From 5aa689e8ad4fe46f1a781b394486c81831f2b3d5 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Wed, 24 Feb 2021 05:12:38 +0000 Subject: [PATCH 01/20] WIP: Machine unique value generator --- custom/config-nopicker-custom.plist | 885 +++++++++++++++++++++++ custom/generate-unique-machine-values.sh | 172 +++++ 2 files changed, 1057 insertions(+) create mode 100644 custom/config-nopicker-custom.plist create mode 100755 custom/generate-unique-machine-values.sh diff --git a/custom/config-nopicker-custom.plist b/custom/config-nopicker-custom.plist new file mode 100644 index 0000000..c93ee96 --- /dev/null +++ b/custom/config-nopicker-custom.plist @@ -0,0 +1,885 @@ + + + + + + + ACPI + + Add + + + Comment + add DTGP method + Enabled + + Path + SSDT-DTGP.aml + + + Comment + Fake EC and USBX Power + Enabled + + Path + SSDT-EC.aml + + + Comment + USB 2.0 Injection + Enabled + + Path + SSDT-EHCI.aml + + + Comment + CPU AGPM Plugin=1 + Enabled + + Path + SSDT-PLUG.aml + + + Delete + + + All + + Comment + Delete CpuPm + Enabled + + OemTableId + Q3B1UG0AAAA= + TableLength + 0 + TableSignature + U1NEVA== + + + All + + Comment + Delete Cpu0Ist + Enabled + + OemTableId + Q3B1MElzdAA= + TableLength + 0 + TableSignature + U1NEVA== + + + Patch + + + Comment + _Q11 to XQ11 + Count + 1 + Enabled + + Find + X1ExMQ== + Limit + 0 + Mask + + OemTableId + + Replace + WFExMQ== + ReplaceMask + + Skip + 0 + TableLength + 0 + TableSignature + + + + Comment + _Q12 to XQ12 + Count + 1 + Enabled + + Find + X1ExMg== + Limit + 0 + Mask + + OemTableId + + Replace + WFExMg== + ReplaceMask + + Skip + 0 + TableLength + 0 + TableSignature + + + + Quirks + + FadtEnableReset + + NormalizeHeaders + + RebaseRegions + + ResetHwSig + + ResetLogoStatus + + + + Booter + + MmioWhitelist + + Quirks + + AvoidRuntimeDefrag + + DevirtualiseMmio + + DisableSingleUser + + DisableVariableWrite + + DiscardHibernateMap + + EnableSafeModeSlide + + EnableWriteUnprotector + + ForceExitBootServices + + ProtectMemoryRegions + + ProtectSecureBoot + + ProtectUefiServices + + ProvideCustomSlide + + ProvideMaxSlide + 0 + RebuildAppleMemoryMap + + SetupVirtualMap + + SignalAppleOS + + SyncRuntimePermissions + + + + DeviceProperties + + Add + + PciRoot(0x1)/Pci(0x1F,0x0) + + compatible + pci8086,2916 + device-id + + FikA + + name + pci8086,2916 + + + Delete + + PciRoot(0x0)/Pci(0x1b,0x0) + + MaximumBootBeepVolume + + + + Kernel + + Add + + + Arch + Any + BundlePath + VoodooHDA.kext + Comment + + Enabled + + ExecutablePath + Contents/MacOS/VoodooHDA + MaxKernel + + MinKernel + + PlistPath + Contents/Info.plist + + + Arch + x86_64 + BundlePath + Lilu.kext + Comment + Patch engine + Enabled + + ExecutablePath + Contents/MacOS/Lilu + MaxKernel + + MinKernel + 12.0.0 + PlistPath + Contents/Info.plist + + + Arch + x86_64 + BundlePath + VirtualSMC.kext + Comment + SMC emulator + Enabled + + ExecutablePath + Contents/MacOS/VirtualSMC + MaxKernel + + MinKernel + 12.0.0 + PlistPath + Contents/Info.plist + + + Arch + x86_64 + BundlePath + WhateverGreen.kext + Comment + Video patches + Enabled + + ExecutablePath + Contents/MacOS/WhateverGreen + MaxKernel + + MinKernel + 12.0.0 + PlistPath + Contents/Info.plist + + + BundlePath + AGPMInjector.kext + Comment + + Enabled + + ExecutablePath + + MaxKernel + + MinKernel + + PlistPath + Contents/Info.plist + + + BundlePath + USBPorts.kext + Comment + + Enabled + + ExecutablePath + + MaxKernel + + MinKernel + + PlistPath + Contents/Info.plist + + + Arch + x86_64 + BundlePath + MCEReporterDisabler.kext + Comment + AppleMCEReporter disabler + Enabled + + ExecutablePath + + MaxKernel + + MinKernel + 19.0.0 + PlistPath + Contents/Info.plist + + + Block + + + Arch + Any + Comment + + Enabled + + Identifier + com.apple.driver.AppleTyMCEDriver + MaxKernel + + MinKernel + + + + Emulate + + Cpuid1Data + + VAYFAAAAAAAAAAAAAAAAAA== + + Cpuid1Mask + + ////AAAAAAAAAAAAAAAAAA== + + + Force + + + Arch + Any + BundlePath + System/Library/Extensions/IONetworkingFamily.kext + Comment + Patch engine + Enabled + + Identifier + com.apple.iokit.IONetworkingFamily + ExecutablePath + Contents/MacOS/IONetworkingFamily + MaxKernel + 13.99.99 + MinKernel + + PlistPath + Contents/Info.plist + + + Patch + + + Base + _cpu_topology_sort + Comment + algrey - cpu_topology_sort -disable _x86_validate_topology + Count + 1 + Enabled + + Find + + 6AAA//8= + + Identifier + kernel + Limit + 0 + Mask + + /wAA//8= + + MaxKernel + 20.99.99 + MinKernel + 17.0.0 + Replace + + Dx9EAAA= + + ReplaceMask + + + Skip + 0 + + + Base + + Comment + algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN + Count + 1 + Enabled + + Find + + MduAPQAAAAAGdQA= + + Identifier + kernel + Limit + 0 + Mask + + /////wAAAP///wA= + + MaxKernel + 20.99.99 + MinKernel + 17.0.0 + Replace + + u7xP6njpXQAAAJA= + + ReplaceMask + + + Skip + 0 + + + Quirks + + AppleCpuPmCfgLock + + AppleXcpmCfgLock + + AppleXcpmExtraMsrs + + AppleXcpmForceBoost + + CustomSMBIOSGuid + + DisableIoMapper + + DisableLinkeditJettison + + DisableRtcChecksum + + DummyPowerManagement + + ExternalDiskIcons + + IncreasePciBarSize + + LapicKernelPanic + + PanicNoKextDump + + PowerTimeoutKernelPanic + + ThirdPartyDrives + + XhciPortLimit + + + Scheme + + FuzzyMatch + + KernelArch + x86_64 + KernelCache + Auto + + + Misc + + BlessOverride + + Boot + + ConsoleAttributes + 0 + HibernateMode + Auto + HideAuxiliary + + PickerAttributes + 1 + PickerAudioAssist + + PickerMode + External + PollAppleHotKeys + + ShowPicker + + TakeoffDelay + 0 + Timeout + 0 + + Debug + + AppleDebug + + ApplePanic + + DisableWatchDog + + DisplayDelay + 0 + DisplayLevel + 2147483650 + SerialInit + + SysReport + + Target + 3 + + Entries + + Security + + AllowNvramReset + + AllowSetDefault + + ApECID + 0 + AuthRestart + + BootProtect + None + DmgLoading + Signed + EnablePassword + + ExposeSensitiveData + 6 + HaltLevel + 2147483648 + PasswordHash + + PasswordSalt + + ScanPolicy + 0 + SecureBootModel + Disabled + Vault + Optional + + Tools + + + Arguments + + Auxiliary + + Comment + Not signed for security reasons + Enabled + + Name + UEFI Shell + Path + OpenShell.efi + + + Arguments + Shutdown + Auxiliary + + Comment + Perform shutdown + Enabled + + Name + Shutdown + Path + ResetSystem.efi + + + + NVRAM + + Add + + 4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14 + + DefaultBackgroundColor + AAAAAA== + UIScale + AQ== + + 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102 + + rtc-blacklist + + + 7C436110-AB2A-4BBB-A880-FE41995C9F82 + + SystemAudioVolume + Rg== + boot-args + -v keepsyms=1 tlbto_us=0 vti=9 + run-efi-updater + No + csr-active-config + ZwAAAA== + prev-lang:kbd + ZW4tVVM6MA== + + + Delete + + 4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14 + + UIScale + DefaultBackgroundColor + + 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102 + + rtc-blacklist + + 7C436110-AB2A-4BBB-A880-FE41995C9F82 + + boot-args + + + LegacyEnable + + LegacyOverwrite + + LegacySchema + + 7C436110-AB2A-4BBB-A880-FE41995C9F82 + + EFILoginHiDPI + EFIBluetoothDelay + LocationServicesEnabled + SystemAudioVolume + SystemAudioVolumeDB + SystemAudioVolumeSaved + bluetoothActiveControllerInfo + bluetoothInternalControllerInfo + flagstate + fmm-computer-name + nvda_drv + prev-lang:kbd + + 8BE4DF61-93CA-11D2-AA0D-00E098032B8C + + Boot0080 + Boot0081 + Boot0082 + BootNext + BootOrder + + + WriteFlash + + + PlatformInfo + + Automatic + + Generic + + AdviseWindows + + MLB + {{BOARD_SERIAL_OLD}} + ROM + + {{ROM_OLD}} + + SpoofVendor + + SystemProductName + {{DEVICE_MODEL}} + SystemSerialNumber + {{SERIAL_OLD}} + SystemUUID + {{SYSTEM_UUID_OLD}} + + UpdateDataHub + + UpdateNVRAM + + UpdateSMBIOS + + UpdateSMBIOSMode + Create + + UEFI + + APFS + + EnableJumpstart + + GlobalConnect + + HideVerbose + + JumpstartHotPlug + + MinDate + 0 + MinVersion + 0 + + Audio + + AudioCodec + 0 + AudioDevice + PciRoot(0x1)/Pci(0x1,0x0)/Pci(0x0,0x1) + AudioOut + 0 + AudioSupport + + MinimumVolume + 20 + PlayChime + + VolumeAmplifier + 0 + + ConnectDrivers + + Drivers + + VBoxHfs.efi + OpenRuntime.efi + OpenCanopy.efi + #AudioDxe.efi + #OpenUsbKbDxe.efi + #UsbMouseDxe.efi + #Ps2KeyboardDxe.efi + #Ps2MouseDxe.efi + #HiiDatabase.efi + #NvmExpressDxe.efi + #XhciDxe.efi + #ExFatDxe.efi + #PartitionDxe.efi + #CrScreenshotDxe.efi + + Input + + KeyFiltering + + KeyForgetThreshold + 5 + KeyMergeThreshold + 2 + KeySupport + + KeySupportMode + Auto + KeySwap + + PointerSupport + + PointerSupportMode + ASUS + TimerResolution + 50000 + + Output + + ClearScreenOnModeSwitch + + ConsoleMode + + DirectGopRendering + + IgnoreTextInGraphics + + ProvideConsoleGop + + ReconnectOnResChange + + ReplaceTabWithSpace + + Resolution + 1920x1080@32 + SanitiseClearScreen + + TextRenderer + BuiltinGraphics + UgaPassThrough + + + ProtocolOverrides + + AppleAudio + + AppleBootPolicy + + AppleDebugLog + + AppleEvent + + AppleFramebufferInfo + + AppleImageConversion + + AppleImg4Verification + + AppleKeyMap + + AppleRtcRam + + AppleSecureBoot + + AppleSmcIo + + AppleUserInterfaceTheme + + DataHub + + DeviceProperties + + FirmwareVolume + + HashServices + + OSInfo + + UnicodeCollation + + + Quirks + + ExitBootServicesDelay + 0 + IgnoreInvalidFlexRatio + + ReleaseUsbOwnership + + RequestBootVarRouting + + TscSyncTimeout + 0 + UnblockFsConnect + + ConnectDrivers + + + + + diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh new file mode 100755 index 0000000..e87905c --- /dev/null +++ b/custom/generate-unique-machine-values.sh @@ -0,0 +1,172 @@ +#!/bin/bash +# ____ __ ____ ______ __ +# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ / +# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| / +# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / | +# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| SERIALIZER +# +# Repo: https://github.com/sickcodes/Docker-OSX/ +# Title: Mac on Docker (Docker-OSX) +# Author: Sick.Codes https://sick.codes/ +# Version: 3.1 +# License: GPLv3+ + +help_text="Usage: generate-unique-machine-values.sh + +Example: + ./generate-unique-machine-values.sh --count 1 --model="iMacPro1,1" + +General options: + --count, -n, -c Number of serials to generate + --model, -m Device model, e.g. "iMacPro1,1" + --csv Optionally change the CSV output filename. + --output-dir Optionally change the script output location. + --help, -h, help Display this help and exit + +Notes: + - Default is 1 serial for "iMacPro1,1" in the current working directory. + - CSV is double quoted. + - If you do not set a CSV filename, the output will be sent to the output-dir. + - If you do not set an output-dir, the current directory will be the output directory. + - Sourcable environment variable shell files will be written to a folder, "envs". + +Author: Sick.Codes https://sick.codes/ +Project: https://github.com/sickcodes/Docker-OSX/ +" + +MACINFOPKG_VERSION=2.1.2 + +# gather arguments +while (( "$#" )); do + case "${1}" in + + --help | -h | h | help ) + echo "${help_text}" && exit 0 + ;; + + --count=* | -c=* | -n=* ) + export SERIAL_SET_COUNT="${1#*=}" + shift + ;; + --count* | -c* | -n* ) + export SERIAL_SET_COUNT="${2}" + shift + shift + ;; + + --csv=* ) + export CSV_OUTPUT_FILENAME="${1#*=}" + shift + ;; + --csv* ) + export CSV_OUTPUT_FILENAME="${2}" + shift + shift + ;; + + --output-dir=* ) + export OUTPUT_DIRECTORY="${1#*=}" + shift + ;; + --output-dir* ) + export OUTPUT_DIRECTORY="${2}" + shift + shift + ;; + + --model=* | -m=* ) + export DEVICE_MODEL="${1#*=}" + shift + ;; + --model* | -m* ) + export DEVICE_MODEL="${2}" + shift + shift + ;; + + *) + echo "Invalid option. Running with default values..." + shift + ;; + esac +done + + +build_mac_serial () { + MACINFOPKG_VERSION="${MACINFOPKG_VERSION:=2.1.2}" + wget -O "${TARBALL:=./MacInfoPkg.tar.gz}" \ + "https://github.com/acidanthera/MacInfoPkg/archive/${MACINFOPKG_VERSION:=2.1.2}.tar.gz" + tar -xzvf "${TARBALL}" + cd "./MacInfoPkg-${MACINFOPKG_VERSION}/macserial" \ + && ./build.tool 2>/dev/null \ + && cd - + mv "./MacInfoPkg-${MACINFOPKG_VERSION}/macserial/bin/macserial" . + rm -f "${TARBALL}" + rm -rf "./MacInfoPkg-${MACINFOPKG_VERSION}/" + chmod +x macserial + stat ./macserial +} + +download_vendor_mac_addresses () { + # download the MAC Address vendor list + [[ -e "${MAC_ADDRESSES_FILE:=vendor_macs.tsv}" ]] || wget -O "${MAC_ADDRESSES_FILE}" https://gitlab.com/wireshark/wireshark/-/raw/master/manuf +} + +generate_serial_sets () { + mkdir -p "${OUTPUT_DIRECTORY}/envs" + export DATE_NOW="$(date +%F-%T)" + export DEVICE_MODEL="${DEVICE_MODEL:=iMacPro1,1}" + export VENDOR_REGEX="${VENDOR_REGEX:=Apple, Inc.