mirror of
https://github.com/sickcodes/Docker-OSX.git
synced 2024-12-21 21:41:31 -06:00
commit
671c46046a
45
Dockerfile
45
Dockerfile
@ -80,9 +80,14 @@ RUN if [[ "${RANKMIRRORS}" ]]; then \
|
|||||||
&& cat /etc/pacman.d/mirrorlist \
|
&& cat /etc/pacman.d/mirrorlist \
|
||||||
; fi
|
; fi
|
||||||
|
|
||||||
|
# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
|
||||||
|
RUN pacman -Sy archlinux-keyring --noconfirm && rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate
|
||||||
|
|
||||||
RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
|
RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
|
||||||
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
|
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
|
||||||
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371'
|
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
|
||||||
|
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
|
||||||
|
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
|
||||||
|
|
||||||
# This fails on hub.docker.com, useful for debugging in cloud
|
# This fails on hub.docker.com, useful for debugging in cloud
|
||||||
# RUN [[ $(egrep -c '(svm|vmx)' /proc/cpuinfo) -gt 0 ]] || { echo KVM not possible on this host && exit 1; }
|
# RUN [[ $(egrep -c '(svm|vmx)' /proc/cpuinfo) -gt 0 ]] || { echo KVM not possible on this host && exit 1; }
|
||||||
@ -94,11 +99,11 @@ RUN pacman -Syu git zip vim nano alsa-utils openssh --noconfirm \
|
|||||||
&& ln -s /bin/vim /bin/vi \
|
&& ln -s /bin/vim /bin/vi \
|
||||||
&& useradd arch -p arch \
|
&& useradd arch -p arch \
|
||||||
&& tee -a /etc/sudoers <<< 'arch ALL=(ALL) NOPASSWD: ALL' \
|
&& tee -a /etc/sudoers <<< 'arch ALL=(ALL) NOPASSWD: ALL' \
|
||||||
&& mkdir /home/arch \
|
&& mkdir -p /home/arch \
|
||||||
&& chown arch:arch /home/arch
|
&& chown arch:arch /home/arch
|
||||||
|
|
||||||
# allow ssh to container
|
# allow ssh to container
|
||||||
RUN mkdir -m 700 /root/.ssh
|
RUN mkdir -p -m 700 /root/.ssh
|
||||||
|
|
||||||
WORKDIR /root/.ssh
|
WORKDIR /root/.ssh
|
||||||
RUN touch authorized_keys \
|
RUN touch authorized_keys \
|
||||||
@ -144,7 +149,7 @@ RUN touch enable-ssh.sh \
|
|||||||
|
|
||||||
# RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm
|
# RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm
|
||||||
|
|
||||||
RUN yes | sudo pacman -Syu bc qemu libvirt dnsmasq virt-manager bridge-utils openresolv jack2 ebtables edk2-ovmf netctl libvirt-dbus wget --overwrite --noconfirm \
|
RUN yes | sudo pacman -Syu bc qemu-desktop libvirt dnsmasq virt-manager bridge-utils openresolv jack2 ebtables edk2-ovmf netctl libvirt-dbus wget --overwrite --noconfirm \
|
||||||
&& yes | sudo pacman -Scc
|
&& yes | sudo pacman -Scc
|
||||||
|
|
||||||
WORKDIR /home/arch/OSX-KVM
|
WORKDIR /home/arch/OSX-KVM
|
||||||
@ -157,11 +162,17 @@ RUN make \
|
|||||||
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
|
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
|
||||||
&& rm ./BaseSystem.dmg
|
&& rm ./BaseSystem.dmg
|
||||||
|
|
||||||
|
# fix invalid signature on old libguestfs
|
||||||
|
ARG SIGLEVEL=Never
|
||||||
|
|
||||||
|
RUN sudo tee -a /etc/pacman.conf <<< "SigLevel = ${SIGLEVEL}"
|
||||||
|
|
||||||
ARG LINUX=true
|
ARG LINUX=true
|
||||||
|
|
||||||
# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
|
# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
|
||||||
RUN if [[ "${LINUX}" == true ]]; then \
|
RUN if [[ "${LINUX}" == true ]]; then \
|
||||||
sudo pacman -Syu linux libguestfs --noconfirm \
|
sudo pacman -Syu linux archlinux-keyring guestfs-tools --noconfirm \
|
||||||
|
&& libguestfs-test-tool \
|
||||||
; fi
|
; fi
|
||||||
|
|
||||||
# optional --build-arg to change branches for testing
|
# optional --build-arg to change branches for testing
|
||||||
@ -217,32 +228,22 @@ USER arch
|
|||||||
|
|
||||||
ENV USER arch
|
ENV USER arch
|
||||||
|
|
||||||
#### libguestfs versioning
|
|
||||||
|
|
||||||
# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6
|
|
||||||
|
|
||||||
ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux
|
|
||||||
ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1
|
|
||||||
ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1
|
|
||||||
ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst
|
|
||||||
ENV KERNEL_HEADERS_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-headers-5.12.14.arch1-1-x86_64.pkg.tar.zst
|
|
||||||
ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst
|
|
||||||
|
|
||||||
# fix ad hoc errors from using the arch museum to get libguestfs
|
# fix ad hoc errors from using the arch museum to get libguestfs
|
||||||
RUN sudo sed -i -e 's/^\#RemoteFileSigLevel/RemoteFileSigLevel/g' /etc/pacman.conf
|
RUN sudo sed -i -e 's/^\#RemoteFileSigLevel/RemoteFileSigLevel/g' /etc/pacman.conf
