Disk Utility Tool (Mac OS X )
Command line Utility to manage local disks and volumes.Options which make changes require ownership or root and most are DESTRUCTIVE!
Most users use Disk Utility to erase a disk or hard drive. But some Mac users might need to erase them from the command line on Mac OS. To do that, the only thing you need is a bit of precise syntax to make sure that you are erasing the proper disk. Here I'll show you how you can erase and format a. Diskutil repairMirror is a deprecated synonym for diskutil appleRAID repairMirror. Add type newDevice raidVolume Add a new member or hot spare to an existing RAID set. Type can be either member or spare.
Manipulates the volume-level structure of local disks.
Provides information about, and allows the administration of, thepartitioning scheme of disks, optical discs, and RAID sets.
diskutil <verb> <options>
- list partitions APFS
- information
- monitor activity
- disk
- repair verify
- mountDisk / unmountDisk all mountable volumes
- verifyDisk repairDisk
- eject
- erase zero secureEraseeraseOptical randomDisk (writing random data to the media)secureErase
- partitionDisk removing all volumes
- partition:
- split
- merge
- delete partition (not available!)
- volume : resize rename repair erase reformat
- verifyVolume
- repairVolume
- eraseVolume
- newVolume :format unallocated space as FAT32, then erase (which creates new!)
- enableJournal/disableJournal/moveJournal HFS+
- enableOwnership/ disableOwnership
- RAID
- createRAID
- enableRAID Convert a disk to a degraded RAID mirror set
- convertRAID Convert a RAID 1.x pre-Tiger to a RAID 2.x Tiger
- updateRAID Update settings
- addToRAID Add a spare or member disk
- removeFromRAID Remove a spare or member disk
- checkRAID
- repairMirror Repair damaged set
- destroyRAID
diskutil verb
provides help
vol
reference
- disk identifier
disk*
, e.g.disk1s9.
- device node entry containing the disk identifier. disk*, e.g.
/dev/disk2s0.
- volume mount point. /Volumes/*, e.g.
/Volumes/Untitled.
- Universally Unique Identifier or UUID. e.g.
85D67001-D93E-3687-A1C2-79D677F0C2E0
Disk Identifier
Device unit, session on that device, or a partition (slice) .Form : diskU, diskUsS, diskUsQ, or diskUsQsS, where U, S, and Q
are decimal integers .
U
is the device unit. It may refer to hardware (e.g. a hard drive, optical drive, or memory card) or a 'drive' constructed by software (For Example: an AppleRAID set or a disk image).S
slice; aka partition. The area that contains a file system .
It may contain specialized data for database programs, or data required for thesystem software (e.g. EFI or booter partitions, or APM partition map data).Q
session for optical media; (number of times recording has taken place).
The forms for optical session and partition are the same and are distinguished by context.
Some units (e.g. floppy disks, RAID sets) contain filesystem data upon their 'whole' device instead of containing a partitioning schemewith partitions.
The top-to-botom appearance of partitions shows the on-disk ordering.
Disk identifiers need not appear in slice-numerical order.
list [-plist ] diskU | i.e. virtual --> |
info | †--> |
activity | Continuously display system-wide disk manipulation activity as reported by the Disk Arbitration framework,Coming on-line, being ejected, volumes being mounted or unmounted, volumes being renamed, etc. until interrupted with a int signal (^C).For debugging such as the monitoring of applications dissenting (attempting to deny) activitiesfor disks for which they have registered an interest, use the logging features of the diskarbitrationd |
mount [readOnly] | Mount a single volume. vol_mt_pt rather than the standard path of /Volumes/VolumeName ,directory at that path must already exist. |
mountDisk disku | Mount all mountable volumes. |
umount [force] vol | force may break open files; see umount. |
| |
eject disku | Media becomes offline . Removable media will eject or become eligible for safe manual removal. |
verifyDisk disku | Partition Table, EFI integriey, Core Storage Physical Volumes and space for boot loaders. |
repairDisk disku | |
verifyVolume vol | file System of a volume (e.g. fsck). |
repairVolume vol | Repair the data structure of a volume (e.g. fsck). Example: |
| Volume names are subject to file system-specific alphabet and length restrictions.Must be mounted |
enableJournal vol | on an HFS+ volume. |
disableJournal [force] vol | On an HFS+ volume, Volume need not be mountedForce : journaling is disabled directly on disk, the volume must not be mounted. |
| external causes the creation of a 512MB Apple_Journal partition out of journalDevice and an HFS+ partition will be created out of the remaining space if available; journalDevice must be a partition. The journal for device will then be moved externally onto the newly created Apple_Journal partition.
