what is the purpose of mds folder on a Mac

macos filesystem

Solution 1:

I think in this particular case MDS stands for Module Directory Services, as explained in this apple doc. As far as I can tell this is unrelated to Spotlight's mds (which stands for metadataserver).

You use the search object created by this function in subsequent calls to the SecPolicySearchCopyNext function to obtain trust policy objects. Policies are stored in the Module Directory Services (MDS) database. MDS is described in detail in “Part 8: Module Directory Service (MDS)” of Common Security: CDSA and CSSM, version 2 (with corrigenda) from The Open Group (http://www.opengroup.org/security/cdsa.htm).

Going to that link, we have the following extra information

The Module Directory Services (MDS), which is a standalone service outside of CDSA, implements a database describing CDSA components available from the local platform. Applications and CDSA components can query MDS to obtain the compatibility information and numerous other attributes describing features of the CDSA components. This information can be used as the basis for selecting appropriate and compatible components at runtime.

We can see the source for some of pieces of MDS in Security.framework here and see indeed there are the implementations of the "DL interfaces supported by MDS" as enumerated here

So from the above, if I understand correctly from skimming the docs we can say that at a high level MDS is a database used by the Security.framework component of OSX to manage policies.

Now what about the specific per-app example you noted? We see here that mDNSResponder needs read-write access to pieces of MDS:

; Our Module Directory Services cache
(allow file-read-data                 (regex #"^/private/var/tmp/mds/"))
(allow file-read* file-write*         (regex #"^/private/var/tmp/mds/[0-9]+(/|$)"))
(allow file-read-data                 (regex #"^/private/var/db/mds/"))
(allow file-read* file-write*         (regex #"^/private/var/db/mds/[0-9]+(/|$)"))
(allow file-read* file-write*         (regex #"^/private/var/folders/[^/]+/[^/]+/C/mds(/|$)"))
(allow file-read* file-write*         (regex #"^/private/var/folders/[^/]+/[^/]+/-Caches-/mds(/|$)")) ; Required on 10.5 and 10.6

and that second-to-last line matches the file path you noted. So that could be one reason why such a file exists.

Deleting it should not pose any issue since it is part of the cache directory.

Related

What are the different columns in this Terminal display?
How can I backup my Icloud synced notes locally?
Can a single company enroll in both the Apple Developer Program and the Apple Developer Enterprise Program?
convert from SqlDataReader to JSON
Why do I need a memory barrier?
Recursive List Flattening
Bootstrap datepicker disabling past dates without current date
Change ggplot factor colors
Remove all the line breaks from the html source
Java : Read last n lines of a HUGE file
What does NOPL do in x86 system?
Open an html page in default browser with VBA?