|
||||||
|
|
||||||
RUN sudo pacman -Syy \
|
RUN sudo tee -a /etc/pacman.conf <<< 'RemoteFileSigLevel = Optional' \
|
||||||
|
&& sudo pacman -Syy \
|
||||||
&& sudo pacman -Rns linux --noconfirm \
|
&& sudo pacman -Rns linux --noconfirm \
|
||||||
; sudo pacman -S mkinitcpio --noconfirm \
|
&& sudo pacman -S mkinitcpio pcre pcre2 --noconfirm \
|
||||||
&& sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm || exit 1 \
|
&& sudo pacman -S linux linux-headers --noconfirm || exit 1 \
|
||||||
&& sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm || exit 1 \
|
|
||||||
&& rm -rf /var/tmp/.guestfs-* \
|
&& rm -rf /var/tmp/.guestfs-* \
|
||||||
&& yes | sudo pacman -Scc \
|
&& yes | sudo pacman -Scc \
|
||||||
|
&& export SUPERMIN_KERNEL_VERSION="$(uname -r)" \
|
||||||
|
&& export SUPERMIN_MODULES="/lib/modules/$(uname -r)" \
|
||||||
|
&& export SUPERMIN_KERNEL=/boot/vmlinuz-linux \
|
||||||
&& libguestfs-test-tool || exit 1 \
|
&& libguestfs-test-tool || exit 1 \
|
||||||
&& rm -rf /var/tmp/.guestfs-*
|
&& rm -rf /var/tmp/.guestfs-*
|
||||||
|
|
||||||
####
|
|
||||||
|
|
||||||
# These are hardcoded serials for non-iMessage related research
|
# These are hardcoded serials for non-iMessage related research
|
||||||
# Overwritten by using GENERATE_UNIQUE=true
|
# Overwritten by using GENERATE_UNIQUE=true
|
||||||
# Upstream removed nopicker, so we are adding it back in, at build time
|
# Upstream removed nopicker, so we are adding it back in, at build time
|
||||||
|
19
README.md
19
README.md
@ -95,6 +95,22 @@ docker run -it \
|
|||||||
# docker build -t docker-osx --build-arg SHORTNAME=monterey .
|
# docker build -t docker-osx --build-arg SHORTNAME=monterey .
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Ventura [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/ventura?label=sickcodes%2Fdocker-osx%3Aventura](https://img.shields.io/docker/image-size/sickcodes/docker-osx/ventura?label=sickcodes%2Fdocker-osx%3Aventura)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
|
||||||
|
docker run -it \
|
||||||
|
--device /dev/kvm \
|
||||||
|
-p 50922:10022 \
|
||||||
|
-v /tmp/.X11-unix:/tmp/.X11-unix \
|
||||||
|
-e "DISPLAY=${DISPLAY:-:0.0}" \
|
||||||
|
-e GENERATE_UNIQUE=true \
|
||||||
|
-e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \
|
||||||
|
sickcodes/docker-osx:ventura
|
||||||
|
|
||||||
|
# docker build -t docker-osx --build-arg SHORTNAME=ventura .
|
||||||
|
```
|
||||||
|
|
||||||
#### Run Catalina Pre-Installed [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
|
#### Run Catalina Pre-Installed [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
@ -356,6 +372,7 @@ Pick one of these while **building**, irrelevant when using docker pull:
|
|||||||
--build-arg SHORTNAME=catalina
