Earlier I’ve used Knox from Agilebits to open encrypted vaults that contain DEVONthink databases for sensitive information. The vaults are stored on disc as sparse image file. It’s a bit of hassle to open first the encrypted vault and then open the database in DEVONthink, so I was intrigued to try the encrypted database option in DEVONthink 3. However, despite its extension .dtSparse, it stored the database as a “block” image. It’s an issue when working with a database of this kind at least when it comes to backups, which I have in Time Machine, Arq and on an USB disk. They’ll need to backup the block file each time a single change is made in a file.
I tried this feature and it made it more convenient to create encrypted databases this way. However, I don’t know if I want to use them because of the block limitation. Are you planning to support sparse kind of images in future?
Sorry, I named it wrong. MacOS has support for “sparse disk image”, and also “sparse bundle image”. The issue remains. Sparse bundle images handle backups of large images much better than other images. DEVONthink databases often are very large, and even a tiny modification will result in a new image, which will all get backed up in the next backup iteration. Sparse bundle image appears on Finder in a same way as a sparse image, but it’s a directory.
As an example, here’s a comparison of DEVONthink created “sparse image” vs MacOS Disk Utility “sparse bundle image”.
ls -l
-rw-r--r-- 1 user staff 43118080 May 15 19:44 DEVONthink.dtSparse
drwxr-xr-x@ 6 user staff 192 May 15 19:47 sparseBundle.sparsebundle/
user$ cd DEVONthink.dtSparse
-bash: cd: DEVONthink.dtSparse: Not a directory
user$ cd sparseBundle.sparsebundle/
user$ ls
Info.bckup Info.plist bands/ token
user$ ls -l bands/
total 35096
-rw-r--r-- 1 user staff 2117632 May 15 19:48 0
-rw-r--r-- 1 user staff 8101888 May 15 19:47 5
-rw-r--r-- 1 user staff 7746048 May 15 19:47 b
The “sparse image” is a big block file, whereas “sparse bundle image” is actually a directory that has smaller encrypted files inside it. This makes at least backups much more efficient. At least I can’t probably use the encrypted database feature because of this issue, though otherwise I’d very much like to.
You could create the sparse bundle image on your own, afterwards move the database into the image, unmount it and change the extension to .dtSparse. A future release might also include such an option in the File > New Encrypted Database… panel.
When I tested it further, it seems that when I close an encrypted sparse bundle image with this method, the mount disappears from /Volumes, but it can be opened again at least some time after this again without prompting a password. This is different behaviour from DEVONthink created sparse images. How does it open the encrypted database without prompting a password? I haven’t stored the password in keychain.
This seems to be a bug of macOS 10.14.x which unmounts the volume but doesn’t always eject the disk (although it claimed that it did). How exactly did you open the database? By e.g. double-clicking on it in the Finder?
Most of the times I’ve opened it from DEVONthink “Recent Databases”. I tried opening it from Finder as well, but it’s the same. Also in Finder the custom sparse bundle database opens without prompting a password, but the DEVONthink created .dtSparse prompts password each time. If I boot the machine, on first open also the custom .dtSparse asks the password, but afterwards it won’t ask it whether I open it from DEVONthink or Finder.
Sorry if I repeat, but I’ve now verified it several times: The custom .dtSparse image somehow seems to open again without asking a password for me. I’ve tried it many times with different configurations. Opening the image in DEVONthink does not create a new image that’s visible in Finder, but it’s in /Volumes. If I close the image in DEVONthink, then it disappears from /Volumes, but you can still mount it back without a password.
Also if I create a custom .dtSparse with this method, open it in DEVONthink, close the database and move it back to .sparsebundleand try to open it with with Finder, it says: “The following disk images couldn’t be opened. no mountable file systems”.
I’m not really asking for basic help with this issue anymore, but I thought it might be helpful for users or developers to see these issues I had when creating these custom sparse bundle .dtSparse images. It may be an issue with MacOS, but this is how it works on my setup at least, and it consistently works in a different way from the DEVONthink created .dtSparse images.
See the link above - I have experienced and reported the same problem re. sparsebundles not ejecting properly. There is a workaround for the security implications (eject via disk utility, see my post).
Thanks for the link. Yes, it sounds like it’s related to the same issue, though I tried to use it in a bit different manner. The Agile Bits Knox system I currently use also creates also .sparsebundle images and I some databases in them, but DEVONthink didn’t seem to unmount them with this procedure I have: Open the sparse bundle with Knox, open the database, close the database. The sparse bundle mount it still valid and visible in Finder. I can then eject the image with Knox (or Finder) like it used to be. I never tried to open the sparse bundle directly with DEVONthink.
I got this issue when I tried to create a custom sparse bundle image with a single database that can be opened and closed directly from DEVONthink. It would simplify the workflow with opening encrypted databases for me, but I’d rather use sparse bundles instead of “block” sparse images. It seems to me from testing that if you open a .dtSparse image in DEVONthink 3, it’ll mount that and then automatically open one database inside it. It doesn’t matter what the database is named, but if there are several databases inside it, then it’ll somehow select one of the databases. Then when you close the database, it’ll try to unmount the volume. Is this correct? In any case, with sparse bundles the volume can still be opened without a password.