For my future deployments, i’ve decided to partition my managed Macs HD’s with 33% for the OS (which i’ve kept as being called Macintosh HD) & the remaining 67% as User data (which i’ve labelled Users HD).
To do this i’ve been using fstab to mount the “Users HD” partition to /Users. Below is how i achieve this, hope it helps.
At imaging I deploy a file located here /private/etc/fstab, with the below contents..
LABEL=Users\040HD /Users hfs rw
This file has root:admin 755 permissions applied & is installed @ imaging to the target drive.
On 1st boot, when Casper creates it management account.. it creates the home folder under /Users which is now the “Users HD” partition.
So this is seemingly working, except when you connect another drive with the a partition also called “Users HD” as this will now be mounted as /Users as well as you local “Users HD” partition. Not cool.
So to get around this, we can change the contents of the stab file we deployed to mount the “Users HD” via it’s Universally Unique Identifier (READ: UUID).
If you run the below script as part of your post-imaging First Run, your “Users HD” partition should now be mounted to /Users using the volumes UUID which will then get over the issue outlined above.
Obviously you’ll need to amend to suit your environments needs, oh & test, test, test!!
Hey..tried using this method because putting /Users on its own partition is a good idea and I wanna deploy it. However, I can’t get your instructions to work. On 10.8.4/5, the file is fstab.hd. I edited that in terminal to only include the line you have above and saved it as fstab, made it a package in composer and put it as part of the image.
I made the partition in the configuration in casper admin (Users HD) but the /Users directory is still writing to Macintosh HD instead. What do you think?
Hi Chris,
Looks like a type crept into the above. Try:
LABEL=Users40HD /Users hfs rw
Also, make sure you’re editing /etc/fstab & not /etc/fstab.hd
Thanks for your reply. I’ll try that. Also, at least for me, fstab.hd was the only file there on a 10.8.5 machine but after editing, I saved it as fstab. I’ll let you know if that works. Thanks again.
So I put the new line in but no luck. Would it be because originally it was a fstab.hd file, in which I changed the name to just fstab. There was no file with just the “fstab” name and within the “fstab.hd” file it said, “don’t modify, this file is going away, please do not touch” which seems it was from Apple. Maybe it’s a 10.8.5 thing? What do you think?
Works fine for me on 10.8.5. Can you replace the fstab.hd file then try?
Also, can you post here what’s in your FSTAB file & the output of: diskutil –list?
So this time, since only fstab.hd is there, I created fstab first in terminal and then wrote your values above and packaged it in composer. So my fstab contains what you wrote above:
LABEL=Users40HD /Users hfs rw
Here is the output for diskutil:
/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *500.3 GB disk0
1: EFI 209.7 MB disk0s1
2: Apple_HFS Macintosh HD 48.6 GB disk0s2
3: Apple_Boot Recovery HD 1.0 GB disk0s3
4: Apple_HFS Users HD 450.2 GB disk0s4
I’m making the Users HD partition through my configuration in casper admin. Still no dice ha. What do you think? Thanks for all your help by the way. Really appreciate it.
Sorry Chris.. another typo.. (good thing you’re checking!).. Amended in post with what we’re using & the line is below.. Really sorry about messing you around like this.
Maybe I’m blind…but I don’t see the difference? ha. What was mistyped?
Oh there it is! haha. Thanks I’ll try and let you know!
The above is still wrong.. damn WordPress formatting.. check the image in the post
Thanks I appreciate it. Is it ok to edit fstab with nano or should I use vi, or it doesn’t matter?
In the post I used something different altogether, so go for it!
That worked! Thanks man. I really appreciate your help and effort. If you ever wanna shoot a casper/JSS problem/issue/whatever at me, please feel free. Have a good weekend!
Will do fella. Your on JAMFNation right? I’m all over that too!
I am. I saw you around at the JNUC but didn’t get a chance to stop and chat. My name is perrycj on JAMF Nation and that’s where I found the link to your site. Thanks again.
Cool. Glad it helped (protractedly anyways).
Already have another question ha. So the main reason to do this (in my eyes) is that if you have to reimage a mac because of the OS problems/corruption/whatever…the users data is safe on the User HD.
So i tested it out and reimaged the mac but only reimaging the Macintosh HD partition. And that works…sorta haha. So because I make the Recovery HD and Users HD partition in casper admin and in the configuration, if I don’t re-partition the drive, upon reimaging Macintosh HD..the recovery partition goes away. So then Users HD doesn’t mount since it’s now Disk0s3 instead of Disk0s4. The data is all still there but it doesn’t mount. If I do mount as Disk0s3, the /Users folder goes back to Users HD.
So I guess my question is, how have you gotten past this? Sorry for the long post.
Hmmm…
Does the script @ the end give the correct UUID post rebuild?
Well to be honest, I didn’t run the script because I thought that was only to prevent the double “Users HD” problem? Did I need to run it anyway? I highly highly doubt any of my users will have external named Users HD, so that’s why I didn’t run it ha. But should it be ran regardless?
Tbh, I’ve not had the disk identifier issue as I think I’ve been pointing to the UUID.
I’m not really sure how the identifier should change the mounting as the FSTAB should be calling it by name.
well that goes back to my original question. What do you do in case of re-image? I assume you only re-image the Macintosh HD part? How do you ensure the Users HD stays disk0s4, like it is in fstab?
Or actually, are you suggesting that by running the script, it will then mount it by UUID instead of disk0s3, disk0s4, disk0s5? etc? Lots of questions haha. Again, your responses are appreciated.
Ah gotcha.
Yep we only re-image the Macintosh HD.
Lay the FSTAB file @ the top of the post.
Then as part of our post image first run script we run the script @ the bottom of the post to re-write the FSTAB using the UUID.
Makes sense! I’ll try the script on Monday and let you know. Thanks again.
If they are AD accounts, try this post imaging too: https://macmule.com/2013/02/18/correct-ad-users-home-mobile-home-folder-permissions/
Hello,
I am looking to try out this deployment method in the near future and wanted to know how well this works with File Vault 2, AD and re-imaging?
I’ve had problems in the past but wanted to know how well the authentication works once you re-image an encrypted machine.
Hi Si,
Sadly it doesn’t work with FV2, as it encrypts the OS partition.. have a nose through some of the posts on to find out more about FV2.
But, in regards to AD & re-imaging.. I have a post showing a script that corrects the home folder permissions post re-image:
Hey mate, I found this interesting and would like to try it. I’ve used this concept in the past, but replaced the Users folder with a symlink to a Users folder on the second partition. Or you could even symlink to the second partition which is called Users. Do you see any reason why this method might be worse, better or no different? It’s been a while since i’ve been able to use this method. Cheers for your thoughts!
Hi Dave,
I’ve seen reports of the Symlink breaking, & I don’t think Casper behaves nicely when using FEU’s & symlinks.