hoakley December 16, 2021 Macs, Technology

Boot disk layout in macOS Monterey

The last few major releases of macOS have brought structural changes to the layout of boot disks, and M1 series Macs are quite different from Intel models. This article summarises the volume layouts used in Monterey 12.1. To review those of earlier versions of macOS, see this article.

Although the changes between Big Sur and Monterey may seem minor, they’re particularly significant in determining which Recovery volume is used, as explained here.

Throughout these diagrams, Unix-style identifiers are only examples of what you might see, and are flexible in use. For example, a Preboot volume shown here as having an identifier of disk7s3 could be anything from disk7s1 to disk7s7 instead, and when in the container disk3 would be anything from disk3s1 to disk3s7.

BootDiskStructureIntelMonty

Volume layout on Intel Macs hasn’t changed since Big Sur. There’s the traditional hidden EFI partition, and a single APFS container with the bootable system, consisting of:

the SSV, a mounted snapshot of the unmounted read-only System volume named Macintosh HD, which forms the root of the boot file system. The snapshot is named com.apple.os-update- followed by its UUID, and the volume (hence its snapshot) is typically about 15 GB in size;
the writable Data volume, by default on the internal disk named Macintosh HD – Data, which is normally hidden from view at /System/Volumes and accessed via firmlinks. On Intel Macs, this is given its full name;
Preboot, a small volume of around 714 MB;
Recovery, the Recovery Volume, of around 1.1 GB;
VM, containing virtual memory caches, which is upwards of 20 KB depending on use.

Note that the Seal on the unmounted read-only System volume is normally broken, but it’s the snapshot which is the important one: that should be sealed, unless you have broken its seal intentionally.

Apple’s terminology for the SSV isn’t entirely consistent. In APFS reference documentation, it’s used to refer to the Sealed System Volume, whereas in its Platform Security Guide it means the Signed System Volume, although the top-level hash is known as the Seal rather than the Signature. Maybe it’s just a Signed and Sealed System Volume after all.

BootDiskStructureM1Monty

The internal SSD in an M1 series Mac consists of three APFS containers, and lacks the legacy EFI partition. Only the Apple_APFS container is normally mounted, and that has a similar structure to the boot container of an Intel Mac, or that of an external bootable disk. There are two significant differences, though:

the Data volume isn’t named Macintosh HD – Data, as on an Intel Mac, but plain Data;
the Recovery volume is the primary Recovery system for that copy of macOS, and is supported by a catch-all or fallback Recovery system in the unmounted Apple_APFS_Recovery container, which is larger at 5.4 GB.

M1 Macs are distinct in having this fallback Recovery system which makes them more robust in the event of damage occurring to the boot container on their internal SSD.

BootDualDiskStructureIntelMonty

My final example layout shows a disk with a single APFS container containing two bootable macOS systems, typically on an external disk or the internal disk of an Intel Mac. Within the APFS container are two complete Volume Groups, but Preboot, Recovery and VM volumes are common to both systems. In M1 Macs, the Recovery volume there contains the primary Recovery system for both of the Volume Groups, with the Apple_APFS_Recovery container on the internal SSD as its fallback.

This demonstrates the economy of disk usage achieved by installing multiple copies of macOS in a single container. The disadvantages arise from the fact that all systems within that container share Preboot and Recovery volumes; when they’re derived from contrasting versions of macOS, that creates the potential for incompatibilities. Thus installing two copies of the same version of macOS in a single container is likely to be reliable; versions which are far apart could give rise to problems, and might be better in different containers, where they have their own Preboot and Recovery volumes.

20Comments

Add yours

1

Christian on December 16, 2021 at 10:46 am

Hi Howard,
I’m quite new to APFS: with HFS+, I’ve always deleted the recovery partition to reclaim space, as I rather use another maintenance partition of my own device. Can you do the same with APFS? (or at least empty it) Or will the OS detect it and becomes unbootable?
Thanks.

