Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

FM Server Database on DMG

DWF

By DWF
in Legacy FileMaker Server Discussions

 Share

This topic is 5763 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies
DWF Newbie

DWF

Posted
  • Newbies
Posted

I am running FM Server 9 on OS X 10.4. I need to specify an additional database folder that is located on a mounted DMG. I get 'invalid path', which I assume has to do with the fact that it's on a DMG (the path is correct and permissions seem fine). Anyone have experience with this? Anyone know how to make FMS recognize a path that is on a DMG?

Thanks!

IdealData Grand Master

IdealData

Posted
Posted

Not sure FMS can handle demountable media - in fact I'm sure I read something on these lines a while ago.

  • Newbies
DWF Newbie

DWF

Posted
  • Author
  • Newbies
Posted

Thanks. I have seen some discussion of that before, too. But it seems like there must be a way to use a DMG. Afterall, a physical drive is de-mountable, too.

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

I do not believe this will work. And there are arguments as to why it shouldn't be done perhaps as well.

You can specify an alternate location, but that location must be on a drive or partition on the Server itself.

Steven

  • Newbies
DWF Newbie

DWF

Posted
  • Author
  • Newbies
Posted

Thanks. The DMG is on an internal drive. But I Guess once the DMG is mounted, FMS doesn't care and treats it as external media.?

FYI: Why I need to use DMG.... My clients include groups at US government agencies, which are all now adopting FIPS security standards that specifically require data be stored on encrypted drives/partitions (so data are inaccessible if drives are stolen/lost, etc.). Unfortunately OS X doesn't have built-in partition encryption and the couple of third-party options for this have lots of problems. So, the de-facto method for encrypting drives on OS X has become encrypted DMG on unencrypted drives. There's really no acceptable alternative I know of (but I'm open to suggestions).

Hense my need to make figure out how to make FMS work with DMG.

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

FileMaker Server runs as a background service/daemon without any users logged into the server. Thus such drives won't mount or work when there are no users connected.

Thgis is an interesting issue however, and I will investigate it some more.

Steven

  • Newbies
DWF Newbie

DWF

Posted
  • Author
  • Newbies
Posted

A follow-up ...

I've experimented with every DMG format and permission scheme I can think of and am concluding (though still hoping to be proven wrong) that it's just not possible for FMS <= 9 to serve databases from a DMG. Maybe FMS 10 can (?).

What this means is that FileMaker can not be securely deployed on an OS X server. Why? One of the most basic tenets of a secure server is that disks/partitions/directories with data files be encrypted so they are unreadable if they are removed from the box or the system software is reinstalled (ie: loss or theft). On OS X, the de-facto method of meeting this requirement is with encrypted DMG (third-party encryption software has so far proven to be instable, and now most secure OS X servers use encrypted DMG to secure data files).

I hope the folks at FileMaker are aware of how big this shortcoming is. Two years ago, no one encrypted disks. Then the Veterans Administration started losing computers and now everyone with any sensitive data (medical, financial, etc) has to do it.

For now, I've had to create an insecure space on my secure server in which to put the FM databases.

-

  • 3 weeks later...
  • Newbies
DWF Newbie

DWF

Posted
  • Author
  • Newbies
Posted

Another followup...

TrueCrypt (well-respected open-source encryption software) recently became available for OS X. I set up a hard drive partition encrypted using TrueCrypt and, voila, FMS treats the mounted volume as a physical volume, recognizing database and backup directories on the TureCrypt volume as "valid."

TrueCrypt actually creates a DMG on the physical partition, just like the vanilla encrypted DMG I was trying FMS with. And just like a regular DMG, a TrueCrypt volume does not mount at startup and can be unmounted easily (even when something is running on it). But there's something about a TrueCrypt DMG that makes FileMaker think it is a physical drive.

TrueCrypt is a recent arrival to OS X and thus a bit risky for production servers (but it's been around a long time on Linux/Unix and Windows). So far, it looks like the best option for getting FMS to host databases on a secure OS X drive.

This topic is 5763 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept