Disable FileVault2 volumes unlock auto prompt
by Antoine - categories : OS Apple
A common reflex to prevent a given partition from being mounted automatically at boot is to edit /etc/fstab. The problem is, in case of a FileVault 2 encrypted volume under OS X Lion 10.7 or above, the fstab becomes pointless since this kind of volume is managed by CoreStorage.
Introduced with the v2 of FileVault under Lion, CoreStorage's the volume manager from Apple, prerequisite since FV2 now allows to encrypt a full partition or drive, and not only a single file as before. CoreStorage operates as a transparent virtual layer between the physical drives and the file system.
My concern is about discretion : if one have a drive permanently wired to the computer, the system will always ask for the key (password) in order to unlock it. Not really discreet. The solution is to edit the CoreStorage's property list (plist) file...
sudo nano /usr/libexec/corestoraged/com.apple.corestorage.corestoraged.plist
...and to comment the "LaunchEvents" part. The file should look like :
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.apple.corestorage.corestoraged</string> <key>ProgramArguments</key> <array> <string>/usr/libexec/corestoraged</string> </array> <span class="highlight"> <!--</span> <key>LaunchEvents</key> <dict> <key>com.apple.iokit.matching</key> <dict> <key>CoreStorage-Published</key> <dict> <key>IOProviderClass</key> <string>CoreStorageGroup</string> </dict> </dict> </dict> <span class="highlight"> --></span> </dict> </plist>