|
--build-arg SHORTNAME=catalina
|
||||||
--build-arg SHORTNAME=big-sur
|
--build-arg SHORTNAME=big-sur
|
||||||
--build-arg SHORTNAME=monterey
|
--build-arg SHORTNAME=monterey
|
||||||
|
--build-arg SHORTNAME=ventura
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
@ -368,6 +385,7 @@ There currently multiple images, each with different use cases (explained [below
|
|||||||
- Catalina
|
- Catalina
|
||||||
- Big Sur
|
- Big Sur
|
||||||
- Monterey
|
- Monterey
|
||||||
|
- Ventura
|
||||||
- Auto (pre-made Catalina)
|
- Auto (pre-made Catalina)
|
||||||
- Naked (use your own .img)
|
- Naked (use your own .img)
|
||||||
- Naked-Auto (user your own .img and SSH in)
|
- Naked-Auto (user your own .img and SSH in)
|
||||||
@ -504,6 +522,7 @@ Create your personal image using `:latest` or `big-sur`. Then, pull the image ou
|
|||||||
- `sickcodes/docker-osx:naked` - [I need iMessage/iCloud for security research.](#generating-serial-numbers)
|
- `sickcodes/docker-osx:naked` - [I need iMessage/iCloud for security research.](#generating-serial-numbers)
|
||||||
- `sickcodes/docker-osx:big-sur` - [I want to run Big Sur.](#quick-start-docker-osx)
|
- `sickcodes/docker-osx:big-sur` - [I want to run Big Sur.](#quick-start-docker-osx)
|
||||||
- `sickcodes/docker-osx:monterey` - [I want to run Monterey.](#quick-start-docker-osx)
|
- `sickcodes/docker-osx:monterey` - [I want to run Monterey.](#quick-start-docker-osx)
|
||||||
|
- `sickcodes/docker-osx:ventura` - [I want to run Ventura.](#quick-start-docker-osx)
|
||||||
|
|
||||||
- `sickcodes/docker-osx:high-sierra` - I want to run High Sierra.
|
- `sickcodes/docker-osx:high-sierra` - I want to run High Sierra.
|
||||||
- `sickcodes/docker-osx:mojave` - I want to run Mojave.
|
- `sickcodes/docker-osx:mojave` - I want to run Mojave.
|
||||||
|
@ -16,6 +16,7 @@
|
|||||||
# scrot -o catalina_master.png
|
# scrot -o catalina_master.png
|
||||||
# scrot -o big-sur_master.png
|
# scrot -o big-sur_master.png
|
||||||
# scrot -o monterey_master.png
|
# scrot -o monterey_master.png
|
||||||
|
# scrot -o ventura_master.png
|
||||||
# pull off remote server to the tests folder
|
# pull off remote server to the tests folder
|
||||||
# REMOTE_SERVER=
|
# REMOTE_SERVER=
|
||||||
# scp root@"${REMOTE_SERVER}":~/*_master.png .
|
# scp root@"${REMOTE_SERVER}":~/*_master.png .
|
||||||
@ -28,6 +29,7 @@ TESTS=(
|
|||||||
catalina
|
catalina
|
||||||
big-sur
|
big-sur
|
||||||
monterey
|
monterey
|
||||||
|
ventura
|
||||||
)
|
)
|
||||||
|
|
||||||
# test each docker image to see if they boot to their unique respective installation screens.
|
# test each docker image to see if they boot to their unique respective installation screens.
|
||||||
|
Loading…
Reference in New Issue
Block a user