Encrypting the home directory is recommended especially for notebooks.
Unfortunately, the encrypted sparse image used in Mac OS X tends to grow and
grow. The automatically used shrinking mechanism (I suppose it is "hdiutil
compact") doesn't reduce the size efficiently. So I tried the following
approach: I created a new sparse image, mounted the original home image and
copied over everything. By doing so I could reduce the size of my home sparse
image from 732 to 490 MB. Logging in now goes noticeably faster.
The procedure was tested using Mac OS X 10.4.2, and earlier in 10.3.x.
That's the way it works:
Log in as administrator. You need the terminal and some familiarity with the
command line, some time (roughly one hour, but no time pressure) and a clear head.
1) Create a new empty sparse disk image. This is going to be the shrunk image.
Replace the username with your user's username, the uid and gid with your user's
uid and gid respectively. You will be asked to provide a password. This _must_
be the user's login password. Make sure to uncheck the "remember..." checkbox.
hdiutil create -type SPARSE -fs HFS+ -encryption -volname username -uid 502 -gid
502 -autostretch /Users/Shared/shrink.sparseimage
2) Very important: Make a work copy to play around with. It serves as a backup, too.
sudo cp /Users/username/username.sparseimage /Volumes/A
3) Mount the two images
hdiutil attach -owners on /Users/Shared/shrink.sparseimage
hdiutil attach /Volumes/A/username.sparseimage
4) Copy the contents of the orignial to the shrink image. Be careful not to
mismatch the images: The first is the source, the second destination. Upon
mounting two images with the same volume name (not identical to the file name),
the second gets a number attached.
sudo ditto /Volumes/username /Volumes/username\ 1
5) Check if all files inside the new image have correct ownership:
sudo ls -l /Volumes/username
If not, this could be because you missed the "-owners on" flag in step 3). In
this case, get the finder info for the Volume and uncheck the "ignore ownership"
checkbox. Now run "sudo chown -R 502:502 /Volumes/username\ 1"
6) Unmount everything
hdiutil detach /Volumes/username
hdiutil detach /Volumes/username\ 1
7) Change owners and permissions on the image file itself. Replace 502 with your
user's uid, of course!
sudo chown 502:502 /Users/Shared/shrink.sparseimage
sudo chmod 744 /Users/Shared/shrink.sparseimage
8) ls -l should now look similar to this:
-rwxr--r-- 1 username username 513807612 Jul 20 14:55
/Users/Shared/shrink.sparseimage
9) Now copy the new over the old image. Be sure to have a backup! If you
followed these instructions, you should have one.
sudo cp /Users/Shared/shrink.sparseimage /Users/tinu/tinu.sparseimage
10) Check if everything works! Better log out all users before trying it out. If
it fails, the only thing to do will be to reset the computer...
Some additional hints on working with encrypted homes:
Be careful in saving things to the desktop. I make use of /Users/Shared for not
so important stuff, e.g. downloads from the internet.
Watch for swap files and directories inside your home! For example Gimp must be
configured not to use ~/.gimp-something as swap space.
Don't keep 50MB of internet cache. 10MB will work fine.
For a break, don't just put the machine to sleep. If it crashes, unsaved data is
likely to be lost. Log out frequently instead.
-(c) Martin Schwarz
| 