|
enableOwnership vol | The Database at /var/db/volinfo.database is modified as perUser and Group ID settings of files, directories, and links (file system objects, or 'FSOs')For some locations of devices (e.g. internal hard disks), consideration of ownership settings on FSOs is the default.
Enable ownership where a disk contains FSOs whose User and Group, and permissions, is critically important, such as when the plug-in disk contains system files to be changed or added . Settings are persistent See vsdbutil . |
disableOwnership device | |
verifyPermissions [-plist] vol | Verify the permissions of boot volume, written during the installation . Deprecated as of El Captian |
| Show personalities available for formating when using the eraseVolume and partitioning verbs. This is a subset of personalities exported by the various filesystem bundles installed. Also shown are some shortcut aliases for common personalities. -plist output is in xml. File Systems formats |
eraseVolume format name vol | and write out an empty filesystem. See Format. Use %noformat% to skip initialization (to skip newfs). A format of Free Space will cause removal of the partition from the partition table.The boot volume cannot be erased. |
Operations modifying the entire disk (which may result in disaster).Did you back up the partition table? See gdisk | |
partitionDisk diskU [numberOfPartitions] | Re-partition a disk. All volumes on this disk will be destroyed. The device parameter specifies that a whole disk is to be partitioned. The optional PTformat forces a particular Partitioning Table Format
File System blocksize will be 4,096. This will cause the average unused space per file to be 4,096 (i.e. 1/2 block). When determing size: |
resizeVolume vol | Only supported on GPT partition tables with a Journaled HFS+ volume filesystem . A Valid When decreasing size, optionally supply a list of new partitions to create. Example: When decreasing the size, new partitions may optionally be created to fill the newly-freed space. Resizing a volume that is currently set as the computer's startup disk will invalidate that setting; use the Startup DiskSystem Preferences panel or bless to reset the resized volume as the startup disk. |
splitPartition vol | Destructively split a volume into multiple partitions. |
mergePartitions [force] format name fromDevice toDevice | Merge two or more partitions on a disk. All data on merged partitions other than the first will be lost. The first will beerased if it doesn't have a resizable type (e.g. JHFS+) or if force is given. Format and name apply only when the first partition is being erased. Merged partitions are required to be ordered sequentially on disk (see diskutil list for the actual on-disk ordering). |
reformat vol | write an empty file system using the same type and name |
eraseDisk | Removing all volumes and writing a new partitioning scheme containing one new empty filesystem volume. If the partitioning scheme is not specified, then an appropriate one for the current machine is chosen. See Format . |
zeroDisk diskU | Erase a device, writing zeros to the media. The device can be a whole-disk or a partition. In either case, in order to beuseful again, zero'd whole-disks will need to be partitioned, or zero'd partitions will need to be erased (newfs'd), e.g. byusing the partitionDisk or eraseDisk verbs. If you desire a more sophisticated erase algorithm or if you need to erase onlyfree space not in use for files, use the secureErase verb. |
randomDisk [times] diskU | Erase a whole disk, writing random data to the media. Times is the optional (defaults to 1) number of times to write randominformation. device can be a whole-disk or a partition. In either case, in order to be useful again, randomized wholedisks will need to be partitioned, or randomized partitions will need to be erased (newfs'd), e.g. by using thepartitionDisk or eraseDisk verbs. If you desire a more sophisticated erase algorithm or if you need to erase only freespace not in use for files, use the secureErase verb. |
secureErase [freespace] level diskU | Erase, using a secure method, either a whole-disk (including any and all partitions), or, only the free space (not in usefor files) on a currently-mounted volume. Erasing a whole-disk will leave it useless until it is partitioned again. Erasing freespace on a volume will leave it exactly as it was from an end-user perspective, with the exception that it will notbe possible to recover deleted files or data using utility software. If you need to erase all contents of a partition butnot its hosting whole-disk, use the zeroDisk or randomDisk verbs. Level :
