Bootable drive cannot be found after restarting Mac with connected external devices that are protected by OS X FileVault.

Article:TECH185289  |  Created: 2012-03-29  |  Updated: 2013-03-06  |  Article URL http://www.symantec.com/docs/TECH185289
Article Type
Technical Solution

Product(s)

Issue



After connecting an external hard drive that is protected by OS X FileVault to a Mac whose boot drive is encrypted with PGP WDE, the PGP Desktop application stops responding.  The WDE driver is being disabled due to known compatibility issues with PGP WDE and OS X FileVault.  If the external disk remains plugged in and you reboot the Mac, you will get the an error during the next bootup.

 


Error



A slashed "0" sign (circle with a line through it) or "null" symbol will be displayed once the system reboots with the external drive protected by FileVault still connected

 


Environment



Any supported computer with OS X 10.7.x or above.

PGP Whole Disk Encryption 10.2 through Symantec Drive Encryption (formerly known as PGP Whole Disk Encryption)version 10.3.0 (Build 8741).

 


Solution



This issue has been resolved in Symantec Drive Encryption 10.3.0 MP1 (build 9060) and above.  Using a FileVault-Encrypted external drive will no longer cause a Mac system to become unbootable, and will not display the "null" symbol any longer.

 

If upgrading to Symantec Drive Encryption is not immediately possible, the following are known cases and workarounds:

 

 

Case 1: You have a Mac whose boot disk is currently encrypted using PGP WDE. You insert an external disk protected by FileVault.  Some reports have been made that ejecting the external disk may allow proper booting, however in recent builds of PGP Whole Disk 10.2.1 software, this does not always work.  If the system is Whole Disk Encrypted, and an External Drive has been connected to the system, run the following command:

ls -aln /System/Library/Extensions/PGPwde.kext

 If the return is "No such file or directory", then rebooting the system at any point will most likely result in the system not being bootable.

This scenario also applies to using Time Machine backups that have been encrypted with FileVault.  If the Time Machine backup has been encrypted and the Mac system has been encrypted with PGP Whole Disk Encryption, do not plug in the external drive.

If the system will not boot after connecting one of these FileVault-encrypted external drives, decrypting the Boot drive with a PGP Whole Disk Encryption recovery CD, or decrypting the disk using Target Disk Mode will allow proper booting of the system.

 

Case 2: You have a Mac whose boot disk is NOT currently encrypted using PGP WDE.  You insert an external disk protected by FileVault.  After ejecting the external disk, the WDE functionality is not automatically re-enabled.  To restore WDE functionality using the Terminal, run the following commands:

Open Terminal.
$ sudo su -
<enter user's password>
# mv /Library/Application\ Support/PGP/PGPwde.kext
/System/Library/Extensions/PGPwde.kext
# touch /System/Library/Extensions
# kextcache -v -u /
# exit

 

In versions of PGP Whole Disk Encryption 10.2.1 MP4 and above, this does not seem to be a problem and the PGP WDE drivers will continue to be enabled until an external drive that is plugged in, at which time, the PGPwde.kext will not exist in that directory as it has been unloaded.  If this is the case, decrypting the boot drive should allow for proper booting.

 

Case 3:  You have a Mac whose boot disk is NOT currently encrypted using PGP WDE. You insert an external disk protected by FileVault. After ejecting the external disk, the WDE functionality is not automatically re-enabled. To restore WDE functionality WITHOUT using the Terminal, you must reinstall PGP Desktop.  You do not need to uninstall the current installation first.

 This does not seem to be an issue with PGP Whole Disk Encryption 10.2.1 MP4 and above.  Using a FileVault-encrypted External Drive should continue to function, as well as the PGP Whole Disk Encryption functionality, however using PGP Whole Disk Encryption will cause the system to not boot.

 

Case 4: You have a Mac whose boot disk is currently encrypted using PGP WDE. You insert an external disk protected by FileVault.  You reboot with the external drive still connected, not having ejected the disk from the system. 

For users who have encountered this issue, the following instructions describe how to recover access to their machines.
For machines with Firewire ports, the following steps allow recovery of the machine without loss of data or re imaging:
1. You will need a second Lion host system to connect to the affected machine and repair its disk using target disk mode. Turn off the affected system. Connect the Firewire cable between this system and the second system.
Now press and hold the 'T' key on the keyboard on the affected system as you press the power button. Continue to hold the T key until you see the Target Mode icon on the screen. On the other system you should see a prompt asking you to authenticate to the drive. Enter the password for your user on the target system. Now determine the name of the mounted volume. You can see this by the icon that appears on your Desktop or by looking in Finder.

2. Open Terminal. At the prompt type:
$ sudo chroot /Volumes/<name of the mounted disk>

For example "sudo chroot /Volumes/Macintosh\ HD". Because of the chroot command all of the following commands affect the mount volume and _NOT_ your host system. Do not skip this step!

3. Type the following:
# cd /System/Library/Extensions
# mv PGPwde.kext /Users/Shared/
# cd /System/Library/Caches/com.apple.bootstamps/ (<tab> (press the tab key, then enter)
# pwd

You should now be in a directory named as follows:
/System/Library/Caches/com.apple.bootstamps/D7887679-6DFD-3C78-8846-0360E6DD2CC1

# rm \:System\:Library\:Caches\:com.apple.kext.caches\:Startup\:kernelcache
# cd /System/Library/Caches/com.apple.kext.caches/Startup
# rm kernelcache
# exit

If the above workaround to remove boot cache files as does not help, and the PGPwde.kext is not found in the location specified, using Target Disk Mode or using a Whole Disk Recovery CD to fully decrypt the system will allow proper booting of the drive.  Although this operation is not convenient, it will allow access into the system.

 


Supplemental Materials

SourceETrack
Value2731438


Article URL http://www.symantec.com/docs/TECH185289


Terms of use for this information are found in Legal Notices