LikeLiked by 1 person
- 2
  
  hoakley on December 16, 2021 at 12:33 pm
  
  I really can’t think why anyone would want to destroy Recovery to reclaim 1 GB of disk space. It’s like taking the spare wheel out of your car in order to save weight.
  I have absolutely no idea whether that would work on an non-T2 Intel Mac, as I’ve never come across anyone who has done it before. However, it’s a seriously bad idea on a T2 Mac, and would probably render an M1 Mac unbootable.
  Howard.
  
  LikeLiked by 1 person
3

andynormancx on December 16, 2021 at 11:19 am

I think I’m beginning to miss the days of MSDOS 3.30, a MBR and a single FAT partition 😅

This stuff is getting dizzyingly complex to get your head around.

LikeLiked by 1 person
- 4
  
  hoakley on December 16, 2021 at 12:34 pm
  
  Oh you can still run MSDOS 3.30 etc. if you want. I’m not sure what you could actually do with that now, but you’re very welcome.
  Howard.
  
  LikeLike
5

andynormancx on December 16, 2021 at 2:54 pm

I ran DOS more recently than you might imagine…

Not that many years ago I stupidly took on a project to port some high propriety engineering simulation code to a more modern setup. Unfortunately it was written in QuickBasic and no one knew how it worked.

So I spent many painful hours debugging it in QuickBasic to find out how it all functioned. No classes of course so all the data structures were arrays simulating objects with properties. All modelling a bunch of engineering calculations that I didn’t understand and the engineers engaging me could seem to help with.

Despite a lot of work over months my port to C# turned out to total failure. To this day it is the only project I’ve ever failed to deliver.

I was of course running it in DOSBox on the Mac.

LikeLiked by 1 person
- 6
  
  hoakley on December 16, 2021 at 4:39 pm
  
  I’m sorry but unsurprised. What I find saddest across many industries is how reluctant most are to invest in software, leaving legacy systems running long after they should have been replaced, then discovering the cost of porting and reworking them after so many years.
  Howard.
  
  LikeLike
  - 7
    
    Tainsha Binnez on January 27, 2022 at 8:52 pm
    
    If you’ve ever asked a Costco employee to check stock on an item (I did yesterday and they were out of Sabra Hummus for the first time in 20 years), it looks like their inventory system is running on DOS software.
    
    I may be wrong but if not, I can’t believe they haven’t updated. OTOH, maybe it’s because it’s working perfectly and these days, there isn’t much that does. I’m looking at you, Monterey.
    
    LikeLiked by 1 person
    - 8
      
      hoakley on January 27, 2022 at 10:46 pm
      
      Thank you.
      With the exception of the remaining memory leak and minor bugs, 12.2 is looking good on all my Macs.
      Howard.
      
      LikeLike
9

David C. on December 16, 2021 at 3:36 pm

Thanks for the article. One interesting question:

When two copies of macOS share a single APFS container, they have separate Data volumes. Which makes perfect sense, because lots of macOS’s bundled applications (e.g. Safari) are stored there. But you may well want to share a common set of home directories between the installations, so you can access your documents from either OS.

I’m thinking that the best way to do this would be to create a new volume in the APFS container (or on separate storage, if you prefer) to hold home directories. Then configure each user to use that location for its home.

The only problem I see with this is that the two platforms would end up sharing Library directories, which may have OS-specific content. So maybe it would be better to only use the common volume to hold specific user-visible directories (e.g. Documents, Music, Pictures, etc.) and not the entire home directory.

And then there is the issue of sharing applications. While you want Apple’s apps to be OS-specific, you would probably want apps you install yourself to be shared. For example, if I do a drag-drop install of Firefox, it will be the same application for both, so I’d like one installation to be shared.

I assume that the best way to do this would be to create an Applications folder on that shared volume (where I proposed putting home directory content) and then add a symbolic link from /Applications to it on each OS’s installation. Hopefully, that would be enough for macOS to discover the apps and present them in Launchpad (and for file association purposes).