|
eraseOptical [quick] diskU |
APFS
Container | imports one or more APFS Physical Store disks and exports APFS Volume disks. While attached, the 'handle' by which a Container is identified is its Reference disk (device). Reference disk is a synthesized whole-disk which is exported by APFS for identification purposes only; it has no storage. It is associated with the AppleAPFSContainerScheme node in the IO Registry. |
Physical Store | a disk which is imported into an APFS Container. An APFS Container can import more than one Physical Store, e.g. for Fusion-style Containers. An APFS Physical Store disk is not necessarily a disk from a partition map; it could be e.g. anAppleRAID Set disk. Do not assume that an APFS Physical Store's disk identifier is a 2-part form such as disk0s2. |
Volume | an [un]mountable file system volume which is exported from an APFS Container. |
APFS Volumes have no specified 'size' (capacity), they consume capacity out ofthe remaining free space of their parent Container, consuming or returning such capacity asuser file data is added or deleted. This means that all Volumes within a Container compete for the Container's remaining capacity. Manage Volume allocation with reserve and quota. reserve size requests an assured minimum capacity for an APFS Volume. Quota size applies a maximum capacity to a Volume, limiting the numberof bytes of user file data which can be stored on the Volume. Efficient file copy cloning (copy-on-write) is supported (see copyfile (3)'s COPYFILE_CLONE). File-level encryption is supported. Snapshot represents a read-only copy of its parent APFS Volume, frozen at the moment of its creation. Snapshots are neither listed nor discoverable when their Volume is not mounted. Snapshots are mountable; provide a read-only historic version of the Volume You can revert the present state of an APFS Volume back to equality with a Snapshot in its history. Deleting a Snapshot; removes the possibility of ever reverting to that Snapshot's state, Snapshot mount point's 'source device' is the Snapshot name followed by '@' and the 'parent' Volume's device node, |
list [-plist] [containerReferenceDevice] | Display APFS objects as a tree. AFPS Container(s) are shown with their imported Physical Store(s) and exported Volume(s). All currently-attached APFS Containers in the system are listed unless you specify acontainerReferenceDevice, which limits the output to that specific APFS Container family. If -plist is specified, then a property list will be emitted --> |
convert device [-dryrun] | Non-destructively convert an HFS volume to an APFS Container with a single APFS Volume. The APFS Container can then be manipulated (e.g. adding and deleting APFS Volumes) as usual. The source HFS volume can be located on a partition or on a CoreStorage logical volume (LV); in the latter case, the CoreStorage logical volume group (LVG) is dismantled. |
create device [device] name | creates an empty APFS Container and then adds one APFS Volume with the given name. The Volume will have default attributes i.e. no encryption, no capacity reserve nor quota, etc. This is a combination of createContainer and addVolume . |
createContainer [-main] device [-secondary] [device] | Create an empty APFS Container. The device(s) specified become APFS Physical Stores. Specifing more than one device creates a Fusion Container -main and -secondary performance algorithms to be on 'slower' hardware. usually not solid solid state, is usually larger, and is used to store associated 'auxiliary' data such as any Windows partition(s) for Boot Camp Assistant. |
deleteContainer [-force] containerReferenceDevice | physicalStoreDevice [name] | Destroy a Container including all of its Volumes. Volumes are unmounted first. If one or more is busy the operation is aborted. Container's former Physical Store disks will be reformatted as HFS. New name, default : If there were multiple Physical Stores, a space and a number suffix is added for each. If Container is damaged, a Container Reference for it might not exist or it might not befunctional. reclaim former APFS Physical Store disk(s) by specifying |
resizeContainer containerReferenceDevice | physicalStoreDevice limits [-plist] | size | The operation is live, non-destructive, and does not mount or unmount any APFS Volumes.
