorage list. When encryption is finished, a passphrase will be required the next time the LV is ejected and re- attached. If the LV is hosting the boot volume, this passphrase requirement will thus occur at the next reboot. Note that all on-disk data is not secured immedi- ately; it is a deliberate process of encrypting all on-disk bytes while the CoreStorage driver keeps publishing the (usable) LVG/LV. Ownership of the affected disk is required. revert device | lvUUID [-stdinpassphrase] | [-passphrase passphrase] | [-recoverykeychain file] Convert a CoreStorage logical volume back to its native type. The volume must have been created by means of conversion, e.g. with diskutil coreStorage convert. If the volume was not created with a passphrase, then simple ownership of the affected disk is required; otherwise, a passphrase must be supplied, either interactively or via one of the parameters. create | createLVG lvgName devices ... Create a CoreStorage logical volume group. The disks specified will become the (initial) set of physical volumes; more than one may be specified. You can specify partitions (which will be re-typed to be Apple_CoreStorage) or whole-disks (which will be partitioned as GPT and will contain an Apple_CoreStorage partition). The resulting LVG UUID can then be used with createVolume below. All existing data on the drive(s) will be lost. Owner- ship of the affected disk is required. delete | deleteLVG lvgUUID | lvgName Delete a CoreStorage logical volume group. All log- ical volume families with their logical volumes are removed, the logical volume group is destroyed, and the now-orphaned physical volumes are erased and partition-typed as Journaled HFS+. createVolume | createLV lvgUUID | lvgName type name size [-stdinpassphrase | -passphrase [passphrase]] Export a new logical volume family, with a new log- ical volume under it, out of a CoreStorage logical volume group. Type is the file system personality to initialize on the new logical volume. Valid types are Journaled HFS+ or Case-sensitive Jour- naled HFS+ or their aliases. Size is the amount of space to allocate from the parent LVG. It is given in the same manner as the triplet description for the partitionDisk verb, and you can also specify with % a percentage of the current size of the LVG. If -passphrase or -stdinpassphrase is specified, in the same manner as with diskutil coreStorage convert above, on-disk data will be stored in an encrypted form as the Logical Volume is filled; otherwise, the data will remain plain. deleteVolume | deleteLV lvUUID | device Remove an exported logical volume (and its logical volume family as appropriate) from a CoreStorage logical volume group. Any data on that logical vol- ume will be lost. This operation will thus result in an increase in free space in the logical volume group. It is assumed that the logical volume is used as a backing store for a file system; therefore, an unmount attempt is made which must suceeed before the removal of the logical volume is done. encryptVolume | encryptLV lvUUID | device [-stdinpassphrase] | [-passphrase passphrase] Begin a live background process of encrypting the on-disk backing bytes of an existing plain CoreStorage logical volume (LV). That is, the on-disk bytes that are backing the user data are all visited, read, and re-written in an encrypted form; this process can take a long time (minutes to hours). This process continues seamlessly across reboots. The logical volume remains usable at all times. When this command returns, the operation will be ongoing; you can check progress with diskutil coreStorage list. The entire logical volume family (LVF) is affected since all LVs in an LVF share the same encryption settings. Any new user data written while this background operation is in progress will be in encrypted form. Specifying -passphrase or -stdinpassphrase or interactively entering a passphrase is mandatory; you do so in the same manner as with diskutil coreStorage convert above. decryptVolume | decryptLV lvUUID | device [-stdinpassphrase] | [-passphrase passphrase] Begin a live background process of decrypting the on-disk backing bytes of an existing encrypted CoreStorage logical volume (LV). Bytes are read, decrypted, and written back to disk in plain form. The LV must be unlocked before beginning this oper- ation. Like as in diskutil coreStorage encryptVolume above, all on-disk bytes are visited and converted, the process is seamless across reboots, the logical volume remains usable at all times, the entire log- ical volume family (LVF) is affected, any new user data written will be in plain form, and the opera- tion will be ongoing when this command returns. Specifying -passphrase or -stdinpassphrase or interactively entering a passphrase is mandatory; you do so in the same manner as with diskutil coreStorage convert above. unlockVolume | unlockLV lvUUID [-stdinpassphrase] | [-passphrase