wiki:WikiStart

Time Machine Vault

Abstract

SecurityAgent? plugin to mount an encrypted home directory in a way that Time Machine the integrated backup engine of OS X Leopard can do incremental backups. Subsequently the Galaxy frontend can be used to retrieve single files instead of whole home directories. Of course this is only useful if you have an encrypted Time Machine backup...

Introduction

The File Vault encrypted home directory provided by Mac OS X has several drawbacks. One of them is that Time Machine will not backup individual files but only the whole encrypted home directory (or changed bands in case of a sparse bundle). One consequence is that you can't use the UI to get older files back from a backup. You only may get back the whole home directory without the ability to look at the contents first.

Here Time Machine Vault steps in. It is a SecurityAgent? plugin designed to be called during login for mounting an encrypted disk image or bundle. This volume holds the home directory which is referenced by a relative symbolic link from /Users/. Time Machine will backup the contents of the encrypted volume and the symbolic link pointing to it. When the UI kicks in and you select the home directory for browsing the system will follow the link and you end up in the correct backup directory. This way even the selective restore function from Address Book does work as designed.

If not used as an encrypted home directory this disk image may still be used to hold private data with automatic mounting. The plugin is smart enough to check for the existence of a sparse bundle so if no encrypted volume is available nothing happens and the login process is as usual.

Installation

You need an account with administrative privileges to install the package and to create encrypted user directories.

Just start the installer and let it do it's job. The installer will ask you for your administrator privileges because some files will be installed in a directory below the 'System' directory of your installation.

A restart is necessary after installation so the new plugin is loaded.

Usage

Use 'tmVaultCntrl' to enable, disable or query the status of the agent. The option -h prints out the commands this utility understands.

Note:

Make sure the vault is activated before switching user home directories.

  1. Create a user account (if not already done). This account doesn't need administrative privileges.
  1. From the user account run 'createEncDisk' in a terminal window. This will create an encrypted sparse bundle owned by the user which will be automatically mounted as '<username-Private>'.
  1. Switch to an administrative account without unmounting the users encrypted disk. This can be done in a terminal window using the 'login' command.
  1. From the admin account run 'setupEncDisk'. This will copy the users home directory to the disk image and create the symbolic link.
  1. Logout the user and login again. Now the new encrypted volume should be in use.

Hint: It's best to do all this while being logged in as an administrator.

The user may just login in a terminal window to create the disk.

After you find everything is just fine you may delete the old user directory in '/Users' which was renamed to '/Users/_<username>' during step 4. For maximum privacy use secure delete.

To maximize privacy go to the settings of the private disk (Command-I) and deselect "Ignore ownership of this volume".

If something goes wrong

The script doesn't delete the users home directory after installing the files into the encrypted disk. So to recover just log into an admin account and delete the symbolic link in '/Users' and rename the old users directory from '_<username>' to '<username>'.

Known problems

  • Logging out as a user does not unmount the encrypted disk. Still the file permissions apply preventing others from tinkering with your files (if properly set...). Yes, this is kind of a security issue and may be rectified in a later release.
  • There is no compacting of your encrypted image yet. This means the size of your image file doesn't shrink even if you delete files in it.
  • You have to delete the old user directory by hand after creating the encrypted one. This is not a bug but done on purpose.

Credits

This application is based on EncFSVault a SecurityAgent? plugin for using EncFS encrypted directories as a home directory instead of File Vault.

The author of EncFSVault is Stephen Baker (baker (the dot) stephen (the strange a) gmail (another dot) com).

See http://www.chuckknowsbest.com/ikrypt/encfsvault.html and http://code.google.com/p/encfsvault/

License

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this application except in compliance with the License.
You may obtain a copy of the License at
 
     http://www.apache.org/licenses/LICENSE-2.0
 
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Getting the source

You need a Subversion client. 10.5 Leopard has it already installed so you are ready to go.

svn co http://svn.netlabs.org/repos/tmvault

This will get everything. Currently only sources in trunk are available.

Compiling

This is an XCode 3.0 based project. Make sure you have installed at least this release of XCode.

Running the Build command should do the job for you. You'll find all the parts of the application in the build directory.

There are several targets defined for building only parts of the project. If you want to create the distribuiton DMG select the target

Create DMG

and run Build.

Note: Building with XCode 3.1.3 seems to be broken atm.


Starting Points for Trac

For a complete list of local wiki pages, see TitleIndex.

Last modified 7 years ago Last modified on Nov 15, 2009, 4:12:22 PM