Shrinks are constrained by the amount of data usage by all APFS Volumes on the targeted or impliedContainer. Contributing to this includes quotas, reserves, the usage of Snapshots (e.g. by Time Machine), and metadata overhead. When shrinking, new partitions may be created to fill the newly-freed spaceby specifing the format, name, and size parameters as for Grows are constrained by the amount of partition map free space trailing the targeted or implied Physical Store partition. All Volumes on the Container must be unlocked. |
addVolume ?containerReferenceDevice filesystem name | The filesystem parameter sets the permanent APFS personality for this new APFS Volume; you should specify APFS or Case-sensitive APFS. The new Volume will be unencrypted unless one of the passphrase options is specified volume's file usage to a maximum amount; no more than that many bytes will be available for filedata, even if there is otherwise enough space in the parent Container. Volumes carry certain metadata hint flags; |
deleteVolume volumeDevice | Remove the Volume from its Container. All of the Volume's data will be lost. |
eraseVolume volumeDevice | Erase the contents of a Volume. the Volume is not removed from its Container. The 'new' Volume will inherit the file system type (Case-sensitiveness ) but not attributes such as name, reserve, quota, or encryption status. If you need more control, delete;add the Volume. |
changeVolumeRole | | Change the role metadata flags The roles should be any combination of b r v B R Vi unspecified flags are unchanged, lower-case flags are cleared, and UPPER-CASE sets flags.clear will remove all flags, 0 no-op for scripting convenience. |
unlockVolume | | Unlock and mount an encrypted and locked Volume or verify a passphrase. WIthout -user all cryptographic users on that Volume are searched for a match;
To re-lock the volume, unmount it, e.g. with |
lockVolume | | Unmount and lock a Volume. |
listCryptoUsers | | Show all cryptographic users and special-purpose (e.g. recovery) 'users' (keys) associated with the Volume, each by their Cryptographic User UUID and usage 'type'. The usual purpose of an APFS Cryptographic User is to authenticate for unlocking its APFS Volume; any of its users can do so. An APFS Volume need not be encrypted in order to contain crypto users; other than the Disk User, they should be added before encrypting. Types of Cryptographic Users include 'Disk' user, whose UUID value always matches its Volume's UUID; |
changePassphrase | changeCryptoUserPassphrase | passwd volumeDevice -user disk | cryptoUserUUID | Change the passphrase of the given cryptographic user associated with the given Volume. |
setPassphraseHint | setCryptoUserPassphraseHint | hint volumeDevice -user disk | cryptoUserUUID -hint hintMessage | -clear | Set an arbitrary hint string to aid recall of a passphrase for the given cryptographic user associated with the given APFS Volume. Specifying -clear will clear any existing hint (no hint is the default). |
encryptVolume | encrypt | enableFileVault volumeDevice -user disk | existingCryptoUserUUID [-passphrase existingOrNewPassphrase | -stdinpassphrase] | Start encryption of a currently-unencrypted APFS Volume ('Enable FileVault'). The operation may be accomplished immediately or in the background'. Supply an existing cryptographic user UUID, in which case you must supply its corresponding passphrase, or if no users exist on this Volume, supply disk (or the Disk/Volume UUID), and a 'Disk User' will be created with a new passphrase . |
decryptVolume | decrypt | disableFileVault volumeDevice [-user disk | existingCryptoUserUUID] [-passphrase existingPassphrase | -stdinpassphrase] | Start decryption of a currently-encrypted APFS Volume ('Disable FileVault'). The operation may be accomplished immediately, or 'in the background'. The APFS Volume must be unlocked before beginning. |
listSnapshots | | Show all snapshots that are currently associated with the Volume, including its numeric XID identifier and name. |
deleteSnapshot volumeDevice -xid xid | -name name | Remove the given Snapshot |
Apple RAID | ||
appleRAID raidVerb […] | ||
Create, manipulate and destroy AppleRAID volumes (Software RAID).
Striped and concatentated volumes are, in fact, more vulnerable to faults than single disk volumes. From these basic types, 'stacked' or 'nested' RAID volumes can be created.
