tmutil doesn't create a real snapshot (since Catalina?)

I'm using rsync on top of a mount_apfs snapshots, to backup a consistent file system view and without having to stop applications during the backup.

After having investigated the rsync error 'file has vanished', I've discovered that tmutil doesn't create real snapshots:

15:50:34 [admin@MAC10143-ROTH ~]$ tmutil snapshot /
Created local snapshot with date: 2020-12-21-155054
15:52:08 [admin@MAC10143-ROTH ~]$ sudo mount_apfs -o rdonly -s "com.apple.TimeMachine.2020-12-21-155054.local" / /tmp/snap
Password:
15:52:30 [admin@MAC10143-ROTH ~]$ cat /etc/profile
# System-wide .profile for sh(1)

if [ -x /usr/libexec/path_helper ]; then
    eval `/usr/libexec/path_helper -s`
fi
...
15:53:20 [admin@MAC10143-ROTH ~]$ vi /etc/profile

  <File is changed>

15:58:42 [admin@MAC10143-ROTH ~]$ cat /tmp/snap/etc/profile
# System-wide .profile for sh(1)
#             <====
# TEST CHANGE <====
if [ -x /usr/libexec/path_helper ]; then
...

As you can see, all changes are reflected in the mounted snapshot. I've also tried file additions and deletions.

I think the problem is that Catalina has started to split the whole file system into a read-only system volume plus a data volume (plus maybe something else?):

16:07:33 [admin@MAC10143-ROTH ~]$ df -h
Filesystem                                                   Size   Used  Avail Capacity iused      ifree %iused  Mounted on
/dev/disk1s6                                                466Gi   11Gi  176Gi     6%  488281 4881964599    0%   /
devfs                                                       197Ki  197Ki    0Bi   100%     682          0  100%   /dev
/dev/disk1s5                                                466Gi  276Gi  176Gi    62% 2492125 4879960755    0%   /System/Volumes/Data
/dev/disk1s4                                                466Gi  2.0Gi  176Gi     2%       2 4882452878    0%   /private/var/vm
/dev/disk1s1                                                466Gi  804Ki  176Gi     1%      88 4882452792    0%   /Volumes/Macintosh HD - Data
map auto_home                                                 0Bi    0Bi    0Bi   100%       0          0  100%   /System/Volumes/Data/home
map -fstab                                                    0Bi    0Bi    0Bi   100%       0          0  100%   /System/Volumes/Data/Network/Servers
/dev/disk3s1                                                 25Gi   com.apple.TimeMachine.2020-12-21-155054.local@/dev/disk1s6  466Gi   11Gi  176Gi     6%  488281 4881964599    0%   /private/tmp/snap
16:07:35 [admin@MAC10143-ROTH ~]$

I could try to mount the more specific file systems, but the problem is I want to make the whole / visible to rsync, to perform a system backup. Is there a way?

Solution 1:

I'll answer myself, though it's a partial answer.

When tmutils is used with partitions like /, the result isn't a true snapshot, the file system I mount this way reflects the original one in real-time (ie, any change in the original is immediately visible in the "snapshot").

In order to make it work, I have to mount partitions like this:

vol_path=/System/Volumes/Data
snap_id=$(tmutil snapshot "$vol_path" | sed s/'Created local snapshot with date: '//)
mount_apfs -o rdonly -s "com.apple.TimeMachine.${snap_id}.local" "$vol_path" snap-mnt

This works fine when you want to backup a subdirectory like /System/Volumes/Data/Users/user/.

The flip side is that directories like /etc aren't under Data/, but /etc/ is actually a link to Data/private/, so one doesn't lose much by backing up the Data/ dir only.