Hi, all.
Question is:
Is there correct way to replicate the bootable big sur apfs volumes.
My understanding is that Big sur introduces Signed System Volume. It has cryptography hashes of data and metadata in filesystem. Especially, a hash of metadata is called "seal", and we can see that via diskutil command.
I can replicate a apfs volume group that includes signed system volume and data volume, but a seal of replicated volume was broken and macos cannot boot from the volume.
Details are following.
I tried to make a replication of the system volume group using asr. The making replication is working successfully.
The ROSV is mounted a snapshot, so I specified it, like a following command.
However, the seal is broken.
Thanks a lot.
Question is:
Is there correct way to replicate the bootable big sur apfs volumes.
My understanding is that Big sur introduces Signed System Volume. It has cryptography hashes of data and metadata in filesystem. Especially, a hash of metadata is called "seal", and we can see that via diskutil command.
I can replicate a apfs volume group that includes signed system volume and data volume, but a seal of replicated volume was broken and macos cannot boot from the volume.
Details are following.
I tried to make a replication of the system volume group using asr. The making replication is working successfully.
The ROSV is mounted a snapshot, so I specified it, like a following command.
Code Block shell $ asr restore --source /dev/disk1 --toSnapshot ${snapshot_id} --target /dev/disk2 --erase
However, the seal is broken.
Code Block shell $ diskutil apfs list /dev/disk2 shunsukemie@zeit129000 /Volumes % diskutil apfs list disk1 | +-- Container disk2 ..... ==================================================== APFS Container Reference: disk2 ... +-> Volume ..... | --------------------------------------------------- | APFS Volume Disk (Role): disk2s2 (System) | Name: HD-System (Case-insensitive) | Mount Point: /Volumes/HD-System | Capacity Consumed: 16089018368 B (16.1 GB) | Sealed: Broken | FileVault: No (Encrypted at rest) ...
Thanks a lot.