In addition to whole disk and partition device names, AppleRAID uses UUIDs to refer to existing RAID sets and their members.They may be specified by mount point (e.g. RAID is not a replacement for backing up data. Backups should be always be performed on a regular basis andbefore modifying any RAID. | ||
list [UUID] | Display volumes with current status and associated member disks. If UUID is specified, only list that RAID. diskutil listRAID is a deprecated synonym for diskutil appleRAID list. | |
create mirror|stripe|concat setName format devices … | Create a new RAID set consisting of multiple disks and/or RAID sets. setName is used for both the name of the created RAID volume and the RAID set itself (as displayed in list). Example: diskutil createRAID stripe MyArray JHFS+ disk1 disk2 disk3 disk4 | |
delete raidVolume | Destroy an existing RAID set. If the RAID set is a mirror with a resizable filesystem, delete will attempt toconvert each of the member partitions back into a non-RAID volume while retaining the contained filesystem. For concatenated RAID sets with a resizable filesystem, delete will attempt to shrink the filesystem to fit on thefirst member partition and convert that to a non-RAID volume. | |
repairMirror raidVolume newDevice | Repair a degraded mirror by replacing a broken or missing member. Broken devices in the mirrored set can also berebuilt by specifying newDevice . When replacing members of a mirrored set, the new disk must be the same size orlarger than the existing disks in the RAID set. | |
add type newDevice raidVolume | Add a new member or hot spare to an existing RAID set. Type can be either member or spare . New disks are addedlive, the RAID volume does not need to be unmounted. Mirrored volumes support adding both members and hot spares, When adding to a mirrored RAID set, the new disk mustbe the same size or larger than the existing disks in the RAID set. Adding a hot spare to a mirror will enableautorebuilding for that mirror. Concatenated volumes only support adding members. Adding a new member to a concatenated RAID set appends the member and expands the RAID volume. | |
remove oldDevice raidVolume | Remove a member or spare from an existing RAID set. Old disks are removed live, the RAID volume does not need tobe unmounted. For missing devices, oldDevice must be device's UUID. Online mirror members with a resizablefilesystem will be converted to non-RAID volumes, spare and offline members will be marked free. For concatenated RAID sets, only the last member can be removed. For resizable filesystems remove will first aiempt toshrink the concatenated RAID set so that the filesystem fits on the remaining disks. | |
enable mirror|concat device | Convert a non-RAID disk partition containing a resizable filesystem (like JHFS+) into an unpaired mirror or single disk concatenated RAID set. Disks that were originally partitioned on Mac OS X 10.2 Jaguar or earlier orwere partitioned to be Mac OS 9 compatible may not be resizable. | |
update key value raidVolume | Update the key value parameters of an existing RAID set. Valid keys are:AutoRebuild 0|1 - If true, the system attempts to rebuild degraded mirrored volumes automatically. When looking for devices for rebuild, AppleRAID first looks for hot spares and then degraded members. Settingtimeout ss seconds system waits (in seconds) for a missing device before degrading a mirrored raid set. Also controls the amount of time you have to disconnect all devices from an unmounted mirror without degrading it. |
coreStorage cs coreStorageVerb […] CoreStorage verbs can be used to create, manipulate and destroy CoreStorage volumes. CoreStorage maintains a world of virtual disks, somewhat like RAID, in which one can easily add or remove imported backing store disks, as well as exported usable volumes, to or from a pool (or several pools). This provides the user with flexibility in allocating their hardware; user or operating system data can span multiple physical disks seamlessly, for example.