}" + + if [[ "${CSV_OUTPUT_FILENAME}" ]]; then + export SERIAL_SETS_FILE="${CSV_OUTPUT_FILENAME}" + else + export SERIAL_SETS_FILE="${OUTPUT_DIRECTORY}/serial_sets-${DATE_NOW}.csv" + fi + + touch "${SERIAL_SETS_FILE}" + echo "Writing serial sets to ${SERIAL_SETS_FILE}" + + ./macserial \ + --num "${SERIAL_SET_COUNT:=1}" \ + --model "${DEVICE_MODEL}" \ + | while IFS='\ \|\ ' read -r Serial BoardSerial; do + # make a uuid... + SmUUID="$(uuidgen)" + SmUUID="${SmUUID^^}" + + # get a random vendor specific MAC address. + RANDOM_MAC_PREFIX="$(grep -e "${VENDOR_REGEX}" < "${MAC_ADDRESSES_FILE:=vendor_macs.tsv}" | sort --random-sort | head -n1)" + RANDOM_MAC_PREFIX="$(cut -d$'\t' -f1 <<< "${RANDOM_MAC_PREFIX}")" + MacAddress="$(printf "${RANDOM_MAC_PREFIX}:%02X:%02X:%02X" $[RANDOM%256] $[RANDOM%256] $[RANDOM%256])" + + echo "\"${DEVICE_MODEL}\",\"${Serial}\",\"${BoardSerial}\",\"${SmUUID}\",\"${MacAddress}\"" >> "${SERIAL_SETS_FILE}" + touch "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" + cat < "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" +export Type=${DEVICE_MODEL} +export Serial=${Serial} +export BoardSerial=${BoardSerial} +export SmUUID=${SmUUID} +export MacAddress=${MacAddress} +EOF + done + + cat <(echo "Type,Serial,BoardSerial,SmUUID,MacAddress") "${SERIAL_SETS_FILE}" +} + +main () { + # setting default variables if there are no options + cat < Date: Wed, 24 Feb 2021 05:29:17 +0000 Subject: [PATCH 02/20] Add zip, fix global variables in the serial generator. --- Dockerfile | 2 +- custom/generate-unique-machine-values.sh | 17 ++++++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8445ecb..c4c0dd0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -91,7 +91,7 @@ RUN if [[ "${RANKMIRRORS}" ]]; then \ # RUN tee -a /etc/pacman.conf <<< '[community-testing]' \ # && tee -a /etc/pacman.conf <<< 'Include = /etc/pacman.d/mirrorlist' -RUN pacman -Syu git vim nano alsa-utils openssh --noconfirm \ +RUN pacman -Syu git zip vim nano alsa-utils openssh --noconfirm \ && ln -s /bin/vim /bin/vi \ && useradd arch -p arch \ && tee -a /etc/sudoers <<< 'arch ALL=(ALL) NOPASSWD: ALL' \ diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh index e87905c..c97db87 100755 --- a/custom/generate-unique-machine-values.sh +++ b/custom/generate-unique-machine-values.sh @@ -93,17 +93,17 @@ done build_mac_serial () { - MACINFOPKG_VERSION="${MACINFOPKG_VERSION:=2.1.2}" + export MACINFOPKG_VERSION="${MACINFOPKG_VERSION:=2.1.2}" wget -O "${TARBALL:=./MacInfoPkg.tar.gz}" \ - "https://github.com/acidanthera/MacInfoPkg/archive/${MACINFOPKG_VERSION:=2.1.2}.tar.gz" + "https://github.com/acidanthera/MacInfoPkg/archive/${MACINFOPKG_VERSION}.tar.gz" tar -xzvf "${TARBALL}" cd "./MacInfoPkg-${MACINFOPKG_VERSION}/macserial" \ - && ./build.tool 2>/dev/null \ + && ./build.tool \ && cd - mv "./MacInfoPkg-${MACINFOPKG_VERSION}/macserial/bin/macserial" . rm -f "${TARBALL}" rm -rf "./MacInfoPkg-${MACINFOPKG_VERSION}/" - chmod +x macserial + chmod +x ./macserial stat ./macserial } @@ -156,10 +156,13 @@ EOF main () { # setting default variables if there are no options + export DEVICE_MODEL="${DEVICE_MODEL:=iMacPro1,1}" + export SERIAL_SET_COUNT="${SERIAL_SET_COUNT:=1}" + export OUTPUT_DIRECTORY="${OUTPUT_DIRECTORY:=.}" cat < Date: Wed, 24 Feb 2021 05:52:17 +0000 Subject: [PATCH 03/20] Add config.plist and OpenCore boot disk generator to the script. --- custom/generate-unique-machine-values.sh | 50 ++++++- custom/opencore-image-ng.sh | 163 +++++++++++++++++++++++ 2 files changed, 212 insertions(+), 1 deletion(-) create mode 100755 custom/opencore-image-ng.sh diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh index c97db87..a93aab6 100755 --- a/custom/generate-unique-machine-values.sh +++ b/custom/generate-unique-machine-values.sh @@ -21,7 +21,10 @@ General options: --model, -m Device model, e.g. "iMacPro1,1" --csv Optionally change the CSV output filename. --output-dir Optionally change the script output location. + --help, -h, help Display this help and exit + --plists Create corresponding config.plists for each serial set. + --qcows [SLOW] Create corresponding boot disk images for each serial set. Notes: - Default is 1 serial for "iMacPro1,1" in the current working directory. @@ -29,12 +32,14 @@ Notes: - If you do not set a CSV filename, the output will be sent to the output-dir. - If you do not set an output-dir, the current directory will be the output directory. - Sourcable environment variable shell files will be written to a folder, "envs". + - config.plist files will be written to a folder, "plists". Author: Sick.Codes https://sick.codes/ Project: https://github.com/sickcodes/Docker-OSX/ " MACINFOPKG_VERSION=2.1.2 +PLIST_MASTER=config-nopicker-custom.plist # gather arguments while (( "$#" )); do @@ -84,6 +89,15 @@ while (( "$#" )); do shift ;; + --plists ) + export CREATE_PLISTS=1 + shift + ;; + --qcows ) + export CREATE_QCOWS=1 + shift + ;; + *) echo "Invalid option. Running with default values..." shift @@ -112,6 +126,21 @@ download_vendor_mac_addresses () { [[ -e "${MAC_ADDRESSES_FILE:=vendor_macs.tsv}" ]] || wget -O "${MAC_ADDRESSES_FILE}" https://gitlab.com/wireshark/wireshark/-/raw/master/manuf } +download_qcow_efi_folder () { + git clone https://github.com/kholia/OSX-KVM.git + cp -ra ./OSX-KVM/OpenCore-Catalina/EFI . + mkdir -p ./EFI/OC/Resources + # clone some Apple drivers + git clone https://github.com/acidanthera/OcBinaryData.git + + # copy said drivers into EFI/OC/Resources + cp -a ./OcBinaryData/Resources/* ./EFI/OC/Resources + + # EFI Shell commands + touch startup.nsh && echo 'fs0:\EFI\BOOT\BOOTx64.efi' > startup.nsh +} + + generate_serial_sets () { mkdir -p "${OUTPUT_DIRECTORY}/envs" export DATE_NOW="$(date +%F-%T)" @@ -149,7 +178,25 @@ export BoardSerial=${BoardSerial} export SmUUID=${SmUUID} export MacAddress=${MacAddress} EOF - done + + if [[ "${CREATE_PLISTS}" ]] || [[ "${CREATE_QCOWS}" ]]; then + mkdir -p "${OUTPUT_DIRECTORY}/plists" + sed -e s/{{DEVICE_MODEL}}/"${Type}"/g \ + -e s/{{SERIAL_OLD}}/"${Serial}"/g \ + -e s/{{BOARD_SERIAL_OLD}}/"${BoardSerial}"/g \ + -e s/{{SYSTEM_UUID_OLD}}/"${SmUUID}"/g \ + -e s/{{ROM_OLD}}/"${ROM_VALUE}"/g \ + "${PLIST_MASTER}" > "${OUTPUT_DIRECTORY}/plists/${Serial}.config.plist" || exit 1 + fi + + if [[ "${CREATE_QCOWS}" ]]; then + mkdir -p "${OUTPUT_DIRECTORY}/qcows" + ./opencore-image-ng.sh \ + --cfg "${OUTPUT_DIRECTORY}/plists/${Serial}.config.plist" \ + --img "${OUTPUT_DIRECTORY}/qcows/${Serial}.OpenCore-nopicker.qcow2" || exit 1 + fi + + done cat <(echo "Type,Serial,BoardSerial,SmUUID,MacAddress") "${SERIAL_SETS_FILE}" } @@ -167,6 +214,7 @@ EOF [[ -d "${OUTPUT_DIRECTORY}" ]] || mkdir -p "${OUTPUT_DIRECTORY}" [[ -e ./macserial ]] || build_mac_serial download_vendor_mac_addresses + download_qcow_efi_folder generate_serial_sets echo "${SERIAL_SETS_FILE}" } diff --git a/custom/opencore-image-ng.sh b/custom/opencore-image-ng.sh new file mode 100755 index 0000000..6cbfe5b --- /dev/null +++ b/custom/opencore-image-ng.sh @@ -0,0 +1,163 @@ +#!/usr/bin/env bash + +# https://github.com/kraxel/imagefish + +###################################################################### +# defaults + +iso="" +img="" +cfg="" + +###################################################################### +# create work dir + +function msg() { + local txt="$1" + local bold="\x1b[1m" + local normal="\x1b[0m" + echo -e "${bold}### ${txt}${normal}" +} + +function do_cleanup() { + msg "cleaning up ..." + if test "$GUESTFISH_PID" != ""; then + guestfish --remote -- exit >/dev/null 2>&1 || true + fi + sudo rm -rf "$WORK" +} + +WORK="${TMPDIR-/var/tmp}/${0##*/}-$$" +mkdir "$WORK" || exit 1 +trap 'do_cleanup' EXIT + +BASE="$(dirname $0)" + +###################################################################### +# parse args + +function print_help() { +cat < + --img + --cfg +EOF +} + +while test "$1" != ""; do + case "$1" in + --iso) + iso="$2" + shift; shift + ;; + --img) + img="$2" + shift; shift + ;; + --cfg) + cfg="$2" + shift; shift + ;; + esac +done + +###################################################################### +# guestfish script helpers + +function fish() { + echo "#" "$@" + guestfish --remote -- "$@" || exit 1 +} + +function fish_init() { + local format + + case "$img" in + *.raw) format="raw" ;; + *) format="qcow2";; + esac + + msg "creating and adding disk image" + fish disk-create $img $format 384M + fish add $img + fish run +} + +function fish_fini() { + fish umount-all +} + +###################################################################### +# sanity checks + +if test ! -f "$cfg"; then + echo "ERROR: cfg not found: $cfg" + exit 1 +fi +if test -f "$img"; then + if test "$allow_override" = "yes"; then + rm -f "$img" + else + echo "ERROR: image exists: $img" + exit 1 + fi +fi + +###################################################################### +# go! + +msg "copy files from local folder" +BASE="$(dirname $0)" +cp -a $BASE/EFI $WORK +find "$WORK" + +#msg "[debug] list drivers in EFI/OC" +#(cd $WORK/EFI/OC; find driver* -print) + +export LIBGUESTFS_BACKEND=direct +eval $(guestfish --listen) +if test "$GUESTFISH_PID" = ""; then + echo "ERROR: starting guestfish failed" + exit 1 +fi + +fish_init + +msg "partition disk image" +fish part-init /dev/sda gpt +fish part-add /dev/sda p 2048 300000 +fish part-add /dev/sda p 302048 -2048 +fish part-set-gpt-type /dev/sda 1 C12A7328-F81F-11D2-BA4B-00A0C93EC93B +fish part-set-bootable /dev/sda 1 true +fish mkfs vfat /dev/sda1 label:EFI +fish mkfs vfat /dev/sda2 label:OpenCoreBoo +fish mount /dev/sda2 / +fish mkdir /ESP +fish mount /dev/sda1 /ESP + +msg "copy files to disk image" +cp -v "$cfg" $WORK/config.plist +fish mkdir /ESP/EFI +fish mkdir /ESP/EFI/OC +fish mkdir /ESP/EFI/OC/Kexts +fish mkdir /ESP/EFI/OC/ACPI +fish mkdir /ESP/EFI/OC/Resources +fish mkdir /ESP/EFI/OC/Tools +fish copy-in $WORK/EFI/BOOT /ESP/EFI +fish copy-in $WORK/EFI/OC/OpenCore.efi /ESP/EFI/OC +fish copy-in $WORK/EFI/OC/Drivers /ESP/EFI/OC/ +fish copy-in $WORK/EFI/OC/Kexts /ESP/EFI/OC/ +fish copy-in $WORK/EFI/OC/ACPI /ESP/EFI/OC/ +fish copy-in $WORK/EFI/OC/Resources /ESP/EFI/OC/ +fish copy-in $WORK/EFI/OC/Tools /ESP/EFI/OC/ + +# Note +fish copy-in startup.nsh / + +BASE="$(dirname $0)" +fish copy-in "$WORK/config.plist" /ESP/EFI/OC/ + +fish find /ESP/ +fish_fini From 246fd12c1842da1ef03d2b6241c15e7e60731609 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Wed, 24 Feb 2021 09:46:18 +0000 Subject: [PATCH 04/20] TSV output, for easier scripting --- custom/generate-unique-machine-values.sh | 69 ++++++++++++++++++------ 1 file changed, 54 insertions(+), 15 deletions(-) diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh index a93aab6..d754d04 100755 --- a/custom/generate-unique-machine-values.sh +++ b/custom/generate-unique-machine-values.sh @@ -13,26 +13,37 @@ help_text="Usage: generate-unique-machine-values.sh -Example: - ./generate-unique-machine-values.sh --count 1 --model="iMacPro1,1" - General options: --count, -n, -c Number of serials to generate - --model, -m Device model, e.g. "iMacPro1,1" + --model, -m Device model, e.g. 'iMacPro1,1' --csv Optionally change the CSV output filename. + --tsv Optionally change the TSV output filename. --output-dir Optionally change the script output location. --help, -h, help Display this help and exit --plists Create corresponding config.plists for each serial set. --qcows [SLOW] Create corresponding boot disk images for each serial set. +Example: + ./generate-unique-machine-values.sh --count 1 --model='iMacPro1,1' --plists --qcows + + The above example will generate a + - serial + - board serial + - uuid + - MAC address + - ROM value based on lowercase MAC address + - Boot disk qcow image. + - config.plist + Notes: - - Default is 1 serial for "iMacPro1,1" in the current working directory. + - Default is 1 serial for 'iMacPro1,1' in the current working directory. + - Default output is CSV, whereas setting the TSV option will output as tab-separated. - CSV is double quoted. - If you do not set a CSV filename, the output will be sent to the output-dir. - If you do not set an output-dir, the current directory will be the output directory. - - Sourcable environment variable shell files will be written to a folder, "envs". - - config.plist files will be written to a folder, "plists". + - Sourcable environment variable shell files will be written to a folder, 'envs'. + - config.plist files will be written to a folder, 'plists'. Author: Sick.Codes https://sick.codes/ Project: https://github.com/sickcodes/Docker-OSX/ @@ -69,6 +80,16 @@ while (( "$#" )); do shift ;; + --tsv=* ) + export TSV_OUTPUT_FILENAME="${1#*=}" + shift + ;; + --tsv* ) + export TSV_OUTPUT_FILENAME="${2}" + shift + shift + ;; + --output-dir=* ) export OUTPUT_DIRECTORY="${1#*=}" shift @@ -127,15 +148,13 @@ download_vendor_mac_addresses () { } download_qcow_efi_folder () { - git clone https://github.com/kholia/OSX-KVM.git + git clone --depth 1 https://github.com/kholia/OSX-KVM.git cp -ra ./OSX-KVM/OpenCore-Catalina/EFI . mkdir -p ./EFI/OC/Resources # clone some Apple drivers - git clone https://github.com/acidanthera/OcBinaryData.git - + git clone --depth 1 https://github.com/acidanthera/OcBinaryData.git # copy said drivers into EFI/OC/Resources cp -a ./OcBinaryData/Resources/* ./EFI/OC/Resources - # EFI Shell commands touch startup.nsh && echo 'fs0:\EFI\BOOT\BOOTx64.efi' > startup.nsh } @@ -147,8 +166,9 @@ generate_serial_sets () { export DEVICE_MODEL="${DEVICE_MODEL:=iMacPro1,1}" export VENDOR_REGEX="${VENDOR_REGEX:=Apple, Inc.