Or do you think attempting this would ultimately lead to massive breakage and maintenance nightmares?

LikeLiked by 1 person
- 10
  
  Duncan on December 16, 2021 at 4:12 pm
  
  I end up installing a number of apps outside the main ‘Applications’ folder, such as a user-specific app that no other account has any need to run. I wish apps were consistently self-contained (some are, and others, such as Adobe’s, smear their support files all over the hard disk at installation), but understandably large libraries should live outside the app itself. The more complex or ambitious the app, the more problems it poses for keeping things clean.
  
  In the old NeXT days there were separate folders for various apps, starting with NeXTapps – the OS-bundled apps – and then ‘LocalApps’, which an individual or system administrator might install. This split things up and probably caused some user confusion, but the basic framework provided a means of keeping the various apps separate in the case of split file systems or network-mounted directories.
  
  For better or worse, MacOS, which inherited some but not all behavior from NeXT, standardized on a single system-wide Applications folder which some software developers hardwired their installers for. The atomic ‘drag-able’ apps seem to run fine wherever they’re put, but you can’t predict which others will or won’t break if they’re not in the default Applications folder.
  
  I personally maintain a private ‘~/Applications – ‘ folder in my own home directory for my personal apps that no one else would use, and then in some cases install apps in a ‘/Shared/Shared Apps’ folder if for some reason I don’t want them cluttering up the main /Applications folder. I know this is unorthodox and I’m not sure what I’d do if I wanted to maintain multiple boot disks for regular use, but the point is you can use some flexibility if the apps and their support files allow, to suit your particular needs. It probably requires some experimenting, however.
  
  LikeLiked by 2 people
  - 11
    
    hoakley on December 16, 2021 at 5:01 pm
    
    You should avoid installing many apps outside the standard Applications folders, such as /Applications and ~/Applications. This is because, for some features, they’re only recognised when they’re in standard folders. That can be true of things like Help books (which are enough of a problem in 11 and 12), and some special-purpose code, perhaps including embedded system extensions (I suspect).
    Howard.
    
    LikeLiked by 1 person
- 12
  
  hoakley on December 16, 2021 at 4:48 pm
  
  Thank you.
  You can try it, but I think you’ll run into all sorts of problems.
  One of the most critical factors is how far apart the versions of macOS are. Where the single container solution works best is both systems running the same version of macOS, so that one can be used for ‘work’ and the other for ‘home’, for instance.
  It’s very useful for developers and system admins to be able to boot more than one version of macOS, e.g. 11.6.2 and 12.1, for testing purposes. Although Apple recommends putting multiple macOS versions into a single container, I prefer to segregate different major versions (at least) into separate containers, to keep them well apart.
  There’s a far simpler and less formal solution: a regular APFS volume in the container in which you store common documents. Let ~/Library be separate, and both /Applications and ~/Applications, but make the documents common to both, and linked from each ~/Documents.
  Howard.
  
  LikeLiked by 1 person
13

Duncan on December 16, 2021 at 3:52 pm

Howard, thank you for continuing to explain all this. I’d like to ask your advice on something, however.

I keep a variety of older Macs around for single-purpose legacy applications (nothing Internet-related), and recently downloaded every installer version of Mac OS from Lion onward, just to keep them current. Having done that, I aspired to create One Diagnostic Boot Disk To Rule Them All on a separate SSD, starting with Snow Leopard (installed from DVD) to Monterey, each OS version in their own partition.

In theory, any Mac using this disk would present just the OS versions it is capable of running, via the Startup Disk preference (or Option key at boot), but I quickly realized that the APFS-versions didn’t play well with HFS partitions, so I split it up into two physical drives (SSDs), one formatted as HFS and the other as APFS. So Mac OS versions 10.6 through 10.12 were installed on seven separate HFS partitions on one SSD, and then 10.13 through 12.x (Monterey) were installed on five separate APFS containers on the second SSD. (I don’t intend to add any additional OS versions to the APFS SSD.)