An LVG imports one or more Physical Volumes (PVs). A PV represents a device that feeds the LVG storage space; a PV is normally real media but it can be a disk image or even an AppleRAID Set. A disk offered to be a PV must be a partition and the encompassing scheme must be GPT. An LVG exports zero or more Logical Volume Families (LVFs). An LVF contains properties which govern and bind together all of its descendant Logical Volumes (LVs). These properties provide settings for Full Disk Encryption (FDE) (such as whether the LVG is encrypted, which users have access, etc) and other services. However, at the present time, for new LVF creation, only zero or one LVF per LVG is supported. A Logical Volume Family (LVF) exports one or more Logical Volumes (LVs). However, at the present time, only and exactly one LV per LVF is supported. A Logical Volume (LV) exports a dev node, upon which a file system (such as Journaled HFS+) resides. For more information on specifying device arguments, see the DEVICES section below. CoreStorage is not a replacement for backing up your data. Backups should be always be performed on a regular basis and before modifying any CoreStorage volumes using these commands. CoreStorage sub-verbs : | |
| Display tree view of the CoreStorage world for all current logical volume groups (LVGs) with member disks (PVs) and exported volumes (LVFs and LVs), with properties and status for each level. With -plist a property list will be emitted instead of the formatted tree output;the UUID s can be used with the diskutil coreStorage information verb to get properties for the object represented by that UUID . With UUID list only that UUID |
info | information [-plist] UUID | device |
HISTORY
Starting with Mac OS X 10.6, the input and output notation of disk and partition sizes use power-of-10 suffixes.In the past this has been power-of-2, for display or accepted as input.
See also
booting OS X utility partitionDisk Utility (Graphic User Interface) application
See
HDIutil for disk images.
Disk Utility User Guide
You can use Disk Utility to create a disk image, which is a file that contains other files and folders.
Note: You can burn information to a CD or DVD using the Burn command in the Finder. See Burn CDs and DVDs.
Create a blank disk image for storage
You can create an empty disk image, add data to it, then use it to create disks, CDs, or DVDs.
In the Disk Utility app on your Mac, choose File > New Image > Blank Image.
Enter a filename for the disk image, add tags if necessary, then choose where to save it.
This is the name that appears in the Finder, where you save the disk image file before opening it.
In the Name field, enter the name for the disk image.
This is the name that appears on your desktop and in the Finder sidebar, after you open the disk image.
In the Size field, enter a size for the disk image.
Click the Format pop-up menu, then choose the format for the disk:
If the disk image will be used with a Mac that has a solid state drive (SSD) and uses macOS 10.13 or later, choose APFS or APFS (Case-sensitive).
If the disk image will be used with a Mac with macOS 10.12 or earlier, choose Mac OS Extended (Journaled) or Mac OS Extended (Case-sensitive, Journaled).
If the disk image will be used with a Mac or Windows computer and is 32 GB or less, choose MS-DOS (FAT); if it’s over 32 GB, choose ExFAT.
To encrypt the disk image, click the Encryption pop-up menu, then choose an encryption option.
Click the Partitions pop-up menu, then choose a partition layout.
Click the Image Format pop-up menu, then choose an option:
Sparse bundle disk image: Same as a sparse disk image (below), but the directory data for the image is stored differently. Uses the .sparsebundle file extension.
Sparse disk image: Creates an expandable file that shrinks and grows as needed. No additional space is used. Uses the .sparseimage file extension.
Read/write disk image: Allows you to add files to the disk image after it’s created. Uses the .dmg file extension.
DVD/CD master: Changes the size of the image to 177 MB (CD 8 cm). Uses the .cdr file extension.
Click Save, then click Done.
Disk Utility creates the disk image file where you saved it in the Finder and mounts its disk icon on your desktop and in the Finder sidebar.
In the Finder, copy your files to the mounted disk image, then eject it.
Restore the disk image to a disk.
For more information about disk image types, see the manual (man) page for hdiutil.
Create a disk image from a disk or connected device
Diskutil Will Damage Your Computer Mac
You can create a disk image that includes the data and free space on a physical disk or connected device, such as a USB device. For example, if a USB device or volume is 80 GB with 10 GB of data, the disk image will be 80 GB in size and include data and free space. You can then restore that disk image to another volume.
In the Disk Utility app on your Mac, select a disk, volume, or connected device in the sidebar.
Choose File > New Image, then choose “Image from [device name].”
Enter a filename for the disk image, add tags if necessary, then choose where to save it.
This is the name that appears in the Finder, where you save the disk image file before opening it.
Click the Format pop-up menu, then choose an option:
Read-only: The disk image can’t be written to, and is quicker to create and open.
Compressed: Compresses data, so the disk image is smaller than the original data. The disk image is read-only.
Read/write: Allows you to add files to the disk image after it’s created.