}" - if [[ "${CSV_OUTPUT_FILENAME}" ]]; then - export SERIAL_SETS_FILE="${CSV_OUTPUT_FILENAME}" + if [[ "${CSV_OUTPUT_FILENAME}" ]] || [[ "${TSV_OUTPUT_FILENAME}" ]]; then + [[ ${CSV_OUTPUT_FILENAME} ]] && export CSV_SERIAL_SETS_FILE="${CSV_OUTPUT_FILENAME}" + [[ ${TSV_OUTPUT_FILENAME} ]] && export TSV_SERIAL_SETS_FILE="${TSV_OUTPUT_FILENAME}" else export SERIAL_SETS_FILE="${OUTPUT_DIRECTORY}/serial_sets-${DATE_NOW}.csv" fi @@ -169,7 +189,16 @@ generate_serial_sets () { RANDOM_MAC_PREFIX="$(cut -d$'\t' -f1 <<< "${RANDOM_MAC_PREFIX}")" MacAddress="$(printf "${RANDOM_MAC_PREFIX}:%02X:%02X:%02X" $[RANDOM%256] $[RANDOM%256] $[RANDOM%256])" - echo "\"${DEVICE_MODEL}\",\"${Serial}\",\"${BoardSerial}\",\"${SmUUID}\",\"${MacAddress}\"" >> "${SERIAL_SETS_FILE}" + # append to csv file + if [[ "${CSV_SERIAL_SETS_FILE}" ]]; then + echo "\"${DEVICE_MODEL}\",\"${Serial}\",\"${BoardSerial}\",\"${SmUUID}\",\"${MacAddress}\"" >> "${CSV_SERIAL_SETS_FILE}" + fi + + # append to tsv file + if [[ "${TSV_SERIAL_SETS_FILE}" ]]; then + printf "${DEVICE_MODEL}\t${Serial}\t${BoardSerial}\t${SmUUID}\t${MacAddress}\n" >> "${TSV_SERIAL_SETS_FILE}" + fi + touch "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" cat < "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" export Type=${DEVICE_MODEL} @@ -179,8 +208,12 @@ export SmUUID=${SmUUID} export MacAddress=${MacAddress} EOF + # plist required for qcows, so create anyway. if [[ "${CREATE_PLISTS}" ]] || [[ "${CREATE_QCOWS}" ]]; then mkdir -p "${OUTPUT_DIRECTORY}/plists" + source "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" + ROM_VALUE="${MacAddress//\:/}" + ROM_VALUE="${ROM_VALUE,,}" sed -e s/{{DEVICE_MODEL}}/"${Type}"/g \ -e s/{{SERIAL_OLD}}/"${Serial}"/g \ -e s/{{BOARD_SERIAL_OLD}}/"${BoardSerial}"/g \ @@ -198,7 +231,13 @@ EOF done - cat <(echo "Type,Serial,BoardSerial,SmUUID,MacAddress") "${SERIAL_SETS_FILE}" + [[ -e "${CSV_SERIAL_SETS_FILE}" ]] && \ + cat <(echo "Type,Serial,BoardSerial,SmUUID,MacAddress") "${CSV_SERIAL_SETS_FILE}" + + + [[ -e "${TSV_SERIAL_SETS_FILE}" ]] && \ + cat <(printf "Type\tSerial\tBoardSerial\tSmUUID\tMacAddress\n") "${TSV_SERIAL_SETS_FILE}" + } main () { From 7886e0fd065bfaaa773787aed2ac055061abd388 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Wed, 24 Feb 2021 11:49:20 +0000 Subject: [PATCH 05/20] Add --output-env && --output-bootdisk --- README.md | 25 +-------------- custom/generate-unique-machine-values.sh | 39 +++++++++++++++++++----- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/README.md b/README.md index d8eb9d0..8090b91 100644 --- a/README.md +++ b/README.md @@ -499,30 +499,7 @@ sudo mv somedir/mac_hdd_ng.img . # Use an Old Docker-OSX Disk in a Fresh Container (Replication) -You do not have to reinstall everything, you can simply: - -- start a new container - -- overwrite the .img in the new container with your big old one - -```bash - -# start a new docker-osx container -# you can start with ssh, without, or vnc, because they are all interchangable. - -# get the NEW container id -docker ps - -# docker cp your OLD disk into the NEW container -docker cp ./mac_hdd_ng.img newcontainerid:/home/arch/OSX-KVM/mac_hdd_ng.img - -# kill the NEW container -docker kill newcontainerid - -# start the NEW container and it just works -docker start newcontainerid - -``` +[Use the sickcodes/docker-osx:naked image.](https://github.com/sickcodes/Docker-OSX/tree/custom-identity#quick-start-own-image) # DESTROY: Wipe old images to free disk space diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh index d754d04..aef200b 100755 --- a/custom/generate-unique-machine-values.sh +++ b/custom/generate-unique-machine-values.sh @@ -18,14 +18,16 @@ General options: --model, -m Device model, e.g. 'iMacPro1,1' --csv Optionally change the CSV output filename. --tsv Optionally change the TSV output filename. + --output-bootdisk Optionally change the bootdisk qcow output filename. Useless when count > 1. + --output-env Optionally change the bootdisk env filename. Useless when count > 1. --output-dir Optionally change the script output location. --help, -h, help Display this help and exit --plists Create corresponding config.plists for each serial set. - --qcows [SLOW] Create corresponding boot disk images for each serial set. + --bootdisks [SLOW] Create corresponding boot disk images for each serial set. Example: - ./generate-unique-machine-values.sh --count 1 --model='iMacPro1,1' --plists --qcows + ./generate-unique-machine-values.sh --count 1 --model='iMacPro1,1' --plists --bootdisks The above example will generate a - serial @@ -100,6 +102,26 @@ while (( "$#" )); do shift ;; + --output-bootdisk=* ) + export OUTPUT_QCOW="${1#*=}" + shift + ;; + --output-bootdisk* ) + export OUTPUT_QCOW="${2}" + shift + shift + ;; + + --output-env=* ) + export OUTPUT_ENV="${1#*=}" + shift + ;; + --output-env* ) + export OUTPUT_ENV="${2}" + shift + shift + ;; + --model=* | -m=* ) export DEVICE_MODEL="${1#*=}" shift @@ -114,7 +136,7 @@ while (( "$#" )); do export CREATE_PLISTS=1 shift ;; - --qcows ) + --bootdisks ) export CREATE_QCOWS=1 shift ;; @@ -199,8 +221,9 @@ generate_serial_sets () { printf "${DEVICE_MODEL}\t${Serial}\t${BoardSerial}\t${SmUUID}\t${MacAddress}\n" >> "${TSV_SERIAL_SETS_FILE}" fi - touch "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" - cat < "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" + OUTPUT_ENV_FILE="${OUTPUT_ENV:-"${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh"}" + touch "${OUTPUT_ENV_FILE}" + cat < "${OUTPUT_ENV_FILE}" export Type=${DEVICE_MODEL} export Serial=${Serial} export BoardSerial=${BoardSerial} @@ -208,10 +231,10 @@ export SmUUID=${SmUUID} export MacAddress=${MacAddress} EOF - # plist required for qcows, so create anyway. + # plist required for bootdisks, so create anyway. if [[ "${CREATE_PLISTS}" ]] || [[ "${CREATE_QCOWS}" ]]; then mkdir -p "${OUTPUT_DIRECTORY}/plists" - source "${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh" + source "${OUTPUT_ENV_FILE}" ROM_VALUE="${MacAddress//\:/}" ROM_VALUE="${ROM_VALUE,,}" sed -e s/{{DEVICE_MODEL}}/"${Type}"/g \ @@ -226,7 +249,7 @@ EOF mkdir -p "${OUTPUT_DIRECTORY}/qcows" ./opencore-image-ng.sh \ --cfg "${OUTPUT_DIRECTORY}/plists/${Serial}.config.plist" \ - --img "${OUTPUT_DIRECTORY}/qcows/${Serial}.OpenCore-nopicker.qcow2" || exit 1 + --img "${OUTPUT_QCOW:-${OUTPUT_DIRECTORY}/qcows/${Serial}.OpenCore-nopicker.qcow2}" || exit 1 fi done From 4ffed5472416cf0662cf356343bde23f20f0e541 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Wed, 24 Feb 2021 12:17:16 +0000 Subject: [PATCH 06/20] WIP generate-specific-bootdisk.sh --- custom/generate-specific-bootdisk.sh | 184 +++++++++++++++++++++++++++ 1 file changed, 184 insertions(+) create mode 100755 custom/generate-specific-bootdisk.sh diff --git a/custom/generate-specific-bootdisk.sh b/custom/generate-specific-bootdisk.sh new file mode 100755 index 0000000..2717d22 --- /dev/null +++ b/custom/generate-specific-bootdisk.sh @@ -0,0 +1,184 @@ +#!/bin/bash +# ____ __ ____ ______ __ +# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ / +# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| / +# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / | +# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| GEN BOOT DISK +# +# Repo: https://github.com/sickcodes/Docker-OSX/ +# Title: Mac on Docker (Docker-OSX) +# Author: Sick.Codes https://sick.codes/ +# Version: 3.1 +# License: GPLv3+ + +help_text="Usage: generate-specific-bootdisk.sh + +General options: + --model Device model, e.g. 'iMacPro1,1' + --serial Device Serial number. + --board-serial Board Serial number. + --uuid SmUUID. + --mac-address Used to set the ROM value; lowercased and without a colon. + --output-bootdisk Optionally change the bootdisk output filename. + --custom-plist Optionally change the input plist. + + --help, -h, help Display this help and exit + +Example: + ./genboot.sh \\ + --model iMacPro1,1 \\ + --serial C02TW0WAHX87 \\ + --board-serial C027251024NJG36UE \\ + --uuid 5CCB366D-9118-4C61-A00A-E5BAF3BED451 \\ + --mac-address A8:5C:2C:9A:46:2F \\ + --output-bootdisk OpenCore-nopicker.qcow2 + +Author: Sick.Codes https://sick.codes/ +Project: https://github.com/sickcodes/Docker-OSX/ +" + +PLIST_MASTER=config-nopicker-custom.plist + +# gather arguments +while (( "$#" )); do + case "${1}" in + + --help | -h | h | help ) + echo "${help_text}" && exit 0 + ;; + + --model=* | -m=* ) + export DEVICE_MODEL="${1#*=}" + shift + ;; + --model* | -m* ) + export DEVICE_MODEL="${2}" + shift + shift + ;; + + --serial=* ) + export SERIAL_NUMBER="${1#*=}" + shift + ;; + --serial* ) + export SERIAL_NUMBER="${2}" + shift + shift + ;; + + --board-serial=* ) + export BOARD_SERIAL_NUMBER="${1#*=}" + shift + ;; + --board-serial* ) + export BOARD_SERIAL_NUMBER="${2}" + shift + shift + ;; + + --uuid=* ) + export UUID="${1#*=}" + shift + ;; + --uuid* ) + export UUID="${2}" + shift + shift + ;; + + --mac-address=* ) + export MAC_ADDRESS="${1#*=}" + shift + ;; + --mac-address* ) + export MAC_ADDRESS="${2}" + shift + shift + ;; + + --output-bootdisk=* ) + export OUTPUT_QCOW="${1#*=}" + shift + ;; + --output-bootdisk* ) + export OUTPUT_QCOW="${2}" + shift + shift + ;; + + --custom-plist=* ) + export INPUT_PLIST="${1#*=}" + shift + ;; + --custom-plist* ) + export INPUT_PLIST="${2}" + shift + shift + ;; + + *) + echo "Invalid option. Running with default values..." + shift + ;; + esac +done + + +download_qcow_efi_folder () { + git clone --depth 1 https://github.com/kholia/OSX-KVM.git + cp -ra ./OSX-KVM/OpenCore-Catalina/EFI . + mkdir -p ./EFI/OC/Resources + # clone some Apple drivers + git clone --depth 1 https://github.com/acidanthera/OcBinaryData.git + # copy said drivers into EFI/OC/Resources + cp -a ./OcBinaryData/Resources/* ./EFI/OC/Resources + # EFI Shell commands + touch startup.nsh && echo 'fs0:\EFI\BOOT\BOOTx64.efi' > startup.nsh +} + +generate_bootdisk () { + [[ -e ./config-nopicker-custom.plist ]] || wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/custom-identity/custom/config-nopicker-custom.plist + [[ -e ./opencore-image-ng.sh ]] || wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/custom-identity/custom/opencore-image-ng.sh && chmod +x opencore-image-ng.sh + # plist required for bootdisks, so create anyway. + if [[ "${DEVICE_MODEL}" ]] \ + && [[ "${SERIAL_NUMBER}" ]] \ + && [[ "${BOARD_SERIAL_NUMBER}" ]] \ + && [[ "${UUID}" ]] \ + && [[ "${MAC_ADDRESS}" ]]; then + ROM_VALUE="${MacAddress//\:/}" + ROM_VALUE="${ROM_VALUE,,}" + sed -e s/{{DEVICE_MODEL}}/"${DEVICE_MODEL}"/g \ + -e s/{{SERIAL_OLD}}/"${SERIAL_NUMBER}"/g \ + -e s/{{BOARD_SERIAL_OLD}}/"${BOARD_SERIAL_NUMBER}"/g \ + -e s/{{SYSTEM_UUID_OLD}}/"${UUID}"/g \ + -e s/{{ROM_OLD}}/"${ROM_VALUE}"/g \ + "${PLIST_MASTER}" > ./tmp.config.plist || exit 1 + else + cat < Date: Thu, 25 Feb 2021 08:52:56 +0000 Subject: [PATCH 07/20] Add Linux, libguestfs for building bootdisks within the Docker container. Add CPU_STRING to optionally override the whole CPU string. Unify variable names in ./custom. --- Dockerfile | 16 +++++++-- custom/config-nopicker-custom.plist | 8 ++--- custom/generate-specific-bootdisk.sh | 42 +++++++++++----------- custom/generate-unique-machine-values.sh | 46 ++++++++++++------------ custom/opencore-image-ng.sh | 25 ++++++------- 5 files changed, 75 insertions(+), 62 deletions(-) diff --git a/Dockerfile b/Dockerfile index c4c0dd0..453c66e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -174,6 +174,18 @@ RUN python fetch-macOS.py --version "${VERSION}" \ WORKDIR /home/arch/OSX-KVM +ARG LINUX=true + +# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly +RUN if [[ "${LINUX}" == true ]]; then \ + sudo pacman -Syu linux libguestfs --noconfirm \ + && patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \ + && curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \ + && bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine." \ + ; fi + +RUN git clone https://github.com/sickcodes/Docker-OSX.git + RUN touch Launch.sh \ && chmod +x ./Launch.sh \ && tee -a Launch.sh <<< '#!