Advanced Topics

Downgrading an APFS-formatted Fusion volume from Mojave

If you upgraded your Mac to macOS Mojave and have decided to downgrade for one reason or another, the procedure is usually pretty straightforward. Fusion volumes, however, introduce a complication. Upon upgrading to Mojave, a Fusion volume will be converted from HFS+ to APFS. If you want to downgrade to High Sierra (or any earlier OS), you must reformat that Fusion volume as HFS+. Because APFS Fusion volumes are not handled gracefully by High Sierra, however, the procedure is a bit tedious.

What is CCC's Privileged Helper Tool?

At its core, Carbon Copy Cloner is a product that is designed to make bootable backups of your Mac's operating system. In order for CCC to be able to make copies of system files, CCC needs to have the privilege of copying files that can't be read nor written by just any user – CCC requires elevated privileges to copy macOS system files. Likewise, CCC is often tasked with copying the data associated with multiple users. macOS prevents you from accessing files that belong to other users.

Limitations of online-only placeholder files

Some cloud storage service providers offer services that allow you to sync a local folder to "the cloud", and optionally choose to store those files only online, thus freeing up space on your hard drive. Some services that currently offer this functionality include:

Task Organization

Adding a task

Tasks can be added in several different ways. To create a new task with default settings, click the + icon in the Tasks table header, or choose New Task from CCC's File menu, or click the New Task button in CCC's toolbar. You can also duplicate an existing task: select the task in the task list, then choose Duplicate from CCC's File menu, or right-click on the task and choose the option to duplicate it.

Cloning Coach Configuration Concerns

CCC determines whether your destination volume will be bootable and indicates any configuration concerns in the "Cloning Coach" window. If you see a yellow warning icon in the Task Plan header, you can click on that icon to see these concerns. CCC will also present these concerns to you the first time that you configure a backup task to any particular destination volume.

Outgoing network connections made by CCC

If you're using an application firewall such as Little Snitch, you will see several outgoing network connections coming from CCC. We explain below what connections you should expect to see, and also explain why some connections that look unexpected are simply misreported by Little Snitch.

Ordinary activity

CCC will make external network connections for the following activity:

When I boot from my backup, Little Snitch reports that its rules have been replaced by a different version. Why, and how can I avoid this?

According to ObDev developers, it is crucial for Little Snitch to avoid unnoticed ruleset changes. Little Snitch therefore has numerous mechanisms to detect whether it is using the exact same ruleset file, as in, on the same volume and at the same physical address on that disk. This sort of mechanism makes it impossible for Little Snitch to use the ruleset on the booted backup volume without physical intervention from a user at the system (thus the dialog asking if it's OK to use the current version of rules or to use a default ruleset).

Creating a separate task to prevent VM container versions from bloating the SafetyNet

If you frequently use virtual machine container files (e.g. with Parallels, VMWare, VirtualBox, etc.), you may find that CCC's SafetyNet folder tends to get very large, very quickly. Every time you open your virtual machine, the monolithic virtual machine container file is modified, and CCC will require that it gets backed up during the next backup task. If the SafetyNet is on, CCC will move the older version of the VM container file into the SafetyNet folder.

Modifying CCC's Security Configuration

Rather than requiring you to enter admin credentials every time you want to run a task or make changes to a task, CCC only requires you to authenticate once when CCC is initially installed. While this configuration is easier to use, there are situations where this configuration is not appropriate. If you leave your system unattended with an admin user logged in, someone with physical access to your system can modify or run your CCC backup tasks.

Frequently Asked Questions about encrypting the backup volume