DVD/CD master: Can be used with third-party apps. It includes a copy of all sectors of the disk image, whether they’re used or not. When you use a master disk image to create other DVDs or CDs, all data is copied exactly.
To encrypt the disk image, click the Encryption pop-up menu, then choose an encryption option.
Click Save, then click Done.
Disk Utility creates the disk image file where you saved it in the Finder and mounts its disk icon on your desktop and in the Finder sidebar.
Important: Don’t create a disk image of a disk that you believe to be failing or that contains corrupted information. The disk image may not serve as a reliable backup.
For technical information about creating a restore disk image, see the Apple Software Restore (ASR) manual (man) page.
Create a disk image from a folder or connected device
You can create a disk image that contains the contents of a folder or connected device, such as a USB device. This method doesn’t copy a device’s free space to the disk image. For example, if a USB device or volume is 80 GB with 10 GB of data, the disk image will be 10 GB in size and include only data, not free space. You can then restore that disk image to another volume.
In the Disk Utility app on your Mac, choose File > New Image, then choose Image from Folder.
Select the folder or connected device in the dialog that appears, then click Open.
Enter a filename for the disk image, add tags if necessary, then choose where to save it.
This is the name that appears in the Finder, where you save the disk image file before opening it.
To encrypt the disk image, click the Encryption pop-up menu, then choose an encryption option.
Click the Image Format pop-up menu, then choose an option:
Read-only: The disk image can’t be written to, and is quicker to create and open.
Compressed: Compresses data, so the disk image is smaller than the original data. The disk image is read-only.
Read/write: Allows you to add files to the disk image after it’s created.
DVD/CD master: Can be used with third-party apps. It includes a copy of all sectors of the disk image, whether they’re used or not. When you use a master disk image to create other DVDs or CDs, all data is copied exactly.
Hybrid image (HFS+/ISO/UDF): This disk image is a combination of disk image formats and can be used with different file system standards, such as HFS, ISO, and UDF.
Click Save, then click Done.
Disk Utility creates the disk image file where you saved it in the Finder and mounts its disk icon on your desktop and in the Finder sidebar.
For technical information about creating a restore disk image, see the Apple Software Restore (ASR) manual (man) page.
Create a secure disk image
If you have confidential documents that you don’t want others to see without your permission, you can put them in an encrypted disk image.
Note: If you want to protect the contents of the system disk, turn on FileVault using the FileVault pane of Security & Privacy Preferences.
In the Disk Utility app on your Mac, choose File > New Image > Blank Image.
Enter a filename for the disk image, add tags if necessary, then choose where to save it.
This is the name that appears in the Finder, where you save the disk image file before opening it.
In the Name field, enter the name for the disk image.
This is the name that appears on your desktop and in the Finder sidebar, after you open the disk image.
In the Size field, enter a size for the disk image.
Click the Format pop-up menu, then choose a format:
If you’re using the encrypted disk image with a Mac computer using macOS 10.13 or later, choose APFS or APFS (Case-sensitive).
If you’re using the encrypted disk image with a Mac computer using macOS 10.12 or earlier, choose Mac OS Extended (Journaled) or Mac OS Extended (Case-sensitive, Journaled).
Click the Encryption pop-up menu, then choose an encryption option.
Enter and re-enter a password to unlock the disk image, then click Choose.
WARNING: If you forget this password, you won’t be able to open the disk image and view any of the files.
Use the default settings for the rest of the options:
Click the Partitions pop-up menu, then choose Single partition - GUID Partition Map.
Click the Image Format pop-up menu, then choose “read/write” disk image.
Click Save, then click Done.
Disk Utility creates the disk image file where you saved it in the Finder and mounts its disk icon on your desktop and in the Finder sidebar.
In the Finder , copy the documents you want to protect to the disk image.
If you want to erase the original documents so they can’t be recovered, drag them to the Trash, then choose Finder > Empty Trash.
When you’re finished using the documents on the secure disk image, be sure to eject the disk image. As long as it’s available on your desktop, anyone with access to your computer can use the documents on it.
To access the data in a disk image, double-click it. It appears on your desktop, and you can add, remove, and edit files on it just as you would with a disk.