passphrase] | [-recoverykeychain file] Unlock a logical volume and file system, causing it to be attached and mounted. Data is now accessible in plain form to the file system and applications; the on-physical-disk back- ing bytes remain in encrypted form. The locked state means that the CoreStorage driver has not been given authentication information (a passphrase) to interpret the encrypted bytes on disk and thus export a dev node. This verb unlocks a logical volume family (LVF) and its logical vol- umes (LVs) by providing that authentication; as the LVs thus appear as dev nodes, any file systems upon them are automatically mounted. To "re-lock" the volume, make it offline again by ejecting it, e.g. with diskutil eject. Credentials must be supplied. You must either enter a passphrase interactively, specify one of the -passphrase or -stdinpassphrase parameters in the same manner as with diskutil coreStorage convert above, or specify that a recovery keychain file be used. You can specify -recoverykeychain with a path to a keychain file. The keychain must be unlocked (see security (1)). changeVolumePassphrase | passwd lvUUID [-recoverykeychain file] [-oldpassphrase oldpassphrase] [-newpassphrase newpassphrase] [-stdinpassphrase] Change the passphrase of an existing encrypted vol- ume. It need not be unlocked nor mounted. The parameters, while variously optional, must be given in the above order. You must authenticate either via the -oldpassphrase parameter, via the -stdinpassphrase parameter (with newline or eof-terminated data given to stdin), or via an interactive prompt (if no parameters are given), in the same manner as diskutil coreStorage convert above. Alternatively, you can authenticate by specifying -recoverykeychain with a path to a keychain file. A new passphrase must be supplied, again via one of the three methods above (interactive, -newpassphrase, or -stdinpassphrase). If you are supplying both the old and new passphrases via stdin, they must be separated with a newline character.
A device parameter to any of the above commands (except where explicitly required otherwise) is usually any of the following: o The disk identifier (see below). Any entry of the form of disk*, e.g. disk1s9. o The device node entry containing the disk identifier. Any entry of the form of /dev/disk*, e.g. /dev/disk2. o The volume mount point. Any entry of the form of /Volumes/*, e.g. /Volumes/Untitled. o The Universally Unique Identifier or UUID. Any entry of the form of e.g. 11111111-2222-3333-4444-555555555555.
The disk identifier string variously identifies a device unit, a session upon that device, or a partition (slice) upon that session. It may take the form of diskU, diskUsS, diskUsQ, or diskUsQsS, where U, S, and Q are positive decimal integers (possibly multi-digit), and where: o U is the device unit. It may refer to hardware (e.g. a hard drive, optical drive, or memory card) or a "drive" constructed by software (e.g. an AppleRAID set or a disk image). o Q is the session and is only included for optical media; it refers to the number of times recording has taken place on the currently-inserted medium (disc). o S is the slice; it refers to a partition. Upon this partition, the raw data that underlies a user-visible file system is usu- ally present, but it may also contain specialized data for cer- tain 3rd-party database programs, or data required for the sys- tem software (e.g. EFI or booter partitions, or APM partition map data). Some units (e.g. floppy disks, RAID sets) contain file system data upon their "whole" device instead of containing a partitioning scheme with partitions. Note that the forms diskUsQ and diskUsS appear the same and must be dis- tinguished by context. For non-optical media, this two-part form identi- fies a slice upon which (file system) data is stored. For optical media, it identifies a session upon which a partitioning scheme (with its slices with file systems) is stored.
Wherever a size is supplied as an output, it is always presented as a base-ten approximation with one decimal digit and a base-ten SI multi- plier, often accompanied by a precise count in bytes. Scripts should refrain from parsing the normal output and use the -plist option instead. Wherever a size is to be supplied as an input, you can provide values in several different ways, some absolute and some context-sensitive. All suffixes described below are interpreted in a case-insensitive manner. The "B" is mandatory by itself but optional when combined with an SI or IEC multiplier. The most common way is to specify absolute values as a decimal number, possibly followed by a period and a decimal fraction, followed without whitespace with a suffix as follows: o B is bytes (not blocks) where the multiplier is 1. o K[B] is power of ten kilobytes where the multiplier is 1000 (1 x 10^3). o M[B] is power of ten megabytes where the multiplier is 1000000 (1 x 