Use mdfind to identify all encrypted dmg?
Solution 1:
At the present time on my local disk I have 88 .dmg files, three of which are encrypted. Before running the command line below I didn't know how many encrypted .dmg files I had and if any, where they were. So while the following command line may look convoluted nonetheless it should work as advertised.
Open Terminal and copy and paste the entire command line below, as is, into the Terminal then press Enter.
mdfind '(kMDItemFSName=*.dmg)' | while IFS= read -r line; do printf "$line " & hdiutil isencrypted "$line"; done > dmg_file_list; grep ': YES' dmg_file_list > encrypted_dmg_file_list; clear; cat encrypted_dmg_file_list
This will create two files, dmg_file_list and encrypted_dmg_file_list, and output the contents of the latter to the Terminal. The files can also be opened in a text editor.
The files will contain the fully qualified pathname of the .dmg files followed by a space and either encrypted: NO or encrypted: YES in the dmg_file_list file and only the fully qualified pathname of the .dmg files followed by a space and encrypted: YES in the encrypted_dmg_file_list file.
You can then manually delete the two files created by the command when finished with them.
Note: Once the command line is executed if may take a moment to process and output the contents of the encrypted_dmg_file_list file to the Terminal. It will depend on just how many .dmg files there are.
Here is the full command line shown with line continuation so you make sure to copy and paste the entire line. (You can actually copy and paste the command line in this format too.)
mdfind '(kMDItemFSName=*.dmg)' | while IFS= read -r line; \
do printf "$line " & hdiutil isencrypted "$line"; \
done > dmg_file_list; grep ': YES' dmg_file_list > encrypted_dmg_file_list; \
clear; cat encrypted_dmg_file_list
Solution 2:
Spotlight just doesn't have sufficient metadata to differentiate the filesystem choices stored inside a DMG. Put another way, it's like asking what Pages documents have French words in them just using mdls
. The data to make that search isn't contained in metadata.
The proper command to check if a specific image file is encrypted is hdiutil isencrypted /path/to/dmg
Example:
host:~ user$ hdiutil isencrypted /Users/user/Downloads/test.dmg
Output:
encrypted: YES
blocksize: 512
uuid: DE78A7BE-2B64-4556-8EC9-93DFAC15A839
private-key-count: 0
passphrase-count: 1
max-key-count: 1
version: 2
Solution 3:
A solution using mdfind -0
and xargs
:
mdfind -0 "kMDItemFSName == '*.dmg'" | xargs -0 -IX ksh -c '
if hdiutil isencrypted "X" 2>&1 | grep -q "encrypted: YES"
then echo "X -ENCRYPTED"
fi'