OS X 10.11.1 (15B42): fdesetup defer's –dontaskatlogout flag not working properly; FileVault prompts for enablement at logout
| Originator: | rtrouton | ||
| Number: | rdar://23348289 | Date Originated: | 01-Nov-2015 02:58 PM |
| Status: | Open | Resolved: | |
| Product: | OS X | Product Version: | OS X 10.11.1 (15B42) |
| Classification: | Serious Bug | Reproducible: | Always |
Summary: When using fdesetup to enable FileVault 2 encryption, one of the options available is to set up a deferred enablement of FileVault 2 with the following behavior: A. The user is required to enable FileVault 2 at login B. The user is not prompted to enable FileVault 2 at logout Steps to Reproduce: 1. Run the following command with root privileges: fdesetup enable -defer /path/to/filename.plist -forceatlogin 0 –dontaskatlogout (see screenshot in the attached Archive.zip file. 2. Restart the Mac Expected Results: Only be prompted to enable FileVault 2 at the OS login window Actual Results: I was prompted to enable FileVault 2 when the OS logged out my account as part of preparing for a restart (see screenshot in the attached Archive.zip file.) Regression: Notes: Reproduced issue in VMware VMs running OS X 10.11.1, build 15B42.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!