Role of Apple File System
Apple File System (APFS) is a proprietary file system that was designed with encryption in mind. APFS works across all Apple’s platforms—for iPhone, iPad, iPod touch, Mac, Apple TV, and Apple Watch. Optimized for Flash/SSD storage, it features strong encryption, copy-on-write metadata, space sharing, cloning for files and directories, snapshots, fast directory sizing, atomic safe-save primitives, and improved file system fundamentals, as well as a unique copy-on-write design that uses I/O coalescing to deliver maximum performance while ensuring data reliability.
APFS allocates storage space on demand. When a single APFS container has multiple volumes, the container’s free space is shared and can be allocated to any of the individual volumes as needed. Each volume uses only part of the overall container, so the available space is the total size of the container, minus the space used in all volumes in the container.
In iOS and iPadOS, storage is divided into at least two APFS volumes:
In macOS 10.15 or later, an APFS container used to start up the Mac must contain at least five volumes, the first three of which are hidden from the user:
Preboot volume: Contains data needed for booting each system volume in the container
VM volume: Used by macOS for swap file storage
Recovery volume: Contains recoveryOS
System volume: Contains the following:
All the necessary files to start up the Mac
All apps installed natively by macOS (apps that used to reside in the /Applications folder now reside in /System/Applications)
Note: By default, no process can write to the System volume, even Apple system processes.
Data volume: Contains data that is subject to change, such as:
Any data inside the user’s folder, including photos, music, videos, and documents
Apps the user installed, including AppleScript and Automator applications
Custom frameworks and daemons installed by the user, organization, or third-party apps
Other locations owned and writable by the user, as /Applications, /Library, /Users, /Volumes, /usr/local, /private, /var, and /tmp
A data volume is created for each additional system volume. The preboot, VM, and recovery volumes are all shared and not duplicated.
In macOS 11, the system volume is captured in a snapshot. The operating system boots from a snapshot of the system volume, not just from a read-only mount of the mutable system volume.