10^6). o G[B] is power of ten gigabytes where the multiplier is 1000000000 (1 x 10^9). o T[B] is power of ten terabytes where the multiplier is 1000000000000 (1 x 10^12). o P[B] is power of ten petabytes where the multiplier is 1000000000000000 (1 x 10^15). o E[B] is power of ten exabytes where the multiplier is 1000000000000000000 (1 x 10^18). You can also use the following suffixes: o S | UAM ("sectors") is 512-byte units (device-independent) where the multiplier is always 512. o DBS ("device block size") is the device-dependent native block size of the encompassing whole disk, if applicable, where the multiplier is often 512, but not always; indeed it might not be a power of two. o Ki[B] is power of two kibibytes where the multiplier is 1024 (1 x 2^10). o Mi[B] is power of two mebibytes where the multiplier is 1048576 (1 x 2^20). o Gi[B] is power of two gibibytes where the multiplier is 1073741824 (1 x 2^30). o Ti[B] is power of two tebibytes where the multiplier is 1099511627776 (1 x 2^40). o Pi[B] is power of two pebibytes where the multiplier is 1125899906842624 (1 x 2^50). o Ei[B] is power of two exbibytes where the multiplier is 1152921504606846976 (1 x 2^60). In certain contexts (such as when specifying partition triplets) you can provide a relative value as follows: o % (with a preceding number) is a percentage of the whole-disk size. o R (with no preceding number) specifies the remainder of the whole-disk size after all other triplets in the group are taken into account. It need not be in the last triplet. It must only appear in at most one triplet among all triplets. Note again that B refers to bytes and S and UAM refer to a constant mul- tiplier of 512; the latter are useful when working with tools such as gpt (8) or df (1). Note also that this multiplier is not a "block" size as actually implemented by the underlying device driver and/or hardware, nor is it an "allocation block", which is a file system's minimum unit of backing store usage, often formatting-option-dependent. Examples: 10G (10 gigabytes), 4.23tb (4.23 terabytes), 5M (5 megabytes), 4GiB (exactly 2^32 bytes), 25.4% (25.4 percent of whole disk size).
The format parameter for the erasing and partitioning verbs is the file system personality name. You can determine this name by looking in a file system bundle's /System/Library/Filesystems/<fs>.fs/Contents/Info.plist or by using the listFilesystems verb, which also lists shortcut aliases for common per- sonalities (these shortcuts are defined by diskutil for use with it only). Common examples include JHFS+, MS-DOS, etc.
Erase a disk diskutil eraseDisk JHFS+ Untitled disk3 Erase a volume diskutil eraseVolume HFS+ UntitledHFS /Volumes/SomeDisk Partition a disk with three partitions diskutil partitionDisk disk3 3 HFSX Name1 10G JHFS+ Name2 10G MS-DOS NAME3 10G Partition a disk with the APM partitioning scheme diskutil partitionDisk disk3 APM HFS+ vol1 25% Journaled\ HFS+ vol2 25% Journaled\ HFS+ vol3 50% Free\ Space volX 0% Partition a disk with the GPT partitioning scheme diskutil partitionDisk disk3 GPT HFS+ vol1 25% MS-DOS VOL2 25% HFS+ vol3 50% Free\ Space volX 0% Resize a volume and create a volume after it, using all remaining space diskutil resizeVolume /Volumes/SomeDisk 50g MS-DOS DOS 0b Resize a volume and leave all remaining space as unused diskutil resizeVolume /Volumes/SomeDisk 12g Merge two partitions into a new partition diskutil mergePartitions JHFS+ not disk1s3 disk1s5 Split a partition into three new ones diskutil splitPartition /Volumes/SomeDisk JHFS+ vol1 12g MS-DOS VOL2 8g JHFS+ vol3 0b Create a RAID diskutil createRAID mirror MirroredVolume JHFS+ disk1 disk2 Destroy a RAID diskutil destroyRAID /Volumes/MirroredVolume Repair a damaged RAID diskutil repairMirror /Volumes/MirroredVolume disk3 Convert volume into RAID volume diskutil enableRAID mirror /Volumes/ExistingVolume
authopen(1), hdid(8), hdiutil(1), ufs.util(8), msdos.util(8), hfs.util(8), drutil(1), diskarbitrationd(8), mount(8), umount(8), newfs_hfs(8), vsdbutil(8), fsck(8)
diskutil will exit with status 0 if successful or 1 if it cannot complete the requested operation; this includes cases in which usage text is printed. Before diskutil returns with status 1, it prints a message which might include an explanation local to diskutil, an error string from the DiskManagement or MediaKit frameworks, an underlying POSIX error, or some combination.
The eraseDisk and partitionDisk verbs had an option to add Mac OS 9 driv- ers (in partitions designated for that purpose); there was also a repairOS9Permissions verb. These have been removed. Starting with Mac OS X 10.6, the input and output notation of disk and partition sizes use power-of-10 suffixes. In the past this has been power-of-2, regardless of the suffix (e.g. G, Gi, GiB) used for display or accepted as input. Mac OS X 13 June 2013 Mac OS X
Mac OS X 10.9 - Generated Thu Oct 17 07:29:48 CDT 2013