/bin/sh' \ @@ -183,7 +195,7 @@ RUN touch Launch.sh \ && tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-8}000 \' \ && tee -a Launch.sh <<< '-cpu Penryn,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+pcid,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check \' \ && tee -a Launch.sh <<< '-machine q35,accel=kvm:tcg \' \ - && tee -a Launch.sh <<< '-smp ${SMP:-4},cores=${CORES:-4} \' \ + && tee -a Launch.sh <<< '-smp ${CPU_STRING:-${SMP:-4},cores=${CORES:-4}} \' \ && tee -a Launch.sh <<< '-usb -device usb-kbd -device usb-tablet \' \ && tee -a Launch.sh <<< '-device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \' \ && tee -a Launch.sh <<< '-drive if=pflash,format=raw,readonly,file=/home/arch/OSX-KVM/OVMF_CODE.fd \' \ @@ -191,7 +203,7 @@ RUN touch Launch.sh \ && tee -a Launch.sh <<< '-smbios type=2 \' \ && tee -a Launch.sh <<< '-audiodev ${AUDIO_DRIVER:-alsa},id=hda -device ich9-intel-hda -device hda-duplex,audiodev=hda \' \ && tee -a Launch.sh <<< '-device ich9-ahci,id=sata \' \ - && tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \' \ + && tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2} \' \ && tee -a Launch.sh <<< '-device ide-hd,bus=sata.2,drive=OpenCoreBoot \' \ && tee -a Launch.sh <<< '-device ide-hd,bus=sata.3,drive=InstallMedia \' \ && tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \' \ diff --git a/custom/config-nopicker-custom.plist b/custom/config-nopicker-custom.plist index c93ee96..6166234 100644 --- a/custom/config-nopicker-custom.plist +++ b/custom/config-nopicker-custom.plist @@ -702,19 +702,19 @@ AdviseWindows MLB - {{BOARD_SERIAL_OLD}} + {{BOARD_SERIAL}} ROM - {{ROM_OLD}} + {{ROM}} SpoofVendor SystemProductName {{DEVICE_MODEL}} SystemSerialNumber - {{SERIAL_OLD}} + {{SERIAL}} SystemUUID - {{SYSTEM_UUID_OLD}} + {{UUID}} UpdateDataHub diff --git a/custom/generate-specific-bootdisk.sh b/custom/generate-specific-bootdisk.sh index 2717d22..46c3571 100755 --- a/custom/generate-specific-bootdisk.sh +++ b/custom/generate-specific-bootdisk.sh @@ -25,12 +25,12 @@ General options: --help, -h, help Display this help and exit Example: - ./genboot.sh \\ - --model iMacPro1,1 \\ - --serial C02TW0WAHX87 \\ - --board-serial C027251024NJG36UE \\ - --uuid 5CCB366D-9118-4C61-A00A-E5BAF3BED451 \\ - --mac-address A8:5C:2C:9A:46:2F \\ + ./generate-specific-bootdisk.sh \ + --model iMacPro1,1 \ + --serial C02TW0WAHX87 \ + --board-serial C027251024NJG36UE \ + --uuid 5CCB366D-9118-4C61-A00A-E5BAF3BED451 \ + --mac-address A8:5C:2C:9A:46:2F \ --output-bootdisk OpenCore-nopicker.qcow2 Author: Sick.Codes https://sick.codes/ @@ -58,21 +58,21 @@ while (( "$#" )); do ;; --serial=* ) - export SERIAL_NUMBER="${1#*=}" + export SERIAL="${1#*=}" shift ;; --serial* ) - export SERIAL_NUMBER="${2}" + export SERIAL="${2}" shift shift ;; --board-serial=* ) - export BOARD_SERIAL_NUMBER="${1#*=}" + export BOARD_SERIAL="${1#*=}" shift ;; --board-serial* ) - export BOARD_SERIAL_NUMBER="${2}" + export BOARD_SERIAL="${2}" shift shift ;; @@ -142,25 +142,25 @@ generate_bootdisk () { [[ -e ./opencore-image-ng.sh ]] || wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/custom-identity/custom/opencore-image-ng.sh && chmod +x opencore-image-ng.sh # plist required for bootdisks, so create anyway. if [[ "${DEVICE_MODEL}" ]] \ - && [[ "${SERIAL_NUMBER}" ]] \ - && [[ "${BOARD_SERIAL_NUMBER}" ]] \ + && [[ "${SERIAL}" ]] \ + && [[ "${BOARD_SERIALR}" ]] \ && [[ "${UUID}" ]] \ && [[ "${MAC_ADDRESS}" ]]; then - ROM_VALUE="${MacAddress//\:/}" - ROM_VALUE="${ROM_VALUE,,}" + ROM="${MAC_ADDRESS//\:/}" + ROM="${ROM,,}" sed -e s/{{DEVICE_MODEL}}/"${DEVICE_MODEL}"/g \ - -e s/{{SERIAL_OLD}}/"${SERIAL_NUMBER}"/g \ - -e s/{{BOARD_SERIAL_OLD}}/"${BOARD_SERIAL_NUMBER}"/g \ - -e s/{{SYSTEM_UUID_OLD}}/"${UUID}"/g \ - -e s/{{ROM_OLD}}/"${ROM_VALUE}"/g \ + -e s/{{SERIAL}}/"${SERIAL}"/g \ + -e s/{{BOARD_SERIAL}}/"${BOARD_SERIAL}"/g \ + -e s/{{UUID}}/"${UUID}"/g \ + -e s/{{ROM}}/"${ROM}"/g \ "${PLIST_MASTER}" > ./tmp.config.plist || exit 1 else cat <> "${CSV_SERIAL_SETS_FILE}" + echo "\"${DEVICE_MODEL}\",\"${SERIAL}\",\"${BOARD_SERIAL}\",\"${UUID}\",\"${MAC_ADDRESS}\"" >> "${CSV_SERIAL_SETS_FILE}" fi # append to tsv file if [[ "${TSV_SERIAL_SETS_FILE}" ]]; then - printf "${DEVICE_MODEL}\t${Serial}\t${BoardSerial}\t${SmUUID}\t${MacAddress}\n" >> "${TSV_SERIAL_SETS_FILE}" + printf "${DEVICE_MODEL}\t${SERIAL}\t${BOARD_SERIAL}\t${UUID}\t${MAC_ADDRESS}\n" >> "${TSV_SERIAL_SETS_FILE}" fi - OUTPUT_ENV_FILE="${OUTPUT_ENV:-"${OUTPUT_DIRECTORY}/envs/${Serial}.env.sh"}" + OUTPUT_ENV_FILE="${OUTPUT_ENV:-"${OUTPUT_DIRECTORY}/envs/${SERIAL}.env.sh"}" touch "${OUTPUT_ENV_FILE}" cat < "${OUTPUT_ENV_FILE}" -export Type=${DEVICE_MODEL} -export Serial=${Serial} -export BoardSerial=${BoardSerial} -export SmUUID=${SmUUID} -export MacAddress=${MacAddress} +export DEVICE_MODEL="${DEVICE_MODEL}" +export SERIAL="${SERIAL}" +export BOARD_SERIAL="${BOARD_SERIAL}" +export UUID="${UUID}" +export MAC_ADDRESS="${MAC_ADDRESS}" EOF # plist required for bootdisks, so create anyway. if [[ "${CREATE_PLISTS}" ]] || [[ "${CREATE_QCOWS}" ]]; then mkdir -p "${OUTPUT_DIRECTORY}/plists" source "${OUTPUT_ENV_FILE}" - ROM_VALUE="${MacAddress//\:/}" + ROM_VALUE="${MAC_ADDRESS//\:/}" ROM_VALUE="${ROM_VALUE,,}" - sed -e s/{{DEVICE_MODEL}}/"${Type}"/g \ - -e s/{{SERIAL_OLD}}/"${Serial}"/g \ - -e s/{{BOARD_SERIAL_OLD}}/"${BoardSerial}"/g \ - -e s/{{SYSTEM_UUID_OLD}}/"${SmUUID}"/g \ - -e s/{{ROM_OLD}}/"${ROM_VALUE}"/g \ - "${PLIST_MASTER}" > "${OUTPUT_DIRECTORY}/plists/${Serial}.config.plist" || exit 1 + sed -e s/{{DEVICE_MODEL}}/"${DEVICE_MODEL}"/g \ + -e s/{{SERIAL}}/"${SERIAL}"/g \ + -e s/{{BOARD_SERIAL}}/"${BOARD_SERIAL}"/g \ + -e s/{{UUID}}/"${UUID}"/g \ + -e s/{{ROM}}/"${ROM}"/g \ + "${PLIST_MASTER}" > "${OUTPUT_DIRECTORY}/plists/${SERIAL}.config.plist" || exit 1 fi if [[ "${CREATE_QCOWS}" ]]; then mkdir -p "${OUTPUT_DIRECTORY}/qcows" ./opencore-image-ng.sh \ - --cfg "${OUTPUT_DIRECTORY}/plists/${Serial}.config.plist" \ - --img "${OUTPUT_QCOW:-${OUTPUT_DIRECTORY}/qcows/${Serial}.OpenCore-nopicker.qcow2}" || exit 1 + --cfg "${OUTPUT_DIRECTORY}/plists/${SERIAL}.config.plist" \ + --img "${OUTPUT_QCOW:-${OUTPUT_DIRECTORY}/qcows/${SERIAL}.OpenCore-nopicker.qcow2}" || exit 1 fi done [[ -e "${CSV_SERIAL_SETS_FILE}" ]] && \ - cat <(echo "Type,Serial,BoardSerial,SmUUID,MacAddress") "${CSV_SERIAL_SETS_FILE}" + cat <(echo "DEVICE_MODEL,SERIAL,BOARD_SERIAL,UUID,MAC_ADDRESS") "${CSV_SERIAL_SETS_FILE}" [[ -e "${TSV_SERIAL_SETS_FILE}" ]] && \ - cat <(printf "Type\tSerial\tBoardSerial\tSmUUID\tMacAddress\n") "${TSV_SERIAL_SETS_FILE}" + cat <(printf "DEVICE_MODEL\tSERIAL\BOARD_SERIAL\tUUID\tMAC_ADDRESS\n") "${TSV_SERIAL_SETS_FILE}" } diff --git a/custom/opencore-image-ng.sh b/custom/opencore-image-ng.sh index 6cbfe5b..56eaa45 100755 --- a/custom/opencore-image-ng.sh +++ b/custom/opencore-image-ng.sh @@ -89,21 +89,22 @@ function fish_fini() { fish umount-all } +# disabled by sick.codes to allow unattended image overwrites ###################################################################### # sanity checks -if test ! -f "$cfg"; then - echo "ERROR: cfg not found: $cfg" - exit 1 -fi -if test -f "$img"; then - if test "$allow_override" = "yes"; then - rm -f "$img" - else - echo "ERROR: image exists: $img" - exit 1 - fi -fi +# if test ! -f "$cfg"; then +# echo "ERROR: cfg not found: $cfg" +# exit 1 +# fi +# if test -f "$img"; then +# if test "$allow_override" = "yes"; then +# rm -f "$img" +# else +# echo "ERROR: image exists: $img" +# exit 1 +# fi +# fi ###################################################################### # go! From 9f104526e04e7527b1f067290e9854a9b9fa8c0b Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 25 Feb 2021 08:58:52 +0000 Subject: [PATCH 08/20] Typo --- custom/generate-specific-bootdisk.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/custom/generate-specific-bootdisk.sh b/custom/generate-specific-bootdisk.sh index 46c3571..e87bf3c 100755 --- a/custom/generate-specific-bootdisk.sh +++ b/custom/generate-specific-bootdisk.sh @@ -143,7 +143,7 @@ generate_bootdisk () { # plist required for bootdisks, so create anyway. if [[ "${DEVICE_MODEL}" ]] \ && [[ "${SERIAL}" ]] \ - && [[ "${BOARD_SERIALR}" ]] \ + && [[ "${BOARD_SERIAL}" ]] \ && [[ "${UUID}" ]] \ && [[ "${MAC_ADDRESS}" ]]; then ROM="${MAC_ADDRESS//\:/}" From 23ab20c2fa5883dc6dd32300fde1d65bc50f9cfe Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 25 Feb 2021 14:03:06 +0000 Subject: [PATCH 09/20] Major serial number runtime generation and override changes. --- CHANGELOG.md | 1 + Dockerfile | 57 ++++++++++++++++++++++++++-- Dockerfile.auto | 26 ++++++++++++- Dockerfile.naked | 31 ++++++++++++++-- README.md | 97 +++++++++++++++++++++++++++++++----------------- helm/README.md | 4 ++ 6 files changed, 174 insertions(+), 42 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49f258a..d5c8619 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ |Version|Date|Notes| |---|---|---| +|3.2|2021-02-25|Add a script to generate unique machine serial numbers. Add a script to generate a bootdisk from given serial numbers. Add Linux for libguestfs which allows the docker container to make QEMU bootdisks with specific serial numbers.| | |2021-02-21|Add NOPICKER environment variable to ALL images.| |3.1|2021-02-21|Remove testing repos. Switch to base-devel. We shouldn't be using testing repos in a Dockerfile for light increase in stability. Add the mandatory glibc patch to every pacman until someone upstream fixes it.| | |2021-02-07|Add NOPICKER environment variable to :naked image for effortless boot toggling.| diff --git a/Dockerfile b/Dockerfile index 453c66e..9af8470 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ # Repo: https://github.com/sickcodes/Docker-OSX/ # Title: Mac on Docker (Docker-OSX) # Author: Sick.Codes https://sick.codes/ -# Version: 3.1 +# Version: 3.2 # License: GPLv3+ # # All credits for OSX-KVM and the rest at @Kholia's repo: https://github.com/kholia/osx-kvm @@ -216,6 +216,8 @@ RUN touch Launch.sh \ && tee -a Launch.sh <<< '${EXTRA:-}' # docker exec containerid mv ./Launch-nopicker.sh ./Launch.sh +# This is now a legacy command. +# You can use -e BOOTDISK=/bootdisk with -v ./bootdisk.img:/bootdisk RUN grep -v InstallMedia ./Launch.sh > ./Launch-nopicker.sh \ && chmod +x ./Launch-nopicker.sh \ && sed -i -e s/OpenCore\.qcow2/OpenCore\-nopicker\.qcow2/ ./Launch-nopicker.sh @@ -233,13 +235,62 @@ ENV NETWORKING=e1000-82545em ENV NOPICKER=false +# Boolean for generating a bootdisk with new serials. +ENV UNIQUE=false + VOLUME ["/tmp/.X11-unix"] +# check if /image is a disk image or a directory. This allows you to optionally use -v disk.img:/image +# NOPICKER is used to skip the disk selection screen +# GENERATE_UNIQUE is used to generate serial numbers on boot. +# /env is a file that you can generate and save using -v source.sh:/env +# the env file is a file that you can carry to the next container which will supply the serials numbers. +# GENERATE_SPECIFIC is used to either accept the env serial numbers OR you can supply using: + # -e DEVICE_MODEL="iMacPro1,1" \ + # -e SERIAL="C02TW0WAHX87" \ + # -e BOARD_SERIAL="C027251024NJG36UE" \ + # -e UUID="5CCB366D-9118-4C61-A00A-E5BAF3BED451" \ + # -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \ + +# the output will be /bootdisk. +# /bootdisk is a useful persistent place to store the 15Mb serial number bootdisk. + +# if you don't set any of the above: +# the default serial numbers are already contained in ./OpenCore-Catalina/OpenCore.qcow2 +# And the default serial numbers + CMD case "$(file --brief /image)" in \ - QEMU*) export IMAGE_PATH=/image && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true;; \ - directory*) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img;; \ + QEMU\ QCOW2\ Image* ) export