Actually, I’m only partway through this exercise (other priorities intervene) and while I created five containers on the APFS SSD I haven’t actually installed anything yet. It’s currently sitting there empty.

Do you think this is a workable idea (for the sake of having separate bootable SSDs for diagnostic purposes), and if so, do you have any recommendations for installing Mac OS versions on the APFS-formatted SSD, taking into account the varieties of recovery partitions that you’ve described?

My goal, such as it is, is to be able to boot a potentially ailing machine from a separate, clean drive, freeing up the internal drive in its entirety for any reformatting or reinstallation as a last resort.

LikeLiked by 1 person
- 14
  
  hoakley on December 16, 2021 at 4:56 pm
  
  I think this runs into a single-word problem: APFS.
  The versions of APFS used by 10.13, .14, .15, 11 and 12 are all different. Anything before 11 can’t understand the structures in 11 and 12. Although this is lessened by using separate containers, you’ve still got the problem that (e.g.) 10.14 will try to mount the containers and volumes in 11 and 12, and run into trouble doing so.
  Ordinarily, you could probably live with that. But in an emergency, that could really be a nuisance. It also doesn’t work at all well when you get to T2 Macs, which by default won’t boot at all from an external disk, and M1 Macs which will but handle Recovery in these rather complex ways, and for which an external boot disk isn’t actually a useful approach anyway.
  Howard.
  
  LikeLike
  - 15
    
    Duncan on December 16, 2021 at 5:35 pm
    
    Thanks for your reply. I feared that things were more complex in the APFS world than I first thought, and it sounds like trying to combine multiple OS versions on a single SSD, even if in separate containers, is fraught with complications.
    
    At this point I’ll try it anyway, if just as a learning experience. The SSD was practically free so I’m not tying up valuable resources here.
    
    LikeLiked by 1 person
    - 16
      
      hoakley on December 16, 2021 at 6:31 pm
      
      I’ve got 11.4, 11.5.2 and 12.0.1 on the same SSD, with the first two sharing a container, and the third in its own container. But I only have two different versions of Recovery available between them: 12.0.1 and 12.1.
      I wish you success – you may well get it to work. I hope you do, but if you have low expectations to start with, any success will be welcome. I learned that from my first Senior Registrar when I was a junior doctor – he got me to gloom up every patient and their relatives, then when the surgery worked out well, everyone was delighted.
      Howard.
      
      LikeLike
    - 17
      
      Duncan on December 16, 2021 at 7:45 pm
      
      “…he got me to gloom up every patient”
      
      I hope that wasn’t taken to extremes in the OR. “Well, this guy is already dead as far as I’m concerned, so I’m not going to bother sterilizing anything.”
      
      LikeLiked by 1 person
    - 18
      
      hoakley on December 16, 2021 at 9:13 pm
      
      Haha!
      Not in neurosurgery, only in expectations. Pat someone on the back and tell them that they’ll be fine, and they get really upset when things don’t work out so well. You’ve also failed to fully inform the patient of the risks, so obtaining their consent without giving them an accurate picture.
      Howard.
      
      LikeLike
19

SMC on December 18, 2021 at 9:03 pm

A doctor friend of mine told me one of the first lessons he was taught while seeing patients was never to say “Oops…” when things went awry, but rather “There….” in soothing tones.

LikeLiked by 1 person
- 20
  
  hoakley on December 18, 2021 at 11:25 pm
  
  Ouch!
  I’ve always believed in honesty and openness with patients, colleagues, everyone. There are very seldom any reasons for anything else. If you get something wrong, don’t cover up, but explain and apologise. And if you can’t do better next time, ask a colleague to do it, or to supervise you.
  Howard.
  
  LikeLike