IMAGE_PATH=/image \ + ; sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true \ + ;; \ + directory* ) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img \ + ;; \ esac \ ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ + ; [[ "${GENERATE_UNIQUE}" == true ]] \ + && ./Docker-OSX/custom/generate-unique-machine-values.sh \ + --count 1 \ + --tsv ./serial.tsv \ + --bootdisks \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-env "${ENV:=/env}" \ + && source "${ENV}" \ + ; [[ "${GENERATE_SPECIFIC}" == true ]] \ + && source /env \ + || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ + --model "${DEVICE_MODEL}" \ + --serial "${SERIAL}" \ + --board-serial "${BOARD_SERIAL}" \ + --uuid "${UUID}" \ + --mac-address "${MAC_ADDRESS}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + ; case "$(file --brief /bootdisk)" in \ + QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ + ; sudo chown "$(id -u)":"$(id -g)" "${BOOTDISK}" 2>/dev/null || true \ + ;; \ + directory* ) export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \ + ;; \ + esac \ ; ./enable-ssh.sh && envsubst < ./Launch.sh | bash # virt-manager mode: eta son diff --git a/Dockerfile.auto b/Dockerfile.auto index ab8e67d..0d466fc 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -7,7 +7,7 @@ # # Title: Mac on Docker (Docker-OSX) [AUTOINSTALL] # Author: Sick.Codes https://twitter.com/sickcodes -# Version: 3.1 +# Version: 3.2 # License: GPLv3+ # Repository: https://github.com/sickcodes/Docker-OSX # @@ -140,6 +140,30 @@ ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a secur CMD echo "${BOILERPLATE}" \ && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ + ; [[ "${GENERATE_UNIQUE}" == true ]] \ + && ./Docker-OSX/custom/generate-unique-machine-values.sh \ + --count 1 \ + --tsv ./serial.tsv \ + --bootdisks \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-env "${ENV:=/env}" \ + && source "${ENV}" \ + ; [[ "${GENERATE_SPECIFIC}" == true ]] \ + && source /env \ + || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ + --model "${DEVICE_MODEL}" \ + --serial "${SERIAL}" \ + --board-serial "${BOARD_SERIAL}" \ + --uuid "${UUID}" \ + --mac-address "${MAC_ADDRESS}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + ; case "$(file --brief /bootdisk)" in \ + QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ + ; sudo chown "$(id -u)":"$(id -g)" "${BOOTDISK}" 2>/dev/null || true \ + ;; \ + directory* ) export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \ + ;; \ + esac \ ; [[ "${DISPLAY}" = ':99' ]] && { \ nohup Xvfb :99 -screen 0 1920x1080x16 \ & until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 0.1 ; done \ diff --git a/Dockerfile.naked b/Dockerfile.naked index 06f9b9e..2bb8783 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -7,7 +7,7 @@ # # Title: Mac on Docker (Docker-OSX) [AUTOINSTALL] # Author: Sick.Codes https://twitter.com/sickcodes -# Version: 3.1 +# Version: 3.2 # License: GPLv3+ # Repository: https://github.com/sickcodes/Docker-OSX # @@ -29,7 +29,7 @@ # docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:naked # -FROM sickcodes/docker-osx:latest +FROM docker-osx:latest MAINTAINER 'https://twitter.com/sickcodes' @@ -112,6 +112,29 @@ CMD [[ "${DISPLAY}" = ':99' ]] && { \ & until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \ ; } \ ; sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true \ - ; ./enable-ssh.sh \ ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ - ; envsubst < ./Launch.sh | bash + ; [[ "${GENERATE_UNIQUE}" == true ]] \ + && ./Docker-OSX/custom/generate-unique-machine-values.sh \ + --count 1 \ + --tsv ./serial.tsv \ + --bootdisks \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-env "${ENV:=/env}" \ + && source "${ENV}" \ + ; [[ "${GENERATE_SPECIFIC}" == true ]] \ + && source /env \ + || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ + --model "${DEVICE_MODEL}" \ + --serial "${SERIAL}" \ + --board-serial "${BOARD_SERIAL}" \ + --uuid "${UUID}" \ + --mac-address "${MAC_ADDRESS}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + ; case "$(file --brief /bootdisk)" in \ + QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ + ; sudo chown "$(id -u)":"$(id -g)" "${BOOTDISK}" 2>/dev/null || true \ + ;; \ + directory* ) export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \ + ;; \ + esac \ + ; ./enable-ssh.sh && envsubst < ./Launch.sh | bash diff --git a/README.md b/README.md index 8090b91..78e1f52 100644 --- a/README.md +++ b/README.md @@ -3,10 +3,12 @@ ![Running mac osx in a docker container](/running-mac-inside-docker-qemu.png?raw=true "OSX KVM DOCKER") -Run Mac in a Docker container! Run near native OSX-KVM in Docker! X11 Forwarding! +Run Mac in a Docker container! Run near native OSX-KVM in Docker! X11 Forwarding! iMessage security research! Author: Sick.Codes https://sick.codes/ & https://twitter.com/sickcodes +Documentation: everything is on this page! + ### PR & Contributor Credits https://github.com/sickcodes/Docker-OSX/blob/master/CREDITS.md @@ -21,7 +23,9 @@ Docker Hub: https://hub.docker.com/r/sickcodes/docker-osx ## Professional Support Available! -Enquire at https://sick.codes/contact +Small questions & issues: open an issue! + +For big projects, DM on Twitter [@sickcodes on Twitter](https://twitter.com/sickcodes) or write to us at https://sick.codes/contact. - Enterprise support, Business support, or casual support. - Custom images, custom scripts, consulting (per hour available!) @@ -31,11 +35,13 @@ Enquire at https://sick.codes/contact Kubernetes Helm Chart & Documentation [available at ./helm](https://github.com/sickcodes/Docker-OSX/tree/master/helm) +Thank you to @cephasara for this major contribution. + [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/docker-osx)](https://artifacthub.io/packages/search?repo=docker-osx) #### Follow [@sickcodes on Twitter](https://twitter.com/sickcodes) for updates or feature requests! -# Quick Start Docker-OSX +# Basic Quick Start Docker-OSX ```bash @@ -52,18 +58,28 @@ docker run -it \ ``` -# Quick Start 17.5GB Pre-Made Image +# Quick Start Large Pre-Made Image +Current large image size: 17.5GB -You will need around 50GB of space: half for the base image + half for your runtime image. +This starts the special auto image @sickcodes prepared earlier. -If you run out of space, you can nuke your Docker images/history/cache by simply deleting `/var/lib/docker` +This image has already been installed with the following settings: + +- SSH enabled +- username is user +- password is alpine +- Autoupdates off + +You will need around 50GB of space to run this image: half for the base image + half for your runtime image. + +If you run out of space, you can delete all your Docker images/history/cache by simply deleting `/var/lib/docker` ```bash docker pull sickcodes/docker-osx:auto -# boot straight to OSX shell with no display (19GB) +# boot directly into a real OSX shell with no display (Xvfb) docker run -it \ --device /dev/kvm \ -p 50922:10022 \ @@ -76,7 +92,7 @@ docker run -it \ docker pull sickcodes/docker-osx:auto -# boot to OSX shell + display (19GB) +# boot directly into a real OSX shell with a visual display docker run -it \ --device /dev/kvm \ -p 50922:10022 \ @@ -90,7 +106,7 @@ docker run -it \ docker pull sickcodes/docker-osx:auto -# boot to OSX shell + display (19GB) + commands to run inside OSX +# boot to OSX shell + display + specify commands to run inside OSX! docker run -it \ --device /dev/kvm \ -p 50922:10022 \ @@ -104,6 +120,8 @@ docker run -it \ ``` ### Restart an auto container +Containers that use `sickcodes/docker-osx:auto` can be stopped at started. + ```bash # find last container docker ps -a @@ -113,13 +131,14 @@ docker start -i containerid ``` -# Quick Start Own Image +# Quick Start Own Image (naked container image) +This is my favourite container. You can supply an existing disk image as a docker command line argument. Supply your own local image with `-v "${PWD}/mac_hdd_ng.img:/image"` and use `sickcodes/docker-osx:naked` - Naked image is for booting any existing .img file. -- By default, this image has a variable called `NOPICKER` which is `"true"`. Use `-e NOPICKER=false` or any other string than the word `true` to enter the boot menu. This lets you use other disks instead of skipping the boot menu, e.g. recovery disk. +- By default, this image has a variable called `NOPICKER` which is `"true"`. This skips the disk selection menu. Use `-e NOPICKER=false` or any other string than the word `true` to enter the boot menu. This lets you use other disks instead of skipping the boot menu, e.g. recovery disk or disk utility. ```bash docker pull sickcodes/docker-osx:naked @@ -153,24 +172,25 @@ docker run -it \ sickcodes/docker-osx:naked ``` -# Features In Docker-OSX v3.1 -- Full auto mode: boot straight to OSX shell. -- sickcodes/docker-osx:latest - original base recovery image (safe) -- sickcodes/docker-osx:naked - supply your own .img file (safe) -- sickcodes/docker-osx:auto - 17.5GB image boot to OSX shell (must trust @sickcodes) -- Supply your own image using -v $PWD/disk.img:/image +# Features In Docker-OSX v3.2 +- Serial number generators. [See below or ./custom](https://github.com/sickcodes/Docker-OSX/tree/master/custom) +- Full auto mode: boot straight to OSX shell and even run commands as runtime arguments! +- `sickcodes/docker-osx:latest` - original base recovery image (safe) +- `sickcodes/docker-osx:naked` - supply your own .img file (safe) +- `sickcodes/docker-osx:auto` - Large docker image that boots to OSX shell (must trust @sickcodes) +- Supply your own image using `-v "${PWD}/disk.img:/image"` - Kubernetes Helm Chart. [See ./helm](https://github.com/sickcodes/Docker-OSX/tree/master/helm) -- OSX-KVM +- [OSX-KVM](https://github.com/kholia/OSX-KVM) inside a Docker container! - X11 Forwarding -- SSH on localhost:50922 -- QEMU -- VNC on localhost:8888 [vnc version is inside a separate directory](https://github.com/sickcodes/Docker-OSX/blob/master/vnc-version/Dockerfile) -- Create an ARMY using `docker commit` -- XFVB HEADLESS (use vnc) +- SSH on `localhost:50922` +- QEMU + KVM! +- VNC version on `localhost:8888` [vnc version is inside a separate directory, there are security risks involved with using VNC, see insid the Dockerfile](https://github.com/sickcodes/Docker-OSX/blob/master/vnc-version/Dockerfile) +- Create an ARMY of the same exact container using `docker commit` +- Xfvb headless mode ### All Pull Requests Welcome! -Docker-OSX is a GPLv3+ Dockerfile and we need contributors just like you :). +Docker-OSX is a GPLv3+ Dockerfile and we need contributors just like you :) Upstream: https://github.com/kholia/OSX-KVM && the great guy [@kholia](https://twitter.com/kholia) @@ -178,6 +198,10 @@ Upstream Credits (OSX-KVM project) among many others: https://github.com/kholia/ # Download The Image for sickcodes/docker-osx:naked +This is the current automated image. Username is `user`, passsword is `alpine`, SSH is on, and auto-updates are off. + +If the download is slow, just get the image from `docker pull sickcodes/docker-osx:auto` and find it in `/var/lib/docker`. + ```bash wget https://images2.sick.codes/mac_hdd_ng_auto.img @@ -191,14 +215,6 @@ docker run -it \ ``` -# Internet Speeds - -### Slow internet but iMessage & iCloud compatability -`-e NETWORKING=e1000-82545em` - -### FAST internet but not compatable with iMessage & iCloud -`-e NETWORKING=vmxnet3` - ### Other cool Docker-QEMU based projects: [Run iOS in a Docker with Docker-eyeOS](https://github.com/sickcodes/Docker-eyeOS) - [https://github.com/sickcodes/Docker-eyeOS](https://github.com/sickcodes/Docker-eyeOS) @@ -243,6 +259,8 @@ ssh fullname@localhost -p 50922 # Autoboot into OSX after you've installed everything +You can use `-e NOPICKER=true` or for older machines: + ```bash # find you containerID docker ps @@ -289,7 +307,9 @@ sudo modprobe kvm # Start the same container later (persistent disk) -This is for when you want to run the SAME container again later. +1. You can now pull the `.img` file out of the container, which is stored in `/var/lib/docker`, and supply it as a runtime argument to the `:naked` Docker image. See above. + +2. This is for when you want to run the SAME container again later. If you don't run this you will have a new image every time. @@ -501,6 +521,15 @@ sudo mv somedir/mac_hdd_ng.img . [Use the sickcodes/docker-osx:naked image.](https://github.com/sickcodes/Docker-OSX/tree/custom-identity#quick-start-own-image) +# Internet Speeds + +### Slow internet but iMessage & iCloud compatability +`-e NETWORKING=e1000-82545em` + +### FAST internet but not compatable with iMessage & iCloud +`-e NETWORKING=vmxnet3` + + # DESTROY: Wipe old images to free disk space The easiest way to clean out your entire Docker (ALL images, layers, and containers) is to `sudo rm -rf /var/lib/docker` @@ -713,7 +742,7 @@ The directory that we are letting the Docker container use is a X server display If we let the Docker container use the same display socket as our own environment, then any applications you run inside the Docker container will show up on your screen too! [https://www.x.org/archive/X11R6.8.0/doc/RELNOTES5.html](https://www.x.org/archive/X11R6.8.0/doc/RELNOTES5.html) -## Todo: +## TODO: ``` - Security Documentation - GPU Acceleration: Coming Soon diff --git a/helm/README.md b/helm/README.md index a6500e6..6e8db3c 100644 --- a/helm/README.md +++ b/helm/README.md @@ -1,5 +1,9 @@ # docker-osx +Docker-OSX Helm Chart for Kubernetes. + +Project page: https://github.com/sickcodes/docker-osx + Available now on Artifact HUB [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/docker-osx)](https://artifacthub.io/packages/search?repo=docker-osx) From 316a8abfa05839c14098c3279fae31f0d6210775 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 25 Feb 2021 14:49:43 +0000 Subject: [PATCH 10/20] Set temporary branch --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9af8470..7b262e6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -184,7 +184,8 @@ RUN if [[ "${LINUX}" == true ]]; then \ && bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine." \ ; fi -RUN git clone https://github.com/sickcodes/Docker-OSX.git +# temporary branch, remove in final PR +RUN git clone --branch custom-identity https://github.com/sickcodes/Docker-OSX.git RUN touch Launch.sh \ && chmod +x ./Launch.sh \ From 284fe9fbde6fd3449aee1580179e789cc6df4ccf Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 25 Feb 2021 15:17:52 +0000 Subject: [PATCH 11/20] Early chown required for all volumes... --- Dockerfile | 5 ++--- Dockerfile.auto | 6 +++--- Dockerfile.naked | 5 ++--- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7b262e6..ae3cceb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -260,9 +260,9 @@ VOLUME ["/tmp/.X11-unix"] # the default serial numbers are already contained in ./OpenCore-Catalina/OpenCore.qcow2 # And the default serial numbers -CMD case "$(file --brief /image)" in \ +CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ + ; case "$(file --brief /image)" in \ QEMU\ QCOW2\ Image* ) export IMAGE_PATH=/image \ - ; sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true \ ;; \ directory* ) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img \ ;; \ @@ -287,7 +287,6 @@ CMD case "$(file --brief /image)" in \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ - ; sudo chown "$(id -u)":"$(id -g)" "${BOOTDISK}" 2>/dev/null || true \ ;; \ directory* ) export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \ ;; \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 0d466fc..3c59fa6 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -137,7 +137,8 @@ ENV TERMS_OF_USE=i_agree ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree" -CMD echo "${BOILERPLATE}" \ +CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ + echo "${BOILERPLATE}" \ && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ ; [[ "${GENERATE_UNIQUE}" == true ]] \ @@ -159,7 +160,6 @@ CMD echo "${BOILERPLATE}" \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ - ; sudo chown "$(id -u)":"$(id -g)" "${BOOTDISK}" 2>/dev/null || true \ ;; \ directory* ) export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \ ;; \ @@ -170,7 +170,7 @@ CMD echo "${BOILERPLATE}" \ ; } \ ; echo "Checking whether /image is a directory or a QEMU disk." \ ; case "$(file --brief /image)" in \ - QEMU*) export IMAGE_PATH=/image && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true;; \ + QEMU*) export IMAGE_PATH=/image;; \ directory*) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img;; \ esac \ ; stat "${IMAGE_PATH}" \ diff --git a/Dockerfile.naked b/Dockerfile.naked index 2bb8783..5c76e75 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -107,11 +107,11 @@ ENV DISPLAY=:99 ENV IMAGE_PATH=/image -CMD [[ "${DISPLAY}" = ':99' ]] && { \ +CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ + ; [[ "${DISPLAY}" = ':99' ]] && { \ nohup Xvfb :99 -screen 0 1920x1080x16 \ & until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \ ; } \ - ; sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true \ ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ ; [[ "${GENERATE_UNIQUE}" == true ]] \ && ./Docker-OSX/custom/generate-unique-machine-values.sh \ @@ -132,7 +132,6 @@ CMD [[ "${DISPLAY}" = ':99' ]] && { \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ - ; sudo chown "$(id -u)":"$(id -g)" "${BOOTDISK}" 2>/dev/null || true \ ;; \ directory* ) export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \ ;; \ From c5aab3020d28c344912e0719f0c4b9059361d633 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 25 Feb 2021 18:16:24 +0000 Subject: [PATCH 12/20] Set defaults in obvious places --- Dockerfile | 12 ++++++++---- Dockerfile.auto | 4 ++++ Dockerfile.naked | 6 +++++- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index ae3cceb..5b2080c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -227,8 +227,12 @@ USER arch ENV USER arch +ENV BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 + ENV DISPLAY=:0.0 +ENV ENV=/env + ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img ENV NETWORKING=e1000-82545em @@ -236,8 +240,8 @@ ENV NETWORKING=e1000-82545em ENV NOPICKER=false -# Boolean for generating a bootdisk with new serials. ENV UNIQUE=false +# Boolean for generating a bootdisk with new serials. VOLUME ["/tmp/.X11-unix"] @@ -273,8 +277,8 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | --count 1 \ --tsv ./serial.tsv \ --bootdisks \ - --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ - --output-env "${ENV:=/env}" \ + --output-bootdisk "${BOOTDISK}" \ + --output-env "${ENV}" \ && source "${ENV}" \ ; [[ "${GENERATE_SPECIFIC}" == true ]] \ && source /env \ @@ -284,7 +288,7 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | --board-serial "${BOARD_SERIAL}" \ --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ - --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-bootdisk "${BOOTDISK}" \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ ;; \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 3c59fa6..d24e295 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -131,6 +131,10 @@ ENV DISPLAY=:99 ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img +ENV BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 + +ENV ENV=/env + ENV NOPICKER=true ENV TERMS_OF_USE=i_agree diff --git a/Dockerfile.naked b/Dockerfile.naked index 5c76e75..cc4b8fd 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -101,12 +101,16 @@ RUN mkdir -p ~/.ssh \ && tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \ && tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null' -ENV NOPICKER=true +ENV BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 ENV DISPLAY=:99 +ENV ENV=/env + ENV IMAGE_PATH=/image +ENV NOPICKER=true + CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ ; [[ "${DISPLAY}" = ':99' ]] && { \ nohup Xvfb :99 -screen 0 1920x1080x16 \ From 9a846bbdbfbccddcc743d81a7e805cc83c99e8c4 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 25 Feb 2021 18:35:23 +0000 Subject: [PATCH 13/20] Chown the disk image early. --- Dockerfile.auto | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/Dockerfile.auto b/Dockerfile.auto index d24e295..7fa1bb8 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -127,22 +127,23 @@ RUN if [[ "${COMPLETE}" ]]; then \ RUN mv ./Launch-nopicker.sh ./Launch.sh -ENV DISPLAY=:99 - -ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img - ENV BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 +ENV DISPLAY=:99 + ENV ENV=/env +ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img + ENV NOPICKER=true ENV TERMS_OF_USE=i_agree ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree" -CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ - echo "${BOILERPLATE}" \ +CMD echo "Disk is being copied between layers... Please wait a minute..." \ + && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ + && echo "${BOILERPLATE}" \ && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ ; [[ "${GENERATE_UNIQUE}" == true ]] \ From a651aa0369a5875a900a02deba319e4e0074d0d5 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 04:22:56 +0000 Subject: [PATCH 14/20] Change `-e NOPICKER=true` to simply do `export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2`. --- CHANGELOG.md | 1 + Dockerfile | 4 ++-- Dockerfile.auto | 12 +++++------- Dockerfile.naked | 2 +- 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d5c8619..6dc3dd5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ |Version|Date|Notes| |---|---|---| +| |2021-02-26|Change `-e NOPICKER=true` to simply do `export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2`.| |3.2|2021-02-25|Add a script to generate unique machine serial numbers. Add a script to generate a bootdisk from given serial numbers. Add Linux for libguestfs which allows the docker container to make QEMU bootdisks with specific serial numbers.| | |2021-02-21|Add NOPICKER environment variable to ALL images.| |3.1|2021-02-21|Remove testing repos. Switch to base-devel. We shouldn't be using testing repos in a Dockerfile for light increase in stability. Add the mandatory glibc patch to every pacman until someone upstream fixes it.| diff --git a/Dockerfile b/Dockerfile index 5b2080c..d89ac54 100644 --- a/Dockerfile +++ b/Dockerfile @@ -52,7 +52,7 @@ FROM archlinux:base-devel -MAINTAINER 'https://sick.codes' +MAINTAINER 'https://twitter.com/sickcodes' SHELL ["/bin/bash", "-c"] @@ -271,7 +271,7 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | directory* ) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img \ ;; \ esac \ - ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ + ; [[ "${NOPICKER}" == true ]] && BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ ; [[ "${GENERATE_UNIQUE}" == true ]] \ && ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 7fa1bb8..0015e4a 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -125,9 +125,7 @@ RUN if [[ "${COMPLETE}" ]]; then \ && wget --no-verbose -O /home/arch/OSX-KVM/mac_hdd_ng.img "${IMAGE_URL}" \ ; fi -RUN mv ./Launch-nopicker.sh ./Launch.sh - -ENV BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 +ENV BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 ENV DISPLAY=:99 @@ -141,11 +139,11 @@ ENV TERMS_OF_USE=i_agree ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree" -CMD echo "Disk is being copied between layers... Please wait a minute..." \ - && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ - && echo "${BOILERPLATE}" \ +CMD echo "${BOILERPLATE}" \ && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ - ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ + && echo "Disk is being copied between layers... Please wait a minute..." \ + && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ + ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ ; [[ "${GENERATE_UNIQUE}" == true ]] \ && ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ diff --git a/Dockerfile.naked b/Dockerfile.naked index cc4b8fd..4ae385b 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -29,7 +29,7 @@ # docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:naked # -FROM docker-osx:latest +FROM sickcodes/docker-osx:latest MAINTAINER 'https://twitter.com/sickcodes' From f2a49b046bb44198a0c61b27e3b1ded13312ced2 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 05:26:35 +0000 Subject: [PATCH 15/20] Fixed subshell logic in startup scripts. --- Dockerfile | 20 +++++++++++--------- Dockerfile.auto | 14 ++++++++------ Dockerfile.naked | 14 ++++++++------ 3 files changed, 27 insertions(+), 21 deletions(-) diff --git a/Dockerfile b/Dockerfile index d89ac54..3625431 100644 --- a/Dockerfile +++ b/Dockerfile @@ -271,24 +271,26 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | directory* ) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img \ ;; \ esac \ - ; [[ "${NOPICKER}" == true ]] && BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ - ; [[ "${GENERATE_UNIQUE}" == true ]] \ - && ./Docker-OSX/custom/generate-unique-machine-values.sh \ + ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ + ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ --tsv ./serial.tsv \ --bootdisks \ - --output-bootdisk "${BOOTDISK}" \ - --output-env "${ENV}" \ - && source "${ENV}" \ - ; [[ "${GENERATE_SPECIFIC}" == true ]] \ - && source /env \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-env "${ENV:=/env}" \ + && source "${ENV}" \ + ; } \ + ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ + source /env \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ --board-serial "${BOARD_SERIAL}" \ --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ - --output-bootdisk "${BOOTDISK}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + ; } \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ ;; \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 0015e4a..eeb9a7b 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -141,19 +141,20 @@ ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a secur CMD echo "${BOILERPLATE}" \ && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ - && echo "Disk is being copied between layers... Please wait a minute..." \ + ; echo "Disk is being copied between layers... Please wait a minute..." \ && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ - ; [[ "${GENERATE_UNIQUE}" == true ]] \ - && ./Docker-OSX/custom/generate-unique-machine-values.sh \ + ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ + ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ --tsv ./serial.tsv \ --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ --output-env "${ENV:=/env}" \ - && source "${ENV}" \ - ; [[ "${GENERATE_SPECIFIC}" == true ]] \ - && source /env \ + && source "${ENV}" \ + ; } \ + ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ + source /env \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ @@ -161,6 +162,7 @@ CMD echo "${BOILERPLATE}" \ --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + ; } \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ ;; \ diff --git a/Dockerfile.naked b/Dockerfile.naked index 4ae385b..b31c4ad 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -116,17 +116,18 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | nohup Xvfb :99 -screen 0 1920x1080x16 \ & until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \ ; } \ - ; [[ "${NOPICKER}" == true ]] && mv ./Launch-nopicker.sh ./Launch.sh \ - ; [[ "${GENERATE_UNIQUE}" == true ]] \ - && ./Docker-OSX/custom/generate-unique-machine-values.sh \ + ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ + ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ --tsv ./serial.tsv \ --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ --output-env "${ENV:=/env}" \ - && source "${ENV}" \ - ; [[ "${GENERATE_SPECIFIC}" == true ]] \ - && source /env \ + && source "${ENV}" \ + ; } \ + ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ + source /env \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ @@ -134,6 +135,7 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + ; } \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ ;; \ From 84326051cae737c7897823b2aabf5dc2c711cfa9 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 05:30:09 +0000 Subject: [PATCH 16/20] source "${ENV:=/env}" logic --- Dockerfile | 3 +-- Dockerfile.auto | 3 +-- Dockerfile.naked | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3625431..e2701f5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -279,10 +279,9 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ --output-env "${ENV:=/env}" \ - && source "${ENV}" \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ - source /env \ + source "${ENV:=/env}" \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ diff --git a/Dockerfile.auto b/Dockerfile.auto index eeb9a7b..b280e7f 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -151,10 +151,9 @@ CMD echo "${BOILERPLATE}" \ --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ --output-env "${ENV:=/env}" \ - && source "${ENV}" \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ - source /env \ + source "${ENV:=/env}" \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ diff --git a/Dockerfile.naked b/Dockerfile.naked index b31c4ad..7c755e4 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -124,10 +124,9 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ --output-env "${ENV:=/env}" \ - && source "${ENV}" \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ - source /env \ + source "${ENV}" \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ From d1721028c8ca06d748e9e78c96b01bd8635a37bc Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 05:49:40 +0000 Subject: [PATCH 17/20] NOPICKER now does: `sed -i '/^.*InstallMedia.*/d' Launch.sh` --- CHANGELOG.md | 2 +- Dockerfile | 5 ++++- Dockerfile.auto | 5 ++++- Dockerfile.naked | 7 +++++-- 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6dc3dd5..4a390cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ |Version|Date|Notes| |---|---|---| -| |2021-02-26|Change `-e NOPICKER=true` to simply do `export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2`.| +| |2021-02-26|Change `-e NOPICKER=true` to simply do `sed -i '/^.*InstallMedia.*/d' Launch.sh` and `export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2`.| |3.2|2021-02-25|Add a script to generate unique machine serial numbers. Add a script to generate a bootdisk from given serial numbers. Add Linux for libguestfs which allows the docker container to make QEMU bootdisks with specific serial numbers.| | |2021-02-21|Add NOPICKER environment variable to ALL images.| |3.1|2021-02-21|Remove testing repos. Switch to base-devel. We shouldn't be using testing repos in a Dockerfile for light increase in stability. Add the mandatory glibc patch to every pacman until someone upstream fixes it.| diff --git a/Dockerfile b/Dockerfile index e2701f5..f1f9f88 100644 --- a/Dockerfile +++ b/Dockerfile @@ -271,7 +271,10 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | directory* ) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img \ ;; \ esac \ - ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; [[ "${NOPICKER}" == true ]] && { \ + sed -i '/^.*InstallMedia.*/d' Launch.sh \ + && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; } \ ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ diff --git a/Dockerfile.auto b/Dockerfile.auto index b280e7f..06ac9a7 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -143,7 +143,10 @@ CMD echo "${BOILERPLATE}" \ && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; echo "Disk is being copied between layers... Please wait a minute..." \ && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ - ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; [[ "${NOPICKER}" == true ]] && { \ + sed -i '/^.*InstallMedia.*/d' Launch.sh \ + && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; } \ ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ diff --git a/Dockerfile.naked b/Dockerfile.naked index 7c755e4..0ebc65e 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -116,7 +116,10 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | nohup Xvfb :99 -screen 0 1920x1080x16 \ & until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \ ; } \ - ; [[ "${NOPICKER}" == true ]] && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; [[ "${NOPICKER}" == true ]] && { \ + sed -i '/^.*InstallMedia.*/d' Launch.sh \ + && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ + ; } \ ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ ./Docker-OSX/custom/generate-unique-machine-values.sh \ --count 1 \ @@ -126,7 +129,7 @@ CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null | --output-env "${ENV:=/env}" \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ - source "${ENV}" \ + source "${ENV:=/env}" \ || ./Docker-OSX/custom/generate-specific-bootdisk.sh \ --model "${DEVICE_MODEL}" \ --serial "${SERIAL}" \ From 258f6b455d14aeb449260b668a9d16478a48ac5c Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 06:42:57 +0000 Subject: [PATCH 18/20] Fix /env permissions for persistence after GENERATE_UNIQUE. Fix the following warning by chowning /dev/kvm earlier "libguestfs: warning: current user is not a member of the KVM group (group ID 108). This user cannot access /dev/kvm, so libguestfs may run very slowly. It is recommended that you 'chmod 0666 /dev/kvm' or add the current user to the KVM group (you might need to log out and log in again)." --- Dockerfile | 2 +- Dockerfile.auto | 4 ++-- Dockerfile.naked | 2 +- custom/generate-unique-machine-values.sh | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index f1f9f88..77445c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -264,7 +264,7 @@ VOLUME ["/tmp/.X11-unix"] # the default serial numbers are already contained in ./OpenCore-Catalina/OpenCore.qcow2 # And the default serial numbers -CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ +CMD sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; case "$(file --brief /image)" in \ QEMU\ QCOW2\ Image* ) export IMAGE_PATH=/image \ ;; \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 06ac9a7..15f6339 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -140,9 +140,9 @@ ENV TERMS_OF_USE=i_agree ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree" CMD echo "${BOILERPLATE}" \ - && [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ + ; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; echo "Disk is being copied between layers... Please wait a minute..." \ - && sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ + ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; [[ "${NOPICKER}" == true ]] && { \ sed -i '/^.*InstallMedia.*/d' Launch.sh \ && export BOOTDISK=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2 \ diff --git a/Dockerfile.naked b/Dockerfile.naked index 0ebc65e..5c17c93 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -111,7 +111,7 @@ ENV IMAGE_PATH=/image ENV NOPICKER=true -CMD sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" "${BOOTDISK}" 2>/dev/null || true \ +CMD sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; [[ "${DISPLAY}" = ':99' ]] && { \ nohup Xvfb :99 -screen 0 1920x1080x16 \ & until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \ diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh index 18bdc5f..6692e29 100755 --- a/custom/generate-unique-machine-values.sh +++ b/custom/generate-unique-machine-values.sh @@ -259,7 +259,7 @@ EOF [[ -e "${TSV_SERIAL_SETS_FILE}" ]] && \ - cat <(printf "DEVICE_MODEL\tSERIAL\BOARD_SERIAL\tUUID\tMAC_ADDRESS\n") "${TSV_SERIAL_SETS_FILE}" + cat <(printf "DEVICE_MODEL\tSERIAL\tBOARD_SERIAL\tUUID\tMAC_ADDRESS\n") "${TSV_SERIAL_SETS_FILE}" } From 91131a6bbbe92615852e14e4b8e427ebe743f3a5 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 09:25:40 +0000 Subject: [PATCH 19/20] Add exists exits and required serial number files for building disk --- Dockerfile | 4 ++-- Dockerfile.auto | 4 ++-- Dockerfile.naked | 4 ++-- README.md | 5 +++-- custom/generate-unique-machine-values.sh | 2 ++ 5 files changed, 11 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 77445c9..f9570ab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -281,7 +281,7 @@ CMD sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDIS --tsv ./serial.tsv \ --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ - --output-env "${ENV:=/env}" \ + --output-env "${ENV:=/env}" || exit 1 \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ source "${ENV:=/env}" \ @@ -291,7 +291,7 @@ CMD sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDIS --board-serial "${BOARD_SERIAL}" \ --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ - --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" || exit 1 \ ; } \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 15f6339..6f6b739 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -153,7 +153,7 @@ CMD echo "${BOILERPLATE}" \ --tsv ./serial.tsv \ --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ - --output-env "${ENV:=/env}" \ + --output-env "${ENV:=/env}" || exit 1 \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ source "${ENV:=/env}" \ @@ -163,7 +163,7 @@ CMD echo "${BOILERPLATE}" \ --board-serial "${BOARD_SERIAL}" \ --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ - --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" || exit 1 \ ; } \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ diff --git a/Dockerfile.naked b/Dockerfile.naked index 5c17c93..04368bc 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -126,7 +126,7 @@ CMD sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDIS --tsv ./serial.tsv \ --bootdisks \ --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ - --output-env "${ENV:=/env}" \ + --output-env "${ENV:=/env}" || exit 1 \ ; } \ ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ source "${ENV:=/env}" \ @@ -136,7 +136,7 @@ CMD sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDIS --board-serial "${BOARD_SERIAL}" \ --uuid "${UUID}" \ --mac-address "${MAC_ADDRESS}" \ - --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \ + --output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" || exit 1 \ ; } \ ; case "$(file --brief /bootdisk)" in \ QEMU\ QCOW2\ Image* ) export BOOTDISK=/bootdisk \ diff --git a/README.md b/README.md index 78e1f52..5cba153 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ If you run out of space, you can delete all your Docker images/history/cache by docker pull sickcodes/docker-osx:auto -# boot directly into a real OSX shell with no display (Xvfb) +# boot directly into a real OSX shell with no display (Xvfb) [HEADLESS] docker run -it \ --device /dev/kvm \ -p 50922:10022 \ @@ -92,7 +92,7 @@ docker run -it \ docker pull sickcodes/docker-osx:auto -# boot directly into a real OSX shell with a visual display +# boot directly into a real OSX shell with a visual display [NOT HEADLESS] docker run -it \ --device /dev/kvm \ -p 50922:10022 \ @@ -144,6 +144,7 @@ Supply your own local image with `-v "${PWD}/mac_hdd_ng.img:/image"` and use `si docker pull sickcodes/docker-osx:naked # run your own image + SSH +# change mac_hdd_ng.img docker run -it \ --device /dev/kvm \ -p 50922:10022 \ diff --git a/custom/generate-unique-machine-values.sh b/custom/generate-unique-machine-values.sh index 6692e29..4b2409a 100755 --- a/custom/generate-unique-machine-values.sh +++ b/custom/generate-unique-machine-values.sh @@ -183,6 +183,8 @@ download_qcow_efi_folder () { generate_serial_sets () { + [[ -e ./config-nopicker-custom.plist ]] || wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/custom-identity/custom/config-nopicker-custom.plist + [[ -e ./opencore-image-ng.sh ]] || wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/custom-identity/custom/opencore-image-ng.sh && chmod +x opencore-image-ng.sh mkdir -p "${OUTPUT_DIRECTORY}/envs" export DATE_NOW="$(date +%F-%T)" export DEVICE_MODEL="${DEVICE_MODEL:=iMacPro1,1}" From 60132b6c81183eaa8202992a3bcb888ae07df5b7 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Fri, 26 Feb 2021 12:27:37 +0000 Subject: [PATCH 20/20] README.md Serial Number/iMessage readiness --- README.md | 249 +++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 230 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 5cba153..d5e8a58 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,43 @@ Thank you to @cephasara for this major contribution. #### Follow [@sickcodes on Twitter](https://twitter.com/sickcodes) for updates or feature requests! +# How to use + +### There are 3 images: **latest**, **auto** and **naked**. + +`sickcodes/docker-osx:latest` - [I want to try it out.](https://github.com/sickcodes/Docker-OSX#quick-start-175gb-pre-made-image) + +`sickcodes/docker-osx:latest` - [I want to use Docker-OSX to develop/secure Apps in Xcode (sign into Xcode, Transporter)](https://github.com/sickcodes/Docker-OSX#quick-start-docker-osx) + +`sickcodes/docker-osx:naked` - [I want to use Docker-OSX in CI/CD (sign into Xcode, Transporter)](https://github.com/sickcodes/Docker-OSX#fully-headless-using-my-own-image-for-cicd) +Create your personal image using `:latest`. And then pull your image out. And then use duplicate that image again & again for use in `:naked`. + +`sickcodes/docker-osx:auto` - [I want to boot into command line only. (compile software, homebrew headless).](https://github.com/sickcodes/Docker-OSX#pre-built-image-arbitrary-command-line-arguments) + +`sickcodes/docker-osx:naked` - [I need iMessage/iCloud for security research.](https://github.com/sickcodes/Docker-OSX#serial-numbers) + +#### I need a screen. +**KEEP** these two lines are in your command. Works in ANY of the machines: +```dockerfile + -v /tmp/.X11-unix:/tmp/.X11-unix \ + -e "DISPLAY=${DISPLAY:-:0.0}" \ +``` + +#### I need headless. +**REMOVE** these two lines from ANY of the machines: +```dockerfile + -v /tmp/.X11-unix:/tmp/.X11-unix \ + -e "DISPLAY=${DISPLAY:-:0.0}" \ +``` + +#### I have used it already, and want to copy this image. +Use `docker commit`, copy the ID, and then `docker start ID` + +**OR** + +[Pull out the .img file](https://github.com/sickcodes/Docker-OSX#backup-the-disk-wheres-my-disk), and then use that [.img file with :naked](https://github.com/sickcodes/Docker-OSX#quick-start-own-image-naked-container-image) + + # Basic Quick Start Docker-OSX ```bash @@ -62,18 +99,16 @@ docker run -it \ Current large image size: 17.5GB -This starts the special auto image @sickcodes prepared earlier. - -This image has already been installed with the following settings: +This starts a container with an existing installation. This special auto image was made by @sickcodes: - SSH enabled -- username is user -- password is alpine -- Autoupdates off +- username is `user` +- password is `alpine` +- auto-updates off -You will need around 50GB of space to run this image: half for the base image + half for your runtime image. +You will need around *50GB* of space to run this image: half for the base image + half for your runtime image. -If you run out of space, you can delete all your Docker images/history/cache by simply deleting `/var/lib/docker` +If you run out of space, you can delete all your old Docker images/history/cache by simply deleting `/var/lib/docker`, and restarting `dockerd`. ```bash @@ -101,6 +136,7 @@ docker run -it \ sickcodes/docker-osx:auto ``` +### Pre-built Image + Arbitrary Command Line Arguments. ```bash @@ -164,6 +200,9 @@ docker run -it \ sickcodes/docker-osx:naked ``` + +### Fully Headless, using my own image, for CI/CD + ```bash # run your own image headless + SSH docker run -it \ @@ -260,7 +299,9 @@ ssh fullname@localhost -p 50922 # Autoboot into OSX after you've installed everything -You can use `-e NOPICKER=true` or for older machines: +You can use `-e NOPICKER=true`. + +Old machines: ```bash # find you containerID @@ -520,7 +561,7 @@ sudo mv somedir/mac_hdd_ng.img . # Use an Old Docker-OSX Disk in a Fresh Container (Replication) -[Use the sickcodes/docker-osx:naked image.](https://github.com/sickcodes/Docker-OSX/tree/custom-identity#quick-start-own-image) +[Use the sickcodes/docker-osx:naked image.](https://github.com/sickcodes/Docker-OSX/tree/master#quick-start-own-image) # Internet Speeds @@ -546,15 +587,6 @@ docker system prune --all docker image prune --all ``` -# INSTANT OSX-KVM in a BOX! -This Dockerfile automates the installation of OSX-KVM inside a docker container. - -It will build a Catalina Disk with up to 200GB of space. - -You can change the size and version using build arguments (see below). - -This file builds on top of the work done by Dhiru Kholia and many others on the OSX-KVM project. - # CI/CD Related Improvements ## How to reduce the size of the image * Start up the container as usual, and remove unnecessary files. A useful way @@ -654,6 +686,185 @@ docker run \ ``` +# Serial Numbers + +The easiest way to show you is by these examples. + +For serial numbers, generate them in `./custom` OR make docker generate them at runtime (see below). + +At any time, verify your serial number before logging in iCloud, etc. + +```bash +ioreg -l | grep IOPlatformSerialNumber + +# or from the host +sshpass -p alpine ssh user@localhost -p 50922 'ioreg -l | grep IOPlatformSerialNumber' +``` + +```bash +# proof of concept only, generates random serial numbers, headlessly, and quits right after. +docker run --rm -it \ + --device /dev/kvm \ + -p 50922:10022 \ + -e NOPICKER=true \ + -e GENERATE_UNIQUE=true \ + -e DEVICE_MODEL="iMacPro1,1" \ + -e OSX_COMMANDS='ioreg -l | grep IOPlatformSerialNumber' \ + sickcodes/docker-osx:auto +``` + +```bash +# run the same as above 17gb auto image, with SSH, with nopicker, and save the bootdisk for later. +# you don't need to save the bootdisk IF you supply specific serial numbers! +touch ./C02TW0WAHX87.qcow + +docker run -it \ + --device /dev/kvm \ + -p 50922:10022 \ + -e NOPICKER=true \ + -e GENERATE_SPECIFIC=true \ + -e DEVICE_MODEL="iMacPro1,1" \ + -e SERIAL="C02TW0WAHX87" \ + -e BOARD_SERIAL="C027251024NJG36UE" \ + -e UUID="5CCB366D-9118-4C61-A00A-E5BAF3BED451" \ + -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \ + -e OSX_COMMANDS='ioreg -l | grep IOPlatformSerialNumber' \ + sickcodes/docker-osx:auto +``` + + +```bash +# run an existing image in current directory, with a screen, with SSH, with nopicker, and save the bootdisk for later. + +stat mac_hdd_ng.img # make sure you have an image if you're using :naked +touch ./mynewbootdisk.qcow + +docker run -it \ + --device /dev/kvm \ + -e "DISPLAY=${DISPLAY:-:0.0}" \ + -v /tmp/.X11-unix:/tmp/.X11-unix \ + -p 50922:10022 \ + -e NOPICKER=true \ + -e GENERATE_SPECIFIC=true \ + -e DEVICE_MODEL="iMacPro1,1" \ + -e SERIAL="C02TW0WAHX87" \ + -e BOARD_SERIAL="C027251024NJG36UE" \ + -e UUID="5CCB366D-9118-4C61-A00A-E5BAF3BED451" \ + -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \ + -e BOOTDISK=/bootdisk \ + -v "${PWD}/mynewbootdisk.qcow:/bootdisk" \ + -v "${PWD}/mac_hdd_ng.img:/image" \ + sickcodes/docker-osx:naked +``` + +If you want to generate serial numbers, either make them at runtime using +` -e GENERATE_UNIQUE=true \` + +Or you can generate them inside the `./custom` folder. And then use: +```bash + -e GENERATE_SPECIFIC=true \ + -e SERIAL="" \ + -e BOARD_SERIAL="" \ + -e UUID="" \ + -e MAC_ADDRESS="" \ +``` + +#### Persistence from generating serial numbers is obviously ideal: + +```bash + +stat mac_hdd_ng_testing.img +touch ./output.qcow +touch ./output.env + +# generate fresh random serial numbers, with a screen, using my own image, and save the bootdisk AND env file with my new serial numbers for later. + +docker run -it \ + --device /dev/kvm \ + -e "DISPLAY=${DISPLAY:-:0.0}" \ + -v /tmp/.X11-unix:/tmp/.X11-unix \ + -p 50922:10022 \ + -e NOPICKER=true \ + -e GENERATE_UNIQUE=true \ + -e GENERATE_SPECIFIC=true \ + -e DEVICE_MODEL="iMacPro1,1" \ + -e BOOTDISK=/bootdisk \ + -v "${PWD}/output.qcow:/bootdisk" \ + -v "${PWD}/output.env:/env" \ + -v "${PWD}/mac_hdd_ng_testing.img:/image" \ + sickcodes/docker-osx:naked +``` + +To use iMessage or iCloud you need to change `5` values. + +`SERIAL` + +`BOARD_SERIAL` + +`UUID` + +`MAC_ADDRESS` + +_`ROM` is just the lowercased mac address, without `:` between each word._ + +You can tell the container to generate them for you using `-e GENERATE_UNIQUE=true` + +Or tell the container to use specific ones using `-e GENERATE_UNIQUE=true` + +```bash + -e GENERATE_SPECIFIC=true \ + -e DEVICE_MODEL="iMacPro1,1" \ + -e SERIAL="C02TW0WAHX87" \ + -e BOARD_SERIAL="C027251024NJG36UE" \ + -e UUID="5CCB366D-9118-4C61-A00A-E5BAF3BED451" \ + -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \ +``` + +### Where do you get the serial numbers? + +```bash +apt install libguestfs -y +pacman -S libguestfs +yum install libguestfs -y +``` + +Inside the `./custom` folder you will find `4` scripts. + +- `config-nopicker-custom.plist` +- `opencore-image-ng.sh` +These two files are from OSX-KVM. + +You don't need to touch these two files. + +The config.plist has 5 values replaced with placeholders. [Click here to see those values for no reason.](https://github.com/sickcodes/Docker-OSX/blob/master/custom/config-nopicker-custom.plist#L705) + +- `generate-unique-machine-values.sh` +This script will generate serial numbers, with Mac Addresses, plus output to CSV/TSV, plus make a `bootdisk image`. + +You can create hundreds, `./custom/generate-unique-machine-values.sh --help` + +```bash +./custom/generate-unique-machine-values.sh \ + --count 1 \ + --tsv ./serial.tsv \ + --bootdisks \ + --output-bootdisk OpenCore.qcow2 \ + --output-env source.env.sh +``` + +Or if you have some specific serial numbers... + +- `generate-specific-bootdisk.sh` +```bash +generate-specific-bootdisk.sh \ + --model "${DEVICE_MODEL}" \ + --serial "${SERIAL}" \ + --board-serial "${BOARD_SERIAL}" \ + --uuid "${UUID}" \ + --mac-address "${MAC_ADDRESS}" \ + --output-bootdisk OpenCore-nopicker.qcow2 +``` + # Allow USB passthrough The simplest way to do this is the following: