Merge pull request #840 from Dakai/master

Update README.md

.github/workflows/docker-build.yml

@@ -0,0 +1,52 @@
+name: Push Docker Image to Docker Hub
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  push_to_docker_hub:
+    name: Push Docker Image to Docker Hub
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        id: checkout_code
+        uses: actions/checkout@v3
+
+      - name: Login to Docker Hub
+        id: login_docker_hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USER_NAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+      
+      - name: Echo Docker Hub Username
+        run: echo ${{ secrets.DOCKER_HUB_USER_NAME }}
+
+      - name: Echo GitHub SHA
+        run: echo $GITHUB_SHA
+
+      - name: Build Docker image
+        id: build_image
+        run: |
+          docker build "$GITHUB_WORKSPACE" -t sickcodes/docker-osx:master --label dockerfile-path="Dockerfile"
+
+      - name: Label Master Docker Image as Latest
+        id: label_image
+        run: |
+          docker tag sickcodes/docker-osx:master sickcodes/docker-osx:latest
+
+      - name: Push Docker image master
+        id: push_master
+        run: docker push sickcodes/docker-osx:master
+
+      - name: Push Docker image latest
+        id: push_latest
+        run: docker push sickcodes/docker-osx:latest
+
+      - name: Logout from Docker Hub
+        run: docker logout
+
+      - name: End
+        run: echo "Docker image pushed to Docker Hub successfully"

CREDITS.md

@@ -1,5 +1,7 @@
 # Credits
 
+The most important part of the project. You.
+
 ## Upstream Acknowledgements:
 
 This project uses OSX-KVM from https://github.com/kholia/OSX-KVM and fully appreciates the work done by [@Kholia](https://github.com/Kholia) and all the contributors who are listed: [https://github.com/kholia/OSX-KVM/blob/master/CREDITS.md](https://github.com/kholia/OSX-KVM/blob/master/CREDITS.md)
@@ -10,7 +12,7 @@ We use a special fork by [Nicholas Sherlock](https://www.nicksherlock.com/) of K
 
 This project now uses the fantastic OpenCore bootloader from the community OpenCore project: https://github.com/acidanthera/OpenCorePkg. You can join their [Subreddit here](https://www.reddit.com/r/hackintosh/)!
 
-## These credits refer to the contributors to this repository:
+## These credits refer to the legendary contributors to this repository:
 
 [@GreeFine](https://github.com/GreeFine) - Readme Typo #9 
 
@@ -28,7 +30,7 @@ This project now uses the fantastic OpenCore bootloader from the community OpenC
 
 [@jviotti](https://github.com/jviotti) - Auto-boot thru ShowPicker
 
-[@MrBenFTW](https://github.com/MrBenFTW) - Updated macOS version 10.15.5 -> 10.15.6, Enabled screen sharing port forwarding, Removed the need to remove 1gb from the partition.
+[@IAmBenMitchell]([https://github.com/MrBenFTW](https://github.com/iambenmitchell)) - Updated macOS version 10.15.5 -> 10.15.6, Enabled screen sharing port forwarding, Removed the need to remove 1gb from the partition.
 
 [@hoantp](https://github.com/hoantp) - Initialized TigerVNC 1.11.0 fix
 
@@ -72,8 +74,12 @@ This project now uses the fantastic OpenCore bootloader from the community OpenC
 
 [@ggjulio](https://github.com/ggjulio) - Restarting an "auto" container #216
 
+[@panos](https://github.com/panos) - Improved README #212
+
 [@panos](https://github.com/panos) - Made further improvements to the README #219
 
+[@kaoudis](https://github.com/kaoudis) README / troubleshooting docs improvements #235
+
 [@a10kiloham](https://github.com/a10kiloham) - Dockerfile for :naked image with VNC support #245 
 
 [@a10kiloham](https://github.com/a10kiloham) - Adding Bluebubbles as an example use case #250 
@@ -82,7 +88,7 @@ This project now uses the fantastic OpenCore bootloader from the community OpenC
 
 [@tinjaw](https://github.com/tinjaw) - Fixed Type #258
 
-[@m-zheng](https://github.com/m-zheng) -  Update README.md #260 
+[@m-zheng](https://github.com/m-zheng) - Update README.md #260 
 
 [@johnjhacking](https://github.com/johnjhacking) - Change call function to Popen #288 
 
@@ -94,4 +100,34 @@ This project now uses the fantastic OpenCore bootloader from the community OpenC
 
 [@Silfalion](https://github.com/Silfalion) - [https://github.com/Silfalion/Iphone_docker_osx_passthrough](https://github.com/Silfalion/Iphone_docker_osx_passthrough)
 
-[@Buthrakaur](https://github.com/Buthrakaur) readme - improve instructions for running on windows #361
+[@chirag350](https://github.com/chirag350) use LABEL instead of MAINTAINER since MAINTAINER is deprecated #352 
+
+[@Buthrakaur](https://github.com/Buthrakaur) readme - improve instructions for running on windows #361
+
+[@TheHackerCoding](https://github.com/TheHackerCoding) Typo in README #367 
+
+[@cameronsteele](https://github.com/cameronsteele) fix Big Sur build example #378 
+
+[@eggplants](https://github.com/eggplants) Fix command to launch sickcodes/docker-osx:auto #366 
+
+[@martinmullins](https://github.com/martinmullins) Notes for mounting an NFS folder from a linux host #392
+
+[@kimjammer](https://github.com/kimjammer) Readme - Added instructions for using WSLg's built in X11 server #395
+
+[@jk2K](https://github.com/jk2K) fix: support dynamic change of Base image #408
+
+[@MikeCoder96](https://github.com/MikeCoder96) Update README.md with WSL how to #412
+
+[@aslafy-z](https://github.com/aslafy-z) chore(docs): update helm requirements list style #420
+
+[@kimjammer](https://github.com/kimjammer) Update Windows Installation section #422 
+
+[@Mhartig](https://github.com/Mhartig) -  Worked out issue `Enter a number (default=1): error: invalid number: y`
+
+[@felipestt](https://github.com/felipestt)  Use more CPU Cores/SMP' broken #440 
+
+[@routmoute](https://github.com/routmoute) README: add PulseAudio with WSLg #442 
+[@dulatello08](https://github.com/dulatello08) Update README.md #452
+
+[@Anthropohedron](https://github.com/Anthropohedron) Added FAQ.md
+

Dockerfile

@@ -24,6 +24,7 @@
 #
 #       docker build -t docker-osx .
 #       docker build -t docker-osx --build-arg VERSION=10.15.5 --build-arg SIZE=200G .
+#       docker build -t docker-osx-sonoma --build-arg BRANCH=sonoma --build-arg SHORTNAME=sonoma .
 #
 # Basic Run:
 #
@@ -58,27 +59,42 @@ SHELL ["/bin/bash", "-c"]
 
 # change disk size here or add during build, e.g. --build-arg VERSION=10.14.5 --build-arg SIZE=50G
 ARG SIZE=200G
-ARG VERSION=10.15.6
+ARG PARALLEL_DOWNLOADS=30
 
 # OPTIONAL: Arch Linux server mirrors for super fast builds
 # set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
+RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ ${PARALLEL_DOWNLOADS:=30}/g /etc/pacman.conf 
+
 ARG RANKMIRRORS
 ARG MIRROR_COUNTRY=US
 ARG MIRROR_COUNT=10
 
+RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
+
+# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
+RUN pacman -Sy archlinux-keyring --noconfirm \
+    && rm -rf /etc/pacman.d/gnupg \
+    && pacman-key --init \
+    && pacman-key --populate archlinux
+
 RUN if [[ "${RANKMIRRORS}" ]]; then \
         { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
-        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
+        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
         ; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
         | sed -e 's/^#Server/Server/' -e '/^#/d' \
         | head -n "$((${MIRROR_COUNT:-10}+1))" \
         | bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
         && cat /etc/pacman.d/mirrorlist \
     ; fi
 
+RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
+
 # This fails on hub.docker.com, useful for debugging in cloud
 # RUN [[ $(egrep -c '(svm|vmx)' /proc/cpuinfo) -gt 0 ]] || { echo KVM not possible on this host && exit 1; }
 
@@ -89,11 +105,11 @@ RUN pacman -Syu git zip vim nano alsa-utils openssh --noconfirm \
     && ln -s /bin/vim /bin/vi \
     && useradd arch -p arch \
     && tee -a /etc/sudoers <<< 'arch ALL=(ALL) NOPASSWD: ALL' \
-    && mkdir /home/arch \
+    && mkdir -p /home/arch \
     && chown arch:arch /home/arch
 
 # allow ssh to container
-RUN mkdir -m 700 /root/.ssh
+RUN mkdir -p -m 700 /root/.ssh
 
 WORKDIR /root/.ssh
 RUN touch authorized_keys \
@@ -112,8 +128,7 @@ RUN tee -a sshd_config <<< 'AllowTcpForwarding yes' \
 
 USER arch
 
-# download OSX-KVM
-# RUN git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git /home/arch/OSX-KVM
+# download OSX-KVM for the submodules
 RUN git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git /home/arch/OSX-KVM
 
 # enable ssh
@@ -139,38 +154,33 @@ RUN touch enable-ssh.sh \
 
 # RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm
 
-RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils openresolv jack ebtables edk2-ovmf netctl libvirt-dbus wget --overwrite --noconfirm \
+RUN yes | sudo pacman -Syu bc qemu-desktop libvirt dnsmasq virt-manager bridge-utils openresolv jack2 ebtables edk2-ovmf netctl libvirt-dbus wget scrot --overwrite --noconfirm \
     && yes | sudo pacman -Scc
 
 WORKDIR /home/arch/OSX-KVM
 
-RUN wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/fetch-macOS.py
+# fix invalid signature on old libguestfs
+ARG SIGLEVEL=Never
 
-RUN [[ "${VERSION%%.*}" -lt 11 ]] && { python fetch-macOS.py --version "${VERSION}" \
-        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
-        && qemu-img create -f qcow2 mac_hdd_ng.img "${SIZE}" \
-        && rm -f BaseSystem.dmg \
-    ; } || true
+RUN sudo tee -a /etc/pacman.conf <<< "SigLevel = ${SIGLEVEL}" \
+    && sudo tee -a /etc/pacman.conf <<< 'RemoteFileSigLevel = Optional' \
+    && sudo sed -i -e 's/^\#RemoteFileSigLevel/RemoteFileSigLevel/g' /etc/pacman.conf
 
-# VERSION=11.2.1
-# this downloads LATEST ONLY
-ARG FETCH_MAC_OS_RAW=https://raw.githubusercontent.com/acidanthera/OpenCorePkg/master/Utilities/macrecovery/macrecovery.py
-# submit a PR to here to get the version option https://github.com/acidanthera/OpenCorePkg/blob/master/Utilities/macrecovery/macrecovery.py
+ARG LINUX=true
 
-RUN [[ "${VERSION%%.*}" -ge 11 ]] && { wget "${FETCH_MAC_OS_RAW}" \
-        && python macrecovery.py download \
-        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
-        && qemu-img create -f qcow2 mac_hdd_ng.img "${SIZE}" \
-        && rm -f BaseSystem.dmg \
-    ; } || true
-
-WORKDIR /home/arch/OSX-KVM
+# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
+# reminder this is what makes :naked image larger than expected
+RUN if [[ "${LINUX}" == true ]]; then \
+        sudo pacman -Syu linux linux-headers archlinux-keyring guestfs-tools mkinitcpio pcre pcre2 --noconfirm \
+        && libguestfs-test-tool \
+        && rm -rf /var/tmp/.guestfs-* \
+        && yes | sudo pacman -Scc \
+    ; fi
 
 # optional --build-arg to change branches for testing
 ARG BRANCH=master
 ARG REPO='https://github.com/sickcodes/Docker-OSX.git'
-# RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}"
-RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}"
+RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH:=master}" "${REPO:=https://github.com/sickcodes/Docker-OSX.git}"
 
 RUN touch Launch.sh \
     && chmod +x ./Launch.sh \
@@ -181,11 +191,12 @@ RUN touch Launch.sh \
     && tee -a Launch.sh <<< '[[ "${RAM}" = max ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 1000000"))"' \
     && tee -a Launch.sh <<< '[[ "${RAM}" = half ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 2000000"))"' \
     && tee -a Launch.sh <<< 'sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true' \
-    && tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-2}000 \' \
+    && tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-4}000 \' \
     && tee -a Launch.sh <<< '-cpu ${CPU:-Penryn},${CPUID_FLAGS:-vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,}${BOOT_ARGS} \' \
     && tee -a Launch.sh <<< '-machine q35,${KVM-"accel=kvm:tcg"} \' \
     && tee -a Launch.sh <<< '-smp ${CPU_STRING:-${SMP:-4},cores=${CORES:-4}} \' \
-    && tee -a Launch.sh <<< '-usb -device usb-kbd -device usb-tablet \' \
+    && tee -a Launch.sh <<< '-device qemu-xhci,id=xhci \' \
+    && tee -a Launch.sh <<< '-device usb-kbd,bus=xhci.0 -device usb-tablet,bus=xhci.0 \' \
     && tee -a Launch.sh <<< '-device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \' \
     && tee -a Launch.sh <<< '-drive if=pflash,format=raw,readonly=on,file=/home/arch/OSX-KVM/OVMF_CODE.fd \' \
     && tee -a Launch.sh <<< '-drive if=pflash,format=raw,file=/home/arch/OSX-KVM/OVMF_VARS-1024x768.fd \' \
@@ -195,7 +206,7 @@ RUN touch Launch.sh \
     && tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=${BOOTDISK:-/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2} \' \
     && tee -a Launch.sh <<< '-device ide-hd,bus=sata.2,drive=OpenCoreBoot \' \
     && tee -a Launch.sh <<< '-device ide-hd,bus=sata.3,drive=InstallMedia \' \
-    && tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \' \
+    && tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=${BASESYSTEM_FORMAT:-qcow2} \' \
     && tee -a Launch.sh <<< '-drive id=MacHDD,if=none,file=${IMAGE_PATH:-/home/arch/OSX-KVM/mac_hdd_ng.img},format=${IMAGE_FORMAT:-qcow2} \' \
     && tee -a Launch.sh <<< '-device ide-hd,bus=sata.4,drive=MacHDD \' \
     && tee -a Launch.sh <<< '-netdev user,id=net0,hostfwd=tcp::${INTERNAL_SSH_PORT:-10022}-:22,hostfwd=tcp::${SCREEN_SHARE_PORT:-5900}-:5900,${ADDITIONAL_PORTS} \' \
@@ -217,35 +228,17 @@ RUN grep -v InstallMedia ./Launch.sh > ./Launch-nopicker.sh \
 
 USER arch
 
-ENV USER arch
-
-#### libguestfs versioning
-
-# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6
-
-ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux
-ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1
-ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1
-ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst
-ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst
-
-ARG LINUX=true
-
-# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
-RUN if [[ "${LINUX}" == true ]]; then \
-        sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \
-        ; sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \
-        ; sudo libguestfs-test-tool \
-        ; sudo rm -rf /var/tmp/.guestfs-* \
-    ; fi
-
-####
+ENV USER=arch
 
 # These are hardcoded serials for non-iMessage related research
 # Overwritten by using GENERATE_UNIQUE=true
 # Upstream removed nopicker, so we are adding it back in, at build time
 # Once again, this is just for the Docker build so there is a default nopicker image there
 
+# libguestfs verbose
+ENV LIBGUESTFS_DEBUG=1
+ENV LIBGUESTFS_TRACE=1
+
 ARG STOCK_DEVICE_MODEL=iMacPro1,1
 ARG STOCK_SERIAL=C02TM2ZBHX87
 ARG STOCK_BOARD_SERIAL=C02717306J9JG361M
@@ -267,7 +260,8 @@ RUN ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
     --mac-address "${STOCK_MAC_ADDRESS}" \
     --width "${STOCK_WIDTH}" \
     --height "${STOCK_HEIGHT}" \
-    --output-bootdisk "${STOCK_BOOTDISK}"
+    --output-bootdisk "${STOCK_BOOTDISK}" || exit 1 \
+    ; rm -rf /var/tmp/.guestfs-*
 
 RUN ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
     --master-plist-url="${STOCK_MASTER_PLIST_URL_NOPICKER}" \
@@ -278,10 +272,11 @@ RUN ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
     --mac-address "${STOCK_MAC_ADDRESS}" \
     --width "${STOCK_WIDTH}" \
     --height "${STOCK_HEIGHT}" \
-    --output-bootdisk "${STOCK_BOOTDISK_NOPICKER}"
+    --output-bootdisk "${STOCK_BOOTDISK_NOPICKER}" || exit 1 \
+    ; rm -rf /var/tmp/.guestfs-*
 
 ### symlink the old directory as upstream has renamed a directory. Symlinking purely for backwards compatability!
-RUN ln -s /home/arch/OSX-KVM/Opencore /home/arch/OSX-KVM/Opencore-Catalina || true
+RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
 ####
 
 #### SPECIAL RUNTIME ARGUMENTS BELOW
@@ -289,6 +284,11 @@ RUN ln -s /home/arch/OSX-KVM/Opencore /home/arch/OSX-KVM/Opencore-Catalina || tr
 # for example, -e ADDITIONAL_PORTS=hostfwd=tcp::23-:23,
 ENV ADDITIONAL_PORTS=
 
+# since the Makefile uses raw, and raw uses the full disk amount
+# we want to use a compressed qcow2
+# ENV BASESYSTEM_FORMAT=raw
+ENV BASESYSTEM_FORMAT=qcow2
+
 # add additional QEMU boot arguments
 ENV BOOT_ARGS=
 
@@ -314,7 +314,7 @@ ENV IMAGE_FORMAT=qcow2
 
 ENV KVM='accel=kvm:tcg'
 
-ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-nopicker-custom.plist"
+ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist"
 
 # ENV NETWORKING=e1000-82545em
 ENV NETWORKING=vmxnet3
@@ -323,7 +323,7 @@ ENV NETWORKING=vmxnet3
 ENV NOPICKER=false
 
 # dynamic RAM options for runtime
-ENV RAM=3
+ENV RAM=4
 # ENV RAM=max
 # ENV RAM=half
 
@@ -332,10 +332,6 @@ ENV RAM=3
 ENV WIDTH=1920
 ENV HEIGHT=1080
 
-# libguestfs verbose
-ENV LIBGUESTFS_DEBUG=1
-ENV LIBGUESTFS_TRACE=1
-
 VOLUME ["/tmp/.X11-unix"]
 
 # check if /image is a disk image or a directory. This allows you to optionally use -v disk.img:/image
@@ -357,7 +353,20 @@ VOLUME ["/tmp/.X11-unix"]
 # the default serial numbers are already contained in ./OpenCore/OpenCore.qcow2
 # And the default serial numbers
 
-CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
+# DMCA compliant download process
+# If BaseSystem.img does not exist, download ${SHORTNAME}
+
+# shortname default is below
+ENV SHORTNAME=sequoia
+
+ENV BASESYSTEM_IMAGE=BaseSystem.img
+
+CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
+        && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
+        && make \
+        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
+        && rm ./BaseSystem.dmg \
+    ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
     ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
     ; [[ "${NOPICKER}" == true ]] && { \
         sed -i '/^.*InstallMedia.*/d' Launch.sh \

Dockerfile.auto

@@ -42,7 +42,7 @@
 
 FROM sickcodes/docker-osx:latest
 
-MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
+LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
 
 USER root
 
@@ -53,25 +53,41 @@ ARG SCROT
 
 # OPTIONAL: Arch Linux server mirrors for super fast builds
 # set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
+RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ 30/g /etc/pacman.conf 
 ARG RANKMIRRORS
 ARG MIRROR_COUNTRY=US
 ARG MIRROR_COUNT=10
 
+RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
+
+# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
+RUN pacman -Sy archlinux-keyring --noconfirm \
+    && rm -rf /etc/pacman.d/gnupg \
+    && pacman-key --init \
+    && pacman-key --populate archlinux
+
 RUN if [[ "${RANKMIRRORS}" ]]; then \
         { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
-        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
+        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
         ; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
         | sed -e 's/^#Server/Server/' -e '/^#/d' \
         | head -n "$((${MIRROR_COUNT:-10}+1))" \
         | bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
-        && cat /etc/pacman.d/mirrorlist \
-    ; fi \
-    ; yes | pacman -Scc
 
-RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noconfirm \
+
+
+        && cat /etc/pacman.d/mirrorlist \
+    ; fi
+
+RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
+    
+RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr --noconfirm \
     && if [[ "${SCROT}" ]]; then \
         pacman -Syu scrot base-devel --noconfirm \
         && git clone --recurse-submodules --depth 1 https://github.com/stolk/imcat.git \
@@ -88,34 +104,13 @@ RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noc
     ; fi \
     ; yes | pacman -Scc
 
+RUN pacman -S sshpass --noconfirm \
+    && yes | pacman -Scc
+
 USER arch
 
 ENV USER arch
 
-
-#### libguestfs versioning
-
-# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6
-
-ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux
-ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1
-ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1
-ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst
-ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst
-
-ARG LINUX=true
-
-# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
-RUN if [[ "${LINUX}" == true ]]; then \
-        sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \
-        ; sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \
-        ; sudo libguestfs-test-tool \
-        ; sudo rm -rf /var/tmp/.guestfs-* \
-    ; fi
-
-####
-
-
 WORKDIR /home/arch/OSX-KVM
 
 RUN mkdir -p ~/.ssh \
@@ -149,7 +144,7 @@ RUN if [[ "${COMPLETE}" ]]; then \
 ####
 
 # symlink the old directory, for redundancy
-RUN ln -s /home/arch/OSX-KVM/Opencore /home/arch/OSX-KVM/Opencore-Catalina || true
+RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
 
 ####
 
@@ -211,7 +206,20 @@ ENV TERMS_OF_USE=i_agree
 
 ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree"
 
-CMD echo "${BOILERPLATE}" \
+# DMCA compliant download process
+# If BaseSystem.img does not exist, download ${SHORTNAME}
+
+# shortname default is catalina, which means :latest is catalina
+ENV SHORTNAME=sonoma
+
+ENV BASESYSTEM_IMAGE=BaseSystem.img
+
+CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
+        && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
+        && make \
+        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
+        && rm ./BaseSystem.dmg \
+    ; echo "${BOILERPLATE}" \
     ; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \
     ; echo "Disk is being copied between layers... Please wait a minute..." \
     ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \

Dockerfile.monterey

@@ -1,237 +0,0 @@
-#!/usr/bin/docker
-#     ____             __             ____  ______  __
-#    / __ \____  _____/ /_____  _____/ __ \/ ___/ |/ /
-#   / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \|   /
-#  / /_/ / /_/ / /__/ ,< /  __/ /  / /_/ /___/ /   |
-# /_____/\____/\___/_/|_|\___/_/   \____//____/_/|_| [MONTEREY]
-#
-# Title:            Docker-OSX (Mac on Docker)
-# Author:           Sick.Codes https://twitter.com/sickcodes
-# Version:          6.0
-# License:          GPLv3+
-# Repository:       https://github.com/sickcodes/Docker-OSX
-# Website:          https://sick.codes
-# 
-# Notes:            Uses a self-hosted BaseSystem.img from a USB installer.
-#                   If you want to DIY, use https://github.com/corpnewt/gibMacOS
-#                   Set seed as developer, and install the Install Assistant on Big Sur
-#                   Burn to a USB, and pull out BaseSystem.img
-#                   Or download from https://images.sick.codes/BaseSystem_Monterey.dmg
-# 
-
-FROM sickcodes/docker-osx
-
-MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
-
-SHELL ["/bin/bash", "-c"]
-
-# change disk size here or add during build, e.g. --build-arg VERSION=10.14.5 --build-arg SIZE=50G
-ARG SIZE=200G
-ARG BASE_SYSTEM='https://images.sick.codes/BaseSystem_Monterey.dmg'
-
-WORKDIR /home/arch/OSX-KVM
-
-RUN wget -O BaseSystem.dmg "${BASE_SYSTEM}" \
-    && qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
-    && rm -f BaseSystem.dmg
-
-RUN qemu-img create -f qcow2 /home/arch/OSX-KVM/mac_hdd_ng.img "${SIZE}"
-
-WORKDIR /home/arch/OSX-KVM
-
-ARG LINUX=true
-
-# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
-RUN if [[ "${LINUX}" == true ]]; then \
-        sudo pacman -Syu linux libguestfs --noconfirm \
-    ; fi
-
-# optional --build-arg to change branches for testing
-ARG BRANCH=master
-ARG REPO='https://github.com/sickcodes/Docker-OSX.git'
-# RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}"
-RUN rm -rf ./Docker-OSX \
-    && git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}"
-
-RUN touch Launch.sh \
-    && chmod +x ./Launch.sh \
-    && tee -a Launch.sh <<< '#!/bin/bash' \
-    && tee -a Launch.sh <<< 'set -eux' \
-    && tee -a Launch.sh <<< 'sudo chown    $(id -u):$(id -g) /dev/kvm 2>/dev/null || true' \
-    && tee -a Launch.sh <<< 'sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true' \
-    && tee -a Launch.sh <<< '[[ "${RAM}" = max ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 1000000"))"' \
-    && tee -a Launch.sh <<< '[[ "${RAM}" = half ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 2000000"))"' \
-    && tee -a Launch.sh <<< 'sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true' \
-    && tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-2}000 \' \
-    && tee -a Launch.sh <<< '-cpu ${CPU:-Penryn},${CPUID_FLAGS:-vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,}${BOOT_ARGS} \' \
-    && tee -a Launch.sh <<< '-machine q35,${KVM-"accel=kvm:tcg"} \' \
-    && tee -a Launch.sh <<< '-smp ${CPU_STRING:-${SMP:-4},cores=${CORES:-4}} \' \
-    && tee -a Launch.sh <<< '-usb -device usb-kbd -device usb-tablet \' \
-    && tee -a Launch.sh <<< '-device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \' \
-    && tee -a Launch.sh <<< '-drive if=pflash,format=raw,readonly=on,file=/home/arch/OSX-KVM/OVMF_CODE.fd \' \
-    && tee -a Launch.sh <<< '-drive if=pflash,format=raw,file=/home/arch/OSX-KVM/OVMF_VARS-1024x768.fd \' \
-    && tee -a Launch.sh <<< '-smbios type=2 \' \
-    && tee -a Launch.sh <<< '-audiodev ${AUDIO_DRIVER:-alsa},id=hda -device ich9-intel-hda -device hda-duplex,audiodev=hda \' \
-    && tee -a Launch.sh <<< '-device ich9-ahci,id=sata \' \
-    && tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=${BOOTDISK:-/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2} \' \
-    && tee -a Launch.sh <<< '-device ide-hd,bus=sata.2,drive=OpenCoreBoot \' \
-    && tee -a Launch.sh <<< '-device ide-hd,bus=sata.3,drive=InstallMedia \' \
-    && tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \' \
-    && tee -a Launch.sh <<< '-drive id=MacHDD,if=none,file=${IMAGE_PATH:-/home/arch/OSX-KVM/mac_hdd_ng.img},format=${IMAGE_FORMAT:-qcow2} \' \
-    && tee -a Launch.sh <<< '-device ide-hd,bus=sata.4,drive=MacHDD \' \
-    && tee -a Launch.sh <<< '-netdev user,id=net0,hostfwd=tcp::${INTERNAL_SSH_PORT:-10022}-:22,hostfwd=tcp::${SCREEN_SHARE_PORT:-5900}-:5900,${ADDITIONAL_PORTS} \' \
-    && tee -a Launch.sh <<< '-device ${NETWORKING:-vmxnet3},netdev=net0,id=net0,mac=${MAC_ADDRESS:-52:54:00:09:49:17} \' \
-    && tee -a Launch.sh <<< '-monitor stdio \' \
-    && tee -a Launch.sh <<< '-boot menu=on \' \
-    && tee -a Launch.sh <<< '-vga vmware \' \
-    && tee -a Launch.sh <<< '${EXTRA:-}'
-
-# docker exec containerid mv ./Launch-nopicker.sh ./Launch.sh
-# This is now a legacy command.
-# You can use -e BOOTDISK=/bootdisk with -v ./bootdisk.img:/bootdisk
-RUN grep -v InstallMedia ./Launch.sh > ./Launch-nopicker.sh \
-    && chmod +x ./Launch-nopicker.sh \
-    && sed -i -e s/OpenCore\.qcow2/OpenCore\-nopicker\.qcow2/ ./Launch-nopicker.sh
-
-USER arch
-
-ENV USER arch
-
-
-#### libguestfs versioning
-
-# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6
-
-ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux
-ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1
-ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1
-ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst
-ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst
-
-ARG LINUX=true
-
-# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
-RUN if [[ "${LINUX}" == true ]]; then \
-        sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \
-        ; sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \
-        ; sudo libguestfs-test-tool \
-        ; sudo rm -rf /var/tmp/.guestfs-* \
-    ; fi
-
-####
-
-# symlink the old directory, for redundancy
-RUN ln -s /home/arch/OSX-KVM/Opencore /home/arch/OSX-KVM/Opencore-Catalina || true
-
-####
-
-#### SPECIAL RUNTIME ARGUMENTS BELOW
-
-# env -e ADDITIONAL_PORTS with a comma
-# for example, -e ADDITIONAL_PORTS=hostfwd=tcp::23-:23,
-ENV ADDITIONAL_PORTS=
-
-# add additional QEMU boot arguments
-ENV BOOT_ARGS=
-
-ENV BOOTDISK=
-
-# edit the CPU that is being emulated
-ENV CPU=Penryn
-ENV CPUID_FLAGS='vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,'
-
-ENV DISPLAY=:0.0
-
-# Deprecated
-ENV ENV=/env
-
-# Boolean for generating a bootdisk with new random serials.
-ENV GENERATE_UNIQUE=false
-
-# Boolean for generating a bootdisk with specific serials.
-ENV GENERATE_SPECIFIC=false
-
-ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img
-ENV IMAGE_FORMAT=qcow2
-
-ENV KVM='accel=kvm:tcg'
-
-ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist"
-
-# ENV NETWORKING=e1000-82545em
-ENV NETWORKING=vmxnet3
-
-# boolean for skipping the disk selection menu at in the boot process
-ENV NOPICKER=false
-
-# dynamic RAM options for runtime
-ENV RAM=3
-# ENV RAM=max
-# ENV RAM=half
-
-# The x and y coordinates for resolution.
-# Must be used with either -e GENERATE_UNIQUE=true or -e GENERATE_SPECIFIC=true.
-ENV WIDTH=1920
-ENV HEIGHT=1080
-
-# libguestfs verbose
-ENV LIBGUESTFS_DEBUG=1
-ENV LIBGUESTFS_TRACE=1
-
-VOLUME ["/tmp/.X11-unix"]
-
-# check if /image is a disk image or a directory. This allows you to optionally use -v disk.img:/image
-# NOPICKER is used to skip the disk selection screen
-# GENERATE_UNIQUE is used to generate serial numbers on boot.
-# /env is a file that you can generate and save using -v source.sh:/env
-# the env file is a file that you can carry to the next container which will supply the serials numbers.
-# GENERATE_SPECIFIC is used to either accept the env serial numbers OR you can supply using:
-    # -e DEVICE_MODEL="iMacPro1,1" \
-    # -e SERIAL="C02TW0WAHX87" \
-    # -e BOARD_SERIAL="C027251024NJG36UE" \
-    # -e UUID="5CCB366D-9118-4C61-A00A-E5BAF3BED451" \
-    # -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \
-
-# the output will be /bootdisk.
-# /bootdisk is a useful persistent place to store the 15Mb serial number bootdisk.
-
-# if you don't set any of the above:
-# the default serial numbers are already contained in ./OpenCore/OpenCore.qcow2
-# And the default serial numbers
-
-CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
-    ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
-    ; [[ "${NOPICKER}" == true ]] && { \
-        sed -i '/^.*InstallMedia.*/d' Launch.sh \
-        && export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2}" \
-    ; } \
-    || export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
-    ; [[ "${GENERATE_UNIQUE}" == true ]] && { \
-        ./Docker-OSX/osx-serial-generator/generate-unique-machine-values.sh \
-            --master-plist-url="${MASTER_PLIST_URL}" \
-            --count 1 \
-            --tsv ./serial.tsv \
-            --bootdisks \
-            --width "${WIDTH:-1920}" \
-            --height "${HEIGHT:-1080}" \
-            --output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
-            --output-env "${ENV:=/env}" \
-    || exit 1 ; } \
-    ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \
-            source "${ENV:=/env}" 2>/dev/null \
-            ; ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
-            --master-plist-url="${MASTER_PLIST_URL}" \
-            --model "${DEVICE_MODEL}" \
-            --serial "${SERIAL}" \
-            --board-serial "${BOARD_SERIAL}" \
-            --uuid "${UUID}" \
-            --mac-address "${MAC_ADDRESS}" \
-            --width "${WIDTH:-1920}" \
-            --height "${HEIGHT:-1080}" \
-            --output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
-    || exit 1 ; } \
-    ; ./enable-ssh.sh && /bin/bash -c ./Launch.sh
-
-# virt-manager mode: eta son
-# CMD virsh define <(envsubst < Docker-OSX.xml) && virt-manager || virt-manager
-# CMD virsh define <(envsubst < macOS-libvirt-Catalina.xml) && virt-manager || virt-manager

Dockerfile.naked

@@ -32,7 +32,7 @@
 
 FROM sickcodes/docker-osx:latest
 
-MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
+LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
 
 USER root
 
@@ -42,21 +42,37 @@ RUN rm -f /home/arch/OSX-KVM/mac_hdd_ng.img
 
 # OPTIONAL: Arch Linux server mirrors for super fast builds
 # set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
+RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ 30/g /etc/pacman.conf 
 ARG RANKMIRRORS
 ARG MIRROR_COUNTRY=US
 ARG MIRROR_COUNT=10
-RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
-        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
+
+RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
+
+# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
+RUN pacman -Sy archlinux-keyring --noconfirm \
+    && rm -rf /etc/pacman.d/gnupg \
+    && pacman-key --init \
+    && pacman-key --populate archlinux
+
+RUN if [[ "${RANKMIRRORS}" ]]; then \
+        { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
+        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
         ; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
         | sed -e 's/^#Server/Server/' -e '/^#/d' \
         | head -n "$((${MIRROR_COUNT:-10}+1))" \
         | bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
         && cat /etc/pacman.d/mirrorlist \
     ; fi
 
+RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
+
 # For taking screenshots of the Xfvb screen, useful during development.
 ARG SCROT
 
@@ -81,30 +97,6 @@ USER arch
 
 ENV USER arch
 
-
-#### libguestfs versioning
-
-# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6
-
-ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux
-ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1
-ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1
-ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst
-ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst
-
-ARG LINUX=true
-
-# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
-RUN if [[ "${LINUX}" == true ]]; then \
-        sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \
-        ; sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \
-        ; sudo libguestfs-test-tool \
-        ; sudo rm -rf /var/tmp/.guestfs-* \
-    ; fi
-
-####
-
-
 WORKDIR /home/arch/OSX-KVM
 
 RUN mkdir -p ~/.ssh \
@@ -120,7 +112,7 @@ RUN mkdir -p ~/.ssh \
 ####
 
 # symlink the old directory, for redundancy
-RUN ln -s /home/arch/OSX-KVM/Opencore /home/arch/OSX-KVM/Opencore-Catalina || true
+RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
 
 ####
 
@@ -174,7 +166,20 @@ ENV HEIGHT=1080
 ENV LIBGUESTFS_DEBUG=1
 ENV LIBGUESTFS_TRACE=1
 
-CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
+# DMCA compliant download process
+# If BaseSystem.img does not exist, download ${SHORTNAME}
+
+# shortname default is catalina, which means :latest is catalina
+ENV SHORTNAME=sonoma
+
+ENV BASESYSTEM_IMAGE=BaseSystem.img
+
+CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
+        && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
+        && make \
+        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
+        && rm ./BaseSystem.dmg \
+    ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
     ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
     ; { [[ "${DISPLAY}" = ':99' ]] || [[ "${HEADLESS}" == true ]] ; } && { \
         nohup Xvfb :99 -screen 0 1920x1080x16 \

Dockerfile.naked-auto

@@ -18,7 +18,7 @@
 
 FROM sickcodes/docker-osx:latest
 
-MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
+LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
 
 USER root
 
@@ -31,28 +31,41 @@ ARG SCROT
 
 # OPTIONAL: Arch Linux server mirrors for super fast builds
 # set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
+RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ 30/g /etc/pacman.conf 
 ARG RANKMIRRORS
 ARG MIRROR_COUNTRY=US
 ARG MIRROR_COUNT=10
 
+RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
+    && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
+
+# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
+RUN pacman -Sy archlinux-keyring --noconfirm \
+    && rm -rf /etc/pacman.d/gnupg \
+    && pacman-key --init \
+    && pacman-key --populate archlinux
+
 RUN if [[ "${RANKMIRRORS}" ]]; then \
         { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
-        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
+        ; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
         ; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
         | sed -e 's/^#Server/Server/' -e '/^#/d' \
         | head -n "$((${MIRROR_COUNT:-10}+1))" \
         | bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
-        && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
         && cat /etc/pacman.d/mirrorlist \
-    ; fi \
-    ; yes | pacman -Scc
+    ; fi
+
+RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
+    && tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
 
 # For taking screenshots of the Xfvb screen, useful during development.
 ARG SCROT
 
-RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noconfirm \
+RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr --noconfirm \
     && if [[ "${SCROT}" ]]; then \
         pacman -Syu scrot base-devel --noconfirm \
         && git clone --recurse-submodules --depth 1 https://github.com/stolk/imcat.git \
@@ -69,33 +82,13 @@ RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noc
     ; fi \
     ; yes | pacman -Scc
 
+RUN pacman -S sshpass --noconfirm \
+    && yes | pacman -Scc
+
 USER arch
 
 ENV USER arch
 
-#### libguestfs versioning
-
-# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6
-
-ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux
-ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1
-ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1
-ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst
-ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst
-
-ARG LINUX=true
-
-# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
-RUN if [[ "${LINUX}" == true ]]; then \
-        sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \
-        ; sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \
-        ; sudo libguestfs-test-tool \
-        ; sudo rm -rf /var/tmp/.guestfs-* \
-    ; fi
-
-####
-
-
 WORKDIR /home/arch/OSX-KVM
 
 RUN mkdir -p ~/.ssh \
@@ -128,7 +121,7 @@ RUN if [[ "${COMPLETE}" ]]; then \
 ####
 
 # symlink the old directory, for redundancy
-RUN ln -s /home/arch/OSX-KVM/Opencore /home/arch/OSX-KVM/Opencore-Catalina || true
+RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
 
 ####
 
@@ -190,7 +183,20 @@ ENV TERMS_OF_USE=i_agree
 
 ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree"
 
-CMD echo "${BOILERPLATE}" \
+# DMCA compliant download process
+# If BaseSystem.img does not exist, download ${SHORTNAME}
+
+# shortname default is catalina, which means :latest is catalina
+ENV SHORTNAME=sonoma
+
+ENV BASESYSTEM_IMAGE=BaseSystem.img
+
+CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
+        && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
+        && make \
+        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
+        && rm ./BaseSystem.dmg \
+    ; echo "${BOILERPLATE}" \
     ; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \
     ; echo "Disk is being copied between layers... Please wait a minute..." \
     ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \

FAQ.md

@@ -0,0 +1,357 @@
+# Frequently Asked Questions
+
+These questions come up regularly, so here are the answers.
+
+## Basics
+
+### Is this legal?
+
+The [macOS software license](https://www.apple.com/legal/sla/) allows running (some versions of) macOS in a virtual machine only on Apple hardware. The [Apple Security Bounty terms and conditions](https://security.apple.com/terms-and-conditions/) make an exception to that (and essentially anything in the macOS software license) under some specific circumstances.
+
+Therefore, yes, there is a legal use for Docker-OSX. If your use doesn't fall under the license or the security bounty terms, then you are/will be violating the macOS software license. **Note that this is not provided as legal advice, and you should consult with your own counsel for legal guidance.**
+
+You may also be interested in this [deeper dive into the subject](https://sick.codes/is-hackintosh-osx-kvm-or-docker-osx-legal/).
+
+### What does Docker-OSX do?
+
+Docker-OSX is an approach to setting up and launching a macOS virtual machine (VM) under [docker](https://en.wikipedia.org/wiki/Docker_(software)). The [Dockerfile](Dockerfile) is essentially a docker image building script that:
+1. validates a few things about the environment
+2. installs VM software (qemu) and creates a virtual disk within the docker container
+3. generates a serial number and firmware to make the VM look (enough) like Mac hardware
+4. downloads a macOS installer disk image
+5. generates a shell script to start the VM
+
+The default configuration is intended to create an ephemeral but repeatably bootable macOS that can be probed for security research.
+
+### Why docker?
+
+Docker provides a straightforward way to package a flexible turnkey solution to setting up a macOS VM. It is not the only way to do so, nor is it necessarily the best approach to setting up a long-lived, persistent macOS VM. You may prefer to study the [Dockerfile](Dockerfile) and/or [OSX-KVM](https://github.com/kholia/OSX-KVM) to prepare a VM to run under [proxmox](https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment) or [libvirt](https://en.wikipedia.org/wiki/Libvirt).
+
+## Can I...
+
+### ...run BlueBubbles/AirMessage/Beeper on it?
+
+Yes. Make sure you [make serial numbers persist across reboots](README.md#making-serial-numbers-persist-across-reboots) after generating a unique serial number for yourself; don't use the default serial number. There is, of course, no guarantee that Apple won't block/disable your account, or inflict other consequences. See also the [legal considerations](#is-this-legal).
+
+### ...develop iPhone apps on it?
+
+Yes. You will probably find Xcode's UI frustratingly slow, but yes. Compiling apps (e.g. React Native) from the command line is likely to be less frustrating. There is, of course, no guarantee that Apple won't block/disable your account, remove you from the Apple Developer program, or inflict other consequences. See also the [legal considerations](#is-this-legal).
+
+### ...connect my iPhone or other USB device to it?
+
+Yes, at least if your host OS is Linux. See [instructions](README.md#vfio-iphone-usb-passthrough-vfio). It may or may not be possible if your host OS is Windows.
+
+### ...run CI/CD processes with it?
+
+Maybe, but there are several reasons not to:
+1. There are [legal considerations](#is-this-legal).
+2. Nested virtualization is generally unavailable on cloud-hosted CI/CD and therefore Docker-OSX doesn't run.
+3. You are almost always better off using your own macOS runners (on virtual or actual Mac hardware) rather than trying to make the square peg of Docker-OSX fit the round hole of macOS-specific CI/CD.
+
+You absolutely can install runners on the macOS VM itself (which does not get around the legal considerations mentioned above), but [Docker-OSX may not be the best approach](#why-docker).
+
+### ...run on Linux but with Wayland?
+
+Yes, but your Wayland server must support X11 connections (or you can [use VNC instead](README.md#building-a-headless-container-that-allows-insecure-vnc-on-localhost-for-local-use-only)).
+
+### ...run on Windows?
+
+Yes, as long as you have a new enough version of Windows 11 and have WSL2 set up. See [this section of the README](README.md#id-like-to-run-docker-osx-on-windows) for details. No, it will not work under Windows 10. Not even if you have WSL2 set up.
+
+### ...run on macOS?
+
+If you have a Mac with Apple Silicon you are better served by [UTM](https://apps.apple.com/us/app/utm-virtual-machines/id1538878817?mt=12).
+
+If you have an Intel Mac you can install and run docker (either [Docker Desktop](https://www.docker.com/products/docker-desktop/) or [colima](https://github.com/abiosoft/colima)). In either case, docker will be running under a Linux VM, which complicates things. You are likely to encounter one or more of the [common errors](#common-errors) below. Consider using qemu directly with HVF acceleration (e.g. with [libvirt](https://libvirt.org/macos.html)) instead.
+
+### ...run on cloud services?
+
+Cloud providers typically run their various services within virtual machines running on top of their actual hardware. These VMs typically are not set up to provide nested virtualization, which means KVM is unavailable so Docker-OSX will not work. This is _especially and specifically_ the case on CI/CD runners such as GitHub Actions, Azure DevOps Pipelines, CircleCI, GitLab CI/CD, etc. (however, see [running CI/CD](#run-cicd-processes-with-it)). Some cloud providers offer services that do allow virtualization, such as [Amazon's EC2 Bare Metal Instances](https://aws.amazon.com/about-aws/whats-new/2018/05/announcing-general-availability-of-amazon-ec2-bare-metal-instances/), but often at a significant premium.
+
+In short, probably not.
+
+## Common Errors
+
+### Docker Errors
+
+If you get an error like `docker: command not found` then you don't have docker installed and none of this works. Try [Docker Desktop](https://www.docker.com/products/docker-desktop/) on Windows or your distribution's normal package manager on Linux.
+
+If you get an error like `docker: Got permission denied while trying to connect to the Docker daemon` or `docker: unknown server OS: .` the mostly likely explanation is that your user isn't in the `docker` Unix group. You'll need to add yourself to the `docker` group, log out, and log back in.
+
+If you get an error like `Cannot connect to the Docker daemon at unix://var/run/docker.sock. Is the docker daemon running?` then `dockerd` isn't running. On most Linux distributions you should be able to start it with `sudo systemctl enable docker --now`.
+
+### GTK Initialization Failed
+
+This is an X11 error and means that the arguments to qemu are telling it to connect to an X11 display that it either can't connect to at all or doesn't have permission to connect to. In the latter case, this can usually be fixed by running `xhost +` on the host running the X11 server.
+
+In many cases, however, it is preferable to tell qemu to listen for a VNC connection instead of trying to connect to X11; see [this section of the README](README.md#building-a-headless-container-that-allows-insecure-vnc-on-localhost-for-local-use-only) for instructions.
+
+### KVM Error
+
+If you get an error like `error gathering device information while adding custom device "/dev/kvm": no such file or directory` that means KVM is not available/working on the Linux kernel on which you are running docker. This could be because you are attempting to run somewhere that doesn't support nested virtualization (see [above](#can-i-run-this-on)), or because your BIOS does not have virtualization extensions turned on, or because your CPU is too old to support virtualization extensions, or your Linux kernel does not have KVM support loaded/enabled. Fixing KVM issues is well beyond the scope of this document, but you can [start here](https://www.linux-kvm.org/page/FAQ).
+
+### ALSA Error
+
+You might get an error like this:
+```
+(qemu) ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
+ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
+ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
+ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
+ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
+alsa: Could not initialize DAC
+alsa: Failed to open `default':
+alsa: Reason: No such file or directory
+ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
+ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
+ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
+ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
+ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
+alsa: Could not initialize DAC
+alsa: Failed to open `default':
+alsa: Reason: No such file or directory
+audio: Failed to create voice `dac'
+ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
+ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
+ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
+ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
+ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
+alsa: Could not initialize ADC
+alsa: Failed to open `default':
+alsa: Reason: No such file or directory
+ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
+ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
+ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
+ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
+ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
+ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
+alsa: Could not initialize ADC
+alsa: Failed to open `default':
+alsa: Reason: No such file or directory
+audio: Failed to create voice `adc'
+```
+
+Docker-OSX defaults to telling qemu to use ALSA for audio output. Your host system may be using PulseAudio instead (see [PulseAudio](README.md#pulseaudio)), but you may not need audio output at all. You can pass `-e AUDIO_DRIVER="id=none,driver=none"` to disable audio output.
+
+### No Disk to Install On
+
+If you have launched the installer but don't see a disk to install macOS on, it probably means you skipped the step where you run Disk Utility to format the virtual disk. See the [README](README.md#additional-boot-instructions-for-when-you-are-creating-your-container).
+
+### Slow Installation
+
+This is not unique to virtual hardware. The macOS installation process gives apparently random and dependably incorrect time estimates, and can often appear to have completely frozen. Just be patient. It could take hours, maybe even more than a day.
+
+### Installer After Completing Install
+
+If you wind up in the installer again after you've installed macOS it means you booted from the installer disk instead of the disk you installed macOS on. Reboot and make sure you choose the correct disk to boot.
+
+## Next Steps
+
+Congratulations, you got a macOS VM up and running! Now what?
+
+# Fixing Apple ID Login Issues in macOS Virtual Machines
+
+## Problem Overview
+
+When running macOS in a virtual machine, you may encounter problems logging into Apple services including:
+- Apple ID
+- iMessage
+- iCloud
+- App Store
+
+This happens because Apple's services can detect that macOS is running in a virtual environment and block access. The solution is to apply a kernel patch that hides the VM presence from Apple's detection mechanism.
+
+NOTE as per forum post: Unfortunately, this would very possibly break qemu-guest-agent, which is necessary for the host getting VM status or taking hot snapshot while the VM is running. This is because qemu-guest-agent also checks the hv_vmm_present flag, but only works if it is true (=1).
+
+Use at your own risk. Hope it would help.
+
+## Solution: Kernel Patching
+
+This guide provides three methods to apply the necessary kernel patch. All methods implement the same fix originally described in [this forum post](https://forum.proxmox.com/threads/anyone-can-make-bluetooth-work-on-sonoma.153301/#post-697832).
+
+### Prerequisites
+
+Before proceeding with any method:
+- Make sure you can access your EFI partition
+- Locate your OpenCore `config.plist` file (typically in the `EFI/OC` folder)
+- Back up your current `config.plist` before making changes
+
+## Method 1: Using the Utility Script (Simplest Approach)
+
+This is the fastest and easiest way to apply the patch.
+
+1. Mount your EFI partition using Clover Configurator or another EFI mounting tool
+2. Download the patch script:
+   ```bash
+   curl -o apply_appleid_kernelpatch.py https://raw.githubusercontent.com/sickcodes/Docker-OSX/scripts/apply_appleid_kernelpatch.py
+   ```
+3. Run the script with your `config.plist` file path:
+   ```bash
+   python3 apply_appleid_kernelpatch.py /path/to/config.plist
+   ```
+
+**Pro Tip**: You can drag and drop the `config.plist` file into your terminal after typing `python3 apply_appleid_kernelpatch.py` for an easy path insertion.
+
+**Note**: If you encounter a "permission denied" error, run the command with `sudo`:
+```bash
+sudo python3 apply_appleid_kernelpatch.py /path/to/config.plist
+```
+
+## Method 2: Using OCAT (OpenCore Auxiliary Tools) GUI
+
+If you prefer a graphical approach:
+
+1. Open OCAT and load your `config.plist`
+2. Navigate to the **Kernel** section
+3. Go to the **Patch** subsection
+4. Add two new patch entries with the following details:
+
+### Patch 1
+| Setting | Value |
+|---------|-------|
+| **Identifier** | `kernel` |
+| **Base** | *(leave empty)* |
+| **Count** | `1` |
+| **Find (Hex)** | `68696265726E61746568696472656164790068696265726E617465636F756E7400` |
+| **Limit** | `0` |
+| **Mask** | *(leave empty)* |
+| **Replace (Hex)** | `68696265726E61746568696472656164790068765F766D6D5F70726573656E7400` |
+| **Skip** | `0` |
+| **Arch** | `x86_64` |
+| **MinKernel** | `20.4.0` |
+| **MaxKernel** | *(leave empty)* |
+| **Enabled** | `True` |
+| **Comment** | `Sonoma VM BT Enabler - PART 1 of 2 - Patch kern.hv_vmm_present=0` |
+
+### Patch 2
+| Setting | Value |
+|---------|-------|
+| **Identifier** | `kernel` |
+| **Base** | *(leave empty)* |
+| **Count** | `1` |
+| **Find (Hex)** | `626F6F742073657373696F6E20555549440068765F766D6D5F70726573656E7400` |
+| **Limit** | `0` |
+| **Mask** | *(leave empty)* |
+| **Replace (Hex)** | `626F6F742073657373696F6E20555549440068696265726E617465636F756E7400` |
+| **Skip** | `0` |
+| **Arch** | `x86_64` |
+| **MinKernel** | `22.0.0` |
+| **MaxKernel** | *(leave empty)* |
+| **Enabled** | `True` |
+| **Comment** | `Sonoma VM BT Enabler - PART 2 of 2 - Patch kern.hv_vmm_present=0` |
+
+5. Save the configuration
+6. Reboot your VM
+
+## Method 3: Direct `config.plist` Editing
+
+For users who prefer to manually edit the configuration file:
+
+1. Mount your EFI partition
+2. Locate and open your `config.plist` file in a text editor
+3. Find the `<key>Kernel</key>` → `<dict>` → `<key>Patch</key>` → `<array>` section
+4. Add these two `<dict>` entries within the `<array>`:
+
+```xml
+<dict>
+    <key>Arch</key>
+    <string>x86_64</string>
+    <key>Base</key>
+    <string></string>
+    <key>Comment</key>
+    <string>Sonoma VM BT Enabler - PART 1 of 2 - Patch kern.hv_vmm_present=0</string>
+    <key>Count</key>
+    <integer>1</integer>
+    <key>Enabled</key>
+    <true/>
+    <key>Find</key>
+    <data>aGliZXJuYXRlaGlkcmVhZHkAaGliZXJuYXRlY291bnQA</data>
+    <key>Identifier</key>
+    <string>kernel</string>
+    <key>Limit</key>
+    <integer>0</integer>
+    <key>Mask</key>
+    <data></data>
+    <key>MaxKernel</key>
+    <string></string>
+    <key>MinKernel</key>
+    <string>20.4.0</string>
+    <key>Replace</key>
+    <data>aGliZXJuYXRlaGlkcmVhZHkAaHZfdm1tX3ByZXNlbnQA</data>
+    <key>ReplaceMask</key>
+    <data></data>
+    <key>Skip</key>
+    <integer>0</integer>
+</dict>
+<dict>
+    <key>Arch</key>
+    <string>x86_64</string>
+    <key>Base</key>
+    <string></string>
+    <key>Comment</key>
+    <string>Sonoma VM BT Enabler - PART 2 of 2 - Patch kern.hv_vmm_present=0</string>
+    <key>Count</key>
+    <integer>1</integer>
+    <key>Enabled</key>
+    <true/>
+    <key>Find</key>
+    <data>Ym9vdCBzZXNzaW9uIFVVSUQAaHZfdm1tX3ByZXNlbnQA</data>
+    <key>Identifier</key>
+    <string>kernel</string>
+    <key>Limit</key>
+    <integer>0</integer>
+    <key>Mask</key>
+    <data></data>
+    <key>MaxKernel</key>
+    <string></string>
+    <key>MinKernel</key>
+    <string>22.0.0</string>
+    <key>Replace</key>
+    <data>Ym9vdCBzZXNzaW9uIFVVSUQAaGliZXJuYXRlY291bnQA</data>
+    <key>ReplaceMask</key>
+    <data></data>
+    <key>Skip</key>
+    <integer>0</integer>
+</dict>
+```
+
+5. Save the file
+6. Reboot your VM
+
+## Important Notes
+
+- The `MinKernel` values (`20.4.0` and `22.0.0`) may need adjustment depending on your specific macOS version (Monterey, Ventura, Sonoma, etc.)
+- If you encounter issues, consult the [OpenCore documentation](https://dortania.github.io/docs/) for appropriate values for your setup
+- Always back up your configuration before making changes
+- After applying the patch and rebooting, try signing into Apple services again
+
+## What This Patch Does
+
+This patch tricks macOS into believing it's running on physical hardware by redirecting the `hv_vmm_present` kernel variable, which normally indicates VM presence. After applying the patch, Apple services should function normally within your virtual environment.
+### Slow UI
+
+The macOS UI expects and relies on GPU acceleration, and there is (currently) no way to provide GPU acceleration in the virtual hardware. See [osx-optimizer](https://github.com/sickcodes/osx-optimizer) for macOS configuration to speed things up.
+
+### Extract the Virtual Disk
+
+With the container stopped, `sudo find /var/lib/docker -size +10G -name mac_hdd_ng.img` to find the disk image then copy it where you want it.
+
+### Disk Space
+
+Is your host machine's disk, specifically `/var` (because of `/var/lib/docker`), getting full? [Fix it](README.md#increase-disk-space-by-moving-varlibdocker-to-external-drive-block-storage-nfs-or-any-other-location-conceivable).
+
+### Increase RAM or CPUs/cores
+
+The `RAM`, `SMP`, and `CORES` options are all docker environment variables, which means it uses whatever you provide any time you start a container.
+

README.md

@@ -4,18 +4,18 @@
 
 Run Mac OS X in Docker with near-native performance! X11 Forwarding! iMessage security research! iPhone USB working! macOS in a Docker container!
 
+Conduct Security Research on macOS using both Linux & Windows!
+
 # Docker-OSX now has a Discord server & Telegram!
 
 The Discord is active on #docker-osx and anyone is welcome to come and ask questions, ideas, etc.
 
 <p align="center">
-    <a href="https://hub.docker.com/r/sickcodes/docker-osx"><img src="https://dockeri.co/image/sickcodes/docker-osx"/></a><a href="https://discord.gg/mx8pPw39Yg"><a href="https://discord.gg/mx8pPw39Yg" target="_blank"><img src="https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/discord-logo.svg"></a></a>
+    <a href="https://hub.docker.com/r/sickcodes/docker-osx"><img src="https://dockeri.co/image/sickcodes/docker-osx"/></a><a href="https://discord.gg/sickchat"><a href="https://discord.gg/sickchat" target="_blank"><img src="https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/discord-logo.svg"></a></a>
 </p>
 
 
-
-
-### Click to join the Discord server [https://discord.gg/mx8pPw39Yg](https://discord.gg/mx8pPw39Yg)
+### Click to join the Discord server [https://discord.gg/sickchat](https://discord.gg/sickchat)
 
 ### Click to join the Telegram server [https://t.me/sickcodeschat](https://t.me/sickcodeschat)
 
@@ -43,6 +43,8 @@ If you like this project, consider contributing here or upstream!
 
 Video setup tutorial is also available here: https://www.youtube.com/watch?v=wLezYl77Ll8
 
+**Windows users:** [click here to see the notes below](#id-like-to-run-docker-osx-on-windows)!
+
 <p align="center">
   <a href="https://www.youtube.com/watch?v=wLezYl77Ll8" target="_blank"><img src="https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/Youtube-Screenshot-Docker-OSX-Setup.png"></a>
 </p>
@@ -50,9 +52,11 @@ Video setup tutorial is also available here: https://www.youtube.com/watch?v=wLe
 First time here? try [initial setup](#initial-setup), otherwise try the instructions below to use either Catalina or Big Sur.
 
 ## Any questions, ideas, or just want to hang out?
-# [https://discord.gg/mx8pPw39Yg](https://discord.gg/mx8pPw39Yg)
+# [https://discord.gg/sickchat](https://discord.gg/sickchat)
 
-### Catalina [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+Release names and their version:
+
+### Catalina (10.15) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
 ```bash
 docker run -it \
@@ -60,11 +64,12 @@ docker run -it \
     -p 50922:10022 \
     -v /tmp/.X11-unix:/tmp/.X11-unix \
     -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e SHORTNAME=catalina \
     sickcodes/docker-osx:latest
 
 # docker build -t docker-osx .
 ```
-### Big Sur [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/big-sur?label=sickcodes%2Fdocker-osx%3Abig-sur](https://img.shields.io/docker/image-size/sickcodes/docker-osx/big-sur?label=sickcodes%2Fdocker-osx%3Abig-sur)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+### Big Sur (11) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
 ```bash
 docker run -it \
@@ -72,12 +77,13 @@ docker run -it \
     -p 50922:10022 \
     -v /tmp/.X11-unix:/tmp/.X11-unix \
     -e "DISPLAY=${DISPLAY:-:0.0}" \
-    sickcodes/docker-osx:big-sur
+    -e SHORTNAME=big-sur \
+    sickcodes/docker-osx:latest
 
-# docker build -t docker-osx -e VERSION='Big Sur' .
+# docker build -t docker-osx .
 ```
 
-### Monterey [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/monterey?label=sickcodes%2Fdocker-osx%3Amonterey](https://img.shields.io/docker/image-size/sickcodes/docker-osx/monterey?label=sickcodes%2Fdocker-osx%3Amonterey)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+### Monterey (12) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
 ```bash
 
@@ -88,12 +94,68 @@ docker run -it \
     -e "DISPLAY=${DISPLAY:-:0.0}" \
     -e GENERATE_UNIQUE=true \
     -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \
-    sickcodes/docker-osx:monterey
+    -e SHORTNAME=monterey \
+    sickcodes/docker-osx:latest
 
-# docker build -t docker-osx -f Dockerfile.monterey .
+# docker build -t docker-osx .
 ```
 
-#### Run Catalina Pre-Installed [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+### Ventura (13) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+```bash
+
+docker run -it \
+    --device /dev/kvm \
+    -p 50922:10022 \
+    -v /tmp/.X11-unix:/tmp/.X11-unix \
+    -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e GENERATE_UNIQUE=true \
+    -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \
+    -e SHORTNAME=ventura \
+    sickcodes/docker-osx:latest
+
+# docker build -t docker-osx .
+```
+
+### Sonoma (14) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+```bash
+
+docker run -it \
+    --device /dev/kvm \
+    -p 50922:10022 \
+    -v /tmp/.X11-unix:/tmp/.X11-unix \
+    -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e GENERATE_UNIQUE=true \
+    -e CPU='Haswell-noTSX' \
+    -e CPUID_FLAGS='kvm=on,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on' \
+    -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom-sonoma.plist' \
+    -e SHORTNAME=sonoma \
+    sickcodes/docker-osx:latest
+
+# docker build -t docker-osx .
+```
+
+### Sequoia (15) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+```bash
+
+docker run -it \
+    --device /dev/kvm \
+    -p 50922:10022 \
+    -v /tmp/.X11-unix:/tmp/.X11-unix \
+    -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e GENERATE_UNIQUE=true \
+    -e CPU='Haswell-noTSX' \
+    -e CPUID_FLAGS='kvm=on,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on' \
+    -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom-sonoma.plist' \
+    -e SHORTNAME=sequoia \
+    sickcodes/docker-osx:latest
+
+# docker build -t docker-osx .
+```
+
+<!-- #### Run Catalina Pre-Installed [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
 ```bash
 # 40GB disk space required: 20GB original image 20GB your container.
@@ -105,12 +167,47 @@ docker run -it \
     -p 50922:10022 \
     -v /tmp/.X11-unix:/tmp/.X11-unix \
     -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e GENERATE_UNIQUE=true \
     sickcodes/docker-osx:auto
 
 # username is user
-# passsword is alpine
+# password is alpine
+``` -->
+
+### Older Systems
+
+### High Sierra [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+```bash
+
+docker run -it \
+    --device /dev/kvm \
+    -p 50922:10022 \
+    -v /tmp/.X11-unix:/tmp/.X11-unix \
+    -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e SHORTNAME=high-sierra \
+    sickcodes/docker-osx:latest
+
+# docker build -t docker-osx .
 ```
 
+### Mojave [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+```bash
+
+docker run -it \
+    --device /dev/kvm \
+    -p 50922:10022 \
+    -v /tmp/.X11-unix:/tmp/.X11-unix \
+    -e "DISPLAY=${DISPLAY:-:0.0}" \
+    -e SHORTNAME=mojave \
+    sickcodes/docker-osx:latest
+
+# docker build -t docker-osx .
+```
+
+
+
 #### Download the image manually and use it in Docker 
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked?label=sickcodes%2Fdocker-osx%3Anaked](https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked?label=sickcodes%2Fdocker-osx%3Anaked)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
@@ -129,11 +226,12 @@ docker run -it \
     -e "DISPLAY=${DISPLAY:-:0.0}" \
     -e GENERATE_UNIQUE=true \
     -e MASTER_PLIST_URL=https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/custom/config-nopicker-custom.plist \
+    -e SHORTNAME=catalina \
     sickcodes/docker-osx:naked
 ```
 
 
-#### Use your own image and manually and automatically log into a shell
+<!-- #### Use your own image and manually and automatically log into a shell
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked-auto?label=sickcodes%2Fdocker-osx%3Anaked-auto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked-auto?label=sickcodes%2Fdocker-osx%3Anaked-auto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
@@ -143,29 +241,51 @@ Enable SSH in network sharing inside the guest first. Change `-e "USERNAME=user"
 Since you can't see the screen, use the PLIST with nopicker, for example:
 
 ```bash
-wget https://images2.sick.codes/mac_hdd_ng_auto.img
+# Catalina
+# wget https://images2.sick.codes/mac_hdd_ng_auto.img
+# Monterey
+wget https://images.sick.codes/mac_hdd_ng_auto_monterey.img
 
 docker run -it \
     --device /dev/kvm \
     -p 50922:10022 \
-    -v "${PWD}/mac_hdd_ng_auto.img:/image" \
+    -v "${PWD}/mac_hdd_ng_auto_monterey.img:/image" \
     -v /tmp/.X11-unix:/tmp/.X11-unix \
     -e "DISPLAY=${DISPLAY:-:0.0}" \
     -e "USERNAME=user" \
     -e "PASSWORD=alpine" \
     -e GENERATE_UNIQUE=true \
     -e MASTER_PLIST_URL=https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/custom/config-nopicker-custom.plist \
+    -e SHORTNAME=monterey \
     sickcodes/docker-osx:naked-auto
+``` -->
+
+# Share directories, sharing files, shared folder, mount folder
+The easiest and most secure way is `sshfs`
+```bash
+# on Linux/Windows
+mkdir ~/mnt/osx
+sshfs user@localhost: -p 50922 ~/mnt/osx
+# wait a few seconds, and ~/mnt/osx will have full rootfs mounted over ssh, and in userspace
+# automated: sshpass -p <password> sshfs user@localhost:/ -p 50922 ~/mnt/osx
 ```
 
+
 # (VFIO) iPhone USB passthrough (VFIO)
 
 If you have a laptop see the next usbfluxd section.
 
-If you have a desktop PC, you can use [@Silfalion](https://github.com/Silfalion)'s instructions : [https://github.com/Silfalion/Iphone_docker_osx_passthrough](https://github.com/Silfalion/Iphone_docker_osx_passthrough)
+If you have a desktop PC, you can use [@Silfalion](https://github.com/Silfalion)'s instructions: [https://github.com/Silfalion/Iphone_docker_osx_passthrough](https://github.com/Silfalion/Iphone_docker_osx_passthrough)
 
 # (USBFLUXD) iPhone USB -> Network style passthrough OSX-KVM Docker-OSX
 
+Video setup tutorial for usbfluxd is also available here: https://www.youtube.com/watch?v=kTk5fGjK_PM
+
+<p align="center">
+  <a href="https://www.youtube.com/watch?v=kTk5fGjK_PM" target="_blank"><img alt="iPhone USB passthrough on macOS virtual machine Linux & Windows" src="https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/Youtube-USBFLUXD-Screenshot-Docker-OSX.png"></a>
+</p>
+
+
 This method WORKS on laptop, PC, anything!
 
 Thank you [@nikias](https://github.com/nikias) for [usbfluxd](https://github.com/corellium/usbfluxd) via [https://github.com/corellium](https://github.com/corellium)!
@@ -227,6 +347,8 @@ sudo make install
 
 Accept the USB over TCP connection, and appear as local:
 
+(you may need to change `172.17.0.1` to the IP address of the host. e.g. check `ip addr`)
+
 ```bash
 # on the guest
 sudo launchctl start usbmuxd
@@ -252,33 +374,85 @@ SEE commands in [https://github.com/sickcodes/osx-optimizer](https://github.com/
 - Disable heavy login screen wallpaper
 - Disable updates (at your own risk!)
 
+## Increase disk space by moving /var/lib/docker to external drive, block storage, NFS, or any other location conceivable.
+
+Move /var/lib/docker, following the tutorial below
+
+- Cheap large physical disk storage instead using your server's disk, or SSD.
+- Block Storage, NFS, etc.
+
+Tutorial here: https://sick.codes/how-to-run-docker-from-block-storage/
+
+Only follow the above tutorial if you are happy with wiping all your current Docker images/layers.
+
+Safe mode: Disable docker temporarily so you can move the Docker folder temporarily.
+
+- Do NOT do this until you have moved your image out already [https://github.com/dulatello08/Docker-OSX/#quick-start-your-own-image-naked-container-image](https://github.com/dulatello08/Docker-OSX/#quick-start-your-own-image-naked-container-image)
+
+```bash
+killall dockerd
+systemctl disable --now docker
+systemctl disable --now docker.socket
+systemctl stop docker
+systemctl stop docker.socket
+```
+Now, that Docker daemon is off, move /var/lib/docker somewhere
+
+Then, symbolicly link /var/lib/docker somewhere:
+
+```bash
+mv /var/lib/docker /run/media/user/some_drive/docker
+ln -s /run/media/user/some_drive/docker /var/lib/docker
+
+# now check if /var/lib/docker is working still
+ls /var/lib/docker
+```
+If you see folders, then it worked. You can restart Docker, or just reboot if you want to be sure.
+
 ## Important notices:
 
-**2021-09-09** - Bootdisks at runtime required for Monterey!
+**2021-11-14** - Added High Sierra, Mojave
 
-Pick one of these:
+Pick one of these while **building**, irrelevant when using docker pull:
 ```
-    -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \
-
-    -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-nopicker-custom.plist' \
+--build-arg SHORTNAME=high-sierra 
+--build-arg SHORTNAME=mojave
+--build-arg SHORTNAME=catalina
+--build-arg SHORTNAME=big-sur
+--build-arg SHORTNAME=monterey
+--build-arg SHORTNAME=ventura
+--build-arg SHORTNAME=sonoma
 ```
 
 
 ## Technical details
 
-There currently five images, each with different use cases (explained [below](#container-images)):
+There are currently multiple images, each with different use cases (explained [below](#container-images)):
 
-- Catalina
-- Big Sur
+- High Sierra (10.13)
+- Mojave (10.14)
+- Catalina (10.15)
+- Big Sur (11)
+- Monterey (12)
+- Ventura (13)
+- Sonoma (14)
 - Auto (pre-made Catalina)
 - Naked (use your own .img)
 - Naked-Auto (user your own .img and SSH in)
 
-Catalina make your own image:
+High Sierra:
+
+[![https://img.shields.io/docker/image-size/sickcodes/docker-osx/high-sierra?label=sickcodes%2Fdocker-osx%3Ahigh-sierra](https://img.shields.io/docker/image-size/sickcodes/docker-osx/high-sierra?label=sickcodes%2Fdocker-osx%3Ahigh-sierra)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+Mojave:
+
+[![https://img.shields.io/docker/image-size/sickcodes/docker-osx/mojave?label=sickcodes%2Fdocker-osx%3Amojave](https://img.shields.io/docker/image-size/sickcodes/docker-osx/mojave?label=sickcodes%2Fdocker-osx%3Amojave)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+Catalina:
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest](https://img.shields.io/docker/image-size/sickcodes/docker-osx/latest?label=sickcodes%2Fdocker-osx%3Alatest)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
-Big-Sur make your own image:
+Big-Sur:
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/big-sur?label=sickcodes%2Fdocker-osx%3Abig-sur](https://img.shields.io/docker/image-size/sickcodes/docker-osx/big-sur?label=sickcodes%2Fdocker-osx%3Abig-sur)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
@@ -286,25 +460,34 @@ Monterey make your own image:
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/monterey?label=sickcodes%2Fdocker-osx%3Amonterey](https://img.shields.io/docker/image-size/sickcodes/docker-osx/monterey?label=sickcodes%2Fdocker-osx%3Amonterey)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
-Pre-made system by [Sick.Codes](https://sick.codes): username: `user`, password: `alpine`
+Ventura make your own image:
+
+[![https://img.shields.io/docker/image-size/sickcodes/docker-osx/ventura?label=sickcodes%2Fdocker-osx%3Aventura](https://img.shields.io/docker/image-size/sickcodes/docker-osx/ventura?label=sickcodes%2Fdocker-osx%3Aventura)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+Sonoma make your own image:
+
+[![https://img.shields.io/docker/image-size/sickcodes/docker-osx/sonoma?label=sickcodes%2Fdocker-osx%3Asonoma](https://img.shields.io/docker/image-size/sickcodes/docker-osx/sonoma?label=sickcodes%2Fdocker-osx%3Asonoma)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
+
+Pre-made **Catalina** system by [Sick.Codes](https://sick.codes): username: `user`, password: `alpine`
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
-Bring-your-own-image setup (use any of the above first):
+Naked: Bring-your-own-image setup (use any of the above first):
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked?label=sickcodes%2Fdocker-osx%3Anaked](https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked?label=sickcodes%2Fdocker-osx%3Anaked)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
-Same as above but with `-e USERNAME` & `-e PASSWORD` and `-e OSX_COMMANDS="put your commands here"`
+Naked Auto: same as above but with `-e USERNAME` & `-e PASSWORD` and `-e OSX_COMMANDS="put your commands here"`
 
 [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked-auto?label=sickcodes%2Fdocker-osx%3Anaked-auto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/naked-auto?label=sickcodes%2Fdocker-osx%3Anaked-auto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated)
 
 ## Capabilities
-- use iPhone OSX KVM on Linux using usbfluxd!
-- macOS Monterey!
-- Folder sharing
+- use iPhone OSX KVM on Linux using [usbfluxd](https://github.com/corellium/usbfluxd)!
+- macOS Monterey VM on Linux!
+- Folder sharing-
+- USB passthrough (hotplug too)
 - SSH enabled (`localhost:50922`)
 - VNC enabled (`localhost:8888`) if using ./vnc version
-- [serial number generator!](https://github.com/sickcodes/osx-serial-generator)
+- iMessage security research via [serial number generator!](https://github.com/sickcodes/osx-serial-generator)
 - X11 forwarding is enabled
 - runs on top of QEMU + KVM
 - supports Big Sur, custom images, Xvfb headless mode
@@ -312,9 +495,9 @@ Same as above but with `-e USERNAME` & `-e PASSWORD` and `-e OSX_COMMANDS="put y
 
 ### Requirements
 
-- 20GB disk space for bare minimum installation
+- 20GB+++ disk space for bare minimum installation (50GB if using Xcode)
 - virtualization should be enabled in your BIOS settings
-- a kvm-capable host
+- a x86_64 kvm-capable host
 - at least 50 GBs for `:auto` (half for the base image, half for your runtime image
 
 ### TODO
@@ -365,7 +548,7 @@ In case you're interested, contact [@sickcodes on Twitter](https://twitter.com/s
 
 ## License/Contributing
 
-Docker-OSX is licensed under the [GPL v3+](LICENSE). Contributions are welcomed and immensely appreciated. You are in-fact permitted to use Docker-OSX as a tool to create proprietary software.
+Docker-OSX is licensed under the [GPL v3+](LICENSE). Contributions are welcomed and immensely appreciated. You are in fact permitted to use Docker-OSX as a tool to create proprietary software.
 
 ### Other cool Docker/QEMU based projects
 - [Run Android in a Docker Container with Dock Droid](https://github.com/sickcodes/dock-droid)
@@ -385,7 +568,7 @@ Product names, logos, brands and other trademarks referred to within this projec
 
 ### Already set up or just looking to make a container quickly? Check out our [quick start](#quick-start-docker-osx) or see a bunch more use cases under our [container creation examples](#container-creation-examples) section.
 
-There are several different Docker-OSX images available which are suitable for different purposes.
+There are several different Docker-OSX images available that are suitable for different purposes.
 
 - `sickcodes/docker-osx:latest` - [I just want to try it out.](#quick-start-docker-osx)
 - `sickcodes/docker-osx:latest` - [I want to use Docker-OSX to develop/secure apps in Xcode (sign into Xcode, Transporter)](#quick-start-your-own-image-naked-container-image)
@@ -397,6 +580,11 @@ Create your personal image using `:latest` or `big-sur`. Then, pull the image ou
 - `sickcodes/docker-osx:naked` - [I need iMessage/iCloud for security research.](#generating-serial-numbers)
 - `sickcodes/docker-osx:big-sur` - [I want to run Big Sur.](#quick-start-docker-osx)
 - `sickcodes/docker-osx:monterey` - [I want to run Monterey.](#quick-start-docker-osx)
+- `sickcodes/docker-osx:ventura` - [I want to run Ventura.](#quick-start-docker-osx)
+- `sickcodes/docker-osx:sonoma` - [I want to run Sonoma.](#quick-start-docker-osx)
+
+- `sickcodes/docker-osx:high-sierra` - I want to run High Sierra.
+- `sickcodes/docker-osx:mojave` - I want to run Mojave.
 
 ## Initial setup
 Before you do anything else, you will need to turn on hardware virtualization in your BIOS. Precisely how will depend on your particular machine (and BIOS), but it should be straightforward.
@@ -425,9 +613,75 @@ echo 1 | sudo tee /sys/module/kvm/parameters/ignore_msrs
 sudo modprobe kvm
 ```
 
+### I'd like to run Docker-OSX on Windows
+
+Running Docker-OSX on Windows is possible using WSL2 (Windows 11 + Windows Subsystem for Linux).
+
+You must have Windows 11 installed with build 22000+ (21H2 or higher).
+
+First, install WSL on your computer by running this command in an administrator powershell. For more info, look [here](https://docs.microsoft.com/en-us/windows/wsl/install).
+
+This will install Ubuntu by default.
+```
+wsl --install
+```
+
+ You can confirm WSL2 is enabled using `wsl -l -v` in PowerShell. To see other distributions that are available, use `wsl -l -o`.
+
+If you have previously installed WSL1, upgrade to WSL 2. Check [this link to upgrade from WSL1 to WSL2](https://docs.microsoft.com/en-us/windows/wsl/install#upgrade-version-from-wsl-1-to-wsl-2).
+
+After WSL installation, go to `C:/Users/<Your_Name>/.wslconfig` and add `nestedVirtualization=true` to the end of the file (If the file doesn't exist, create it). For more information about the `.wslconfig` file check [this link](https://docs.microsoft.com/en-us/windows/wsl/wsl-config#wslconfig). Verify that you have selected "Show Hidden Files" and "Show File Extensions" in File Explorer options.
+The result should be like this:
+```
+[wsl2]
+nestedVirtualization=true
+```
+
+Go into your WSL distro (Run `wsl` in powershell) and check if KVM is enabled by using the `kvm-ok` command. The output should look like this:
+
+```
+INFO: /dev/kvm exists
+KVM acceleration can be used
+```
+
+Use the command `sudo apt -y install bridge-utils cpu-checker libvirt-clients libvirt-daemon qemu qemu-kvm` to install it if it isn't.
+
+Now download and install [Docker for Windows](https://docs.docker.com/desktop/windows/install/) if it is not already installed.
+
+After installation, go into Settings and check these 2 boxes:
+
+```
+General -> "Use the WSL2 based engine";
+Resources -> WSL Integration -> "Enable integration with my default WSL distro", 
+```
+
+Ensure `x11-apps` is installed. Use the command `sudo apt install x11-apps -y` to install it if it isn't.
+
+Finally, there are 3 ways to get video output:
+
+- WSLg: This is the simplest and easiest option to use. There may be some issues such as the keyboard not being fully passed through or seeing a second mouse on the desktop - [Issue on WSLg](https://github.com/microsoft/wslg/issues/376) - but this option is recommended.
+
+To use WSLg's built-in X-11 server, change these two lines in the docker run command to point Docker-OSX to WSLg.
+
+```
+-e "DISPLAY=${DISPLAY:-:0.0}" \
+-v /mnt/wslg/.X11-unix:/tmp/.X11-unix \
+```
+Or try:
+
+```
+-e "DISPLAY=${DISPLAY:-:0}" \
+-v /mnt/wslg/.X11-unix:/tmp/.X11-unix \
+```
+
+For Ubuntu 20.x on Windows, see [https://github.com/sickcodes/Docker-OSX/discussions/458](https://github.com/sickcodes/Docker-OSX/discussions/458)
+
+- VNC: See the [VNC section](#building-a-headless-container-which-allows-insecure-vnc-on-localhost-for-local-use-only) for more information. You could also add -vnc argument to qemu. Connect to your mac VM via a VNC Client. [Here is a how to](https://wiki.archlinux.org/title/QEMU#VNC)
+- Desktop Environment: This will give you a full desktop linux experience but it will use a bit more of the computer's resources. Here is an example guide, but there are other guides that help set up a desktop environment. [DE Example](https://www.makeuseof.com/tag/linux-desktop-windows-subsystem/)
+
 ## Additional boot instructions for when you are [creating your container](#container-creation-examples)
 
-- Boot the macOS Base System
+- Boot the macOS Base System (Press Enter)
 
 - Click `Disk Utility`
 
@@ -438,6 +692,8 @@ sudo modprobe kvm
 
 - Click `Reinstall macOS`
 
+- The system may require multiple reboots during installation
+
 ## Troubleshooting
 
 ### Routine checks
@@ -480,15 +736,19 @@ Or
 
 #### Use more CPU Cores/SMP
 
-This will use all available cores; adjust accordingly to the day of the week:
+Examples:
 
-```
-    -e CPU_STRING=$(nproc) \
-```
+`-e EXTRA='-smp 6,sockets=3,cores=2'`
 
-This will use `-smp $(nproc)`
+`-e EXTRA='-smp 8,sockets=4,cores=2'`
 
-#### Confirm your user is part of the the Docker group, KVM group, libvirt group
+`-e EXTRA='-smp 16,sockets=8,cores=2'`
+
+Note, unlike memory, CPU usage is shared. so you can allocate all of your CPU's to the container.
+
+### Confirm your user is part of the Docker group, KVM group, libvirt group
+
+#### Add yourself to the Docker group
 
 If you use `sudo dockerd` or dockerd is controlled by systemd/systemctl, then you must be in the Docker group.
 If you are not in the Docker group:
@@ -508,17 +768,17 @@ See also: [initial setup](#initial-setup).
 #### Is the docker daemon enabled?
 
 ```bash
+# run ad hoc
+sudo dockerd
+
+# or daemonize it
+sudo nohup dockerd &
+
 # enable it in systemd (it will persist across reboots this way)
 sudo systemctl enable --now docker
 
 # or just start it as your user with systemd instead of enabling it
 systemctl start docker
-
-# or run ad hoc
-sudo dockerd
-
-# or daemonize it
-sudo nohup dockerd &
 ```
 
 ## More Questions and Answers
@@ -651,6 +911,17 @@ docker run \
     sickcodes/docker-osx pactl list
 ```
 
+#### PulseAudio with WSLg
+
+```bash
+docker run \
+    --device /dev/kvm \
+    -e AUDIO_DRIVER=pa,server=unix:/tmp/pulseaudio.socket \
+    -v /mnt/wslg/runtime-dir/pulse/native:/tmp/pulseaudio.socket \
+    -v /mnt/wslg/.X11-unix:/tmp/.X11-unix \
+    sickcodes/docker-osx
+```
+
 ### Forward additional ports (nginx hosting example)
 
 It's possible to forward additional ports depending on your needs. In this example, we'll use Mac OSX to host nginx:
@@ -763,7 +1034,37 @@ docker run -it \
 # sudo -S mount_9p hostshare
 
 ```
+### Share Linux NFS Drive into macOS
 
+To share a folder using NFS, setup a folder for on the host machine, for example, `/srv/nfs/share` and then append to `/etc/exports`:
+```bash
+/srv/nfs/share      127.0.0.1/0(insecure,rw,all_squash,anonuid=1000,anongid=985,no_subtree_check)
+```
+
+You may need to reload exports now, which will begin sharing that directory.
+
+```bash
+# reload shared folders
+sudo exportfs -arv
+```
+
+[Source & Explanation](https://serverfault.com/questions/716350/mount-nfs-volume-on-ubuntu-linux-server-from-macos-client)
+
+Give permissions on the shared folder for the `anonuid` and `anongid`, where `anonuid` and `anongid` matches that of your linux user; `id -u`
+
+`id -u ; id -g` will print `userid:groupid`
+```
+chown 1000:985 /srv/nfs/share
+chmod u+rwx /srv/nfs/share
+```
+
+Start the Docker-OSX container with the additional flag `--network host`
+
+Create and mount the nfs folder from the mac terminal:
+```
+mkdir -p ~/mnt
+sudo mount_nfs -o locallocks 10.0.2.2:/srv/nfs/share ~/mnt
+```
 
 ### Share USB Drive into macOS over QEMU
 
@@ -797,7 +1098,7 @@ IP_ADDRESS=172.17.0.1
 
 ### Fedora: enable internet connectivity with a bridged network
 
-Fedora's default firewall settings may prevent Docker's network interface from reaching the internet. In order to reoslve this, you will need to whitelist the interface in your firewall:
+Fedora's default firewall settings may prevent Docker's network interface from reaching the internet. In order to resolve this, you will need to whitelist the interface in your firewall:
 
 ```bash
 # Set the docker0 bridge to the trusted zone
@@ -882,7 +1183,7 @@ docker build -t docker-osx:latest \
     --build-arg RANKMIRRORS=true \
     --build-arg MIRROR_COUNTRY=US \
     --build-arg MIRROR_COUNT=10 \
-    --build-arg VERSION=10.15.6 \
+    --build-arg SHORTNAME=catalina \
     --build-arg SIZE=200G .
 ```
 
@@ -1094,18 +1395,6 @@ Or tell the container to use specific ones using `-e GENERATE_SPECIFIC=true`
     -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \
 ```
 
-### I'd like to run Docker-OSX on Windows
-
-Running Docker-OSX on windows is possible just in WSL2 (Windows, Ubuntu).
-
-Ensure KVM is enabled and `x11-apps` is installed.
-
-to void troubles related to docker daemons on WLS 2, use Docker on Windows, and extern it to your distro.
-See Docker Docs for the complete detail setup [here](https://docs.docker.com/docker-for-windows/wsl/)
-
-See more in-depth discussion [here](https://github.com/sickcodes/Docker-OSX/issues/17) and [here](https://github.com/sickcodes/Docker-OSX/issues/60).
-
-
 ### Changing display resolution
 
 The display resolution is controlled by this line:
@@ -1171,7 +1460,7 @@ docker run -it \
     sickcodes/docker-osx:latest
 ```
 
-Here's a few other resolutions! If you resolution is invalid, it will default to 800x600.
+Here's a few other resolutions! If your resolution is invalid, it will default to 800x600.
 
 ```
     -e WIDTH=800 \
@@ -1349,7 +1638,7 @@ Important Note: this will cause the host system to lose access to the USB device
 
 This is my favourite container. You can supply an existing disk image as a Docker command line argument.
 
-- Pull images out using `sudo find /var/lib/docker -size +10G | grep mac_hdd_ng.img`
+- Pull images out using `sudo find /var/lib/docker -name mac_hdd_ng.img -size +10G`
 
 - Supply your own local image with the command argument `-v "${PWD}/mac_hdd_ng.img:/image"` and use `sickcodes/docker-osx:naked` when instructing Docker to create your container.
 
@@ -1460,7 +1749,7 @@ docker run -it \
     sickcodes/docker-osx:naked
 ```
 
-### Building a headless container which allows insecure VNC on localhost (!for local use only!)
+### Building a headless container that allows insecure VNC on localhost (!for local use only!)
 
 **Must change -it to -i to be able to interact with the QEMU console**
 
@@ -1505,7 +1794,7 @@ You also need the container IP: `docker inspect <containerid> | jq -r '.[0].Netw
 
 Or `ip n` will usually show the container IP first.
 
-Now VNC connect using the Docker container IP, for example `172.17.0.2:5999`
+Now VNC connects using the Docker container IP, for example `172.17.0.2:5999`
 
 Remote VNC over SSH: `ssh -N root@1.1.1.1 -L  5999:172.17.0.2:5999`, where `1.1.1.1` is your remote server IP and `172.17.0.2` is your LAN container IP.
 
@@ -1557,7 +1846,7 @@ docker run -it \
     sickcodes/docker-osx:auto
 
 # username is user
-# passsword is alpine
+# password is alpine
 # Wait 2-3 minutes until you drop into the shell.
 ```
 
@@ -1665,4 +1954,3 @@ You may when initialising or booting into a container see errors from the `(qemu
 `ALSA lib blahblahblah: (function name) returned error: no such file or directory`. These are more or less expected. As long as you are able to boot into the container and everything is working, no reason to worry about these.
 
 See also: [here](https://github.com/sickcodes/Docker-OSX/issues/174).
-

custom/config-legacy.plist

@@ -0,0 +1,883 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>ACPI</key>
+	<dict>
+		<key>Add</key>
+		<array>
+			<dict>
+				<key>Comment</key>
+				<string>add DTGP method</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-DTGP.aml</string>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>Fake EC and USBX Power</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-EC.aml</string>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>USB 2.0 Injection</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-EHCI.aml</string>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>CPU AGPM Plugin=1</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-PLUG.aml</string>
+			</dict>
+		</array>
+		<key>Delete</key>
+		<array>
+			<dict>
+				<key>All</key>
+				<false/>
+				<key>Comment</key>
+				<string>Delete CpuPm</string>
+				<key>Enabled</key>
+				<false/>
+				<key>OemTableId</key>
+				<data>Q3B1UG0AAAA=</data>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data>U1NEVA==</data>
+			</dict>
+			<dict>
+				<key>All</key>
+				<false/>
+				<key>Comment</key>
+				<string>Delete Cpu0Ist</string>
+				<key>Enabled</key>
+				<false/>
+				<key>OemTableId</key>
+				<data>Q3B1MElzdAA=</data>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data>U1NEVA==</data>
+			</dict>
+		</array>
+		<key>Patch</key>
+		<array>
+			<dict>
+				<key>Comment</key>
+				<string>_Q11 to XQ11</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<false/>
+				<key>Find</key>
+				<data>X1ExMQ==</data>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data></data>
+				<key>OemTableId</key>
+				<data></data>
+				<key>Replace</key>
+				<data>WFExMQ==</data>
+				<key>ReplaceMask</key>
+				<data></data>
+				<key>Skip</key>
+				<integer>0</integer>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data></data>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>_Q12 to XQ12</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<false/>
+				<key>Find</key>
+				<data>X1ExMg==</data>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data></data>
+				<key>OemTableId</key>
+				<data></data>
+				<key>Replace</key>
+				<data>WFExMg==</data>
+				<key>ReplaceMask</key>
+				<data></data>
+				<key>Skip</key>
+				<integer>0</integer>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data></data>
+			</dict>
+		</array>
+		<key>Quirks</key>
+		<dict>
+			<key>FadtEnableReset</key>
+			<false/>
+			<key>NormalizeHeaders</key>
+			<false/>
+			<key>RebaseRegions</key>
+			<false/>
+			<key>ResetHwSig</key>
+			<false/>
+			<key>ResetLogoStatus</key>
+			<false/>
+		</dict>
+	</dict>
+	<key>Booter</key>
+	<dict>
+		<key>MmioWhitelist</key>
+		<array/>
+		<key>Quirks</key>
+		<dict>
+			<key>AvoidRuntimeDefrag</key>
+			<true/>
+			<key>DevirtualiseMmio</key>
+			<false/>
+			<key>DisableSingleUser</key>
+			<false/>
+			<key>DisableVariableWrite</key>
+			<false/>
+			<key>DiscardHibernateMap</key>
+			<false/>
+			<key>EnableSafeModeSlide</key>
+			<true/>
+			<key>EnableWriteUnprotector</key>
+			<true/>
+			<key>ForceExitBootServices</key>
+			<false/>
+			<key>ProtectMemoryRegions</key>
+			<false/>
+			<key>ProtectSecureBoot</key>
+			<false/>
+			<key>ProtectUefiServices</key>
+			<false/>
+			<key>ProvideCustomSlide</key>
+			<true/>
+			<key>ProvideMaxSlide</key>
+			<integer>0</integer>
+			<key>RebuildAppleMemoryMap</key>
+			<false/>
+			<key>SetupVirtualMap</key>
+			<false/>
+			<key>SignalAppleOS</key>
+			<false/>
+			<key>SyncRuntimePermissions</key>
+			<false/>
+		</dict>
+	</dict>
+	<key>DeviceProperties</key>
+	<dict>
+		<key>Add</key>
+		<dict>
+			<key>PciRoot(0x1)/Pci(0x1F,0x0)</key>
+			<dict>
+				<key>compatible</key>
+				<string>pci8086,2916</string>
+				<key>device-id</key>
+				<data>
+				FikA
+				</data>
+				<key>name</key>
+				<string>pci8086,2916</string>
+			</dict>
+		</dict>
+		<key>Delete</key>
+		<dict>
+			<key>PciRoot(0x0)/Pci(0x1b,0x0)</key>
+			<array>
+				<string>MaximumBootBeepVolume</string>
+			</array>
+		</dict>
+	</dict>
+	<key>Kernel</key>
+	<dict>
+		<key>Add</key>
+		<array>
+			<dict>
+				<key>Arch</key>
+				<string>Any</string>
+				<key>BundlePath</key>
+				<string>VoodooHDA.kext</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/VoodooHDA</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>Lilu.kext</string>
+				<key>Comment</key>
+				<string>Patch engine</string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/Lilu</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>12.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>VirtualSMC.kext</string>
+				<key>Comment</key>
+				<string>SMC emulator</string>
+				<key>Enabled</key>
+				<false/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/VirtualSMC</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>12.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>WhateverGreen.kext</string>
+				<key>Comment</key>
+				<string>Video patches</string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/WhateverGreen</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>12.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>BundlePath</key>
+				<string>AGPMInjector.kext</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string></string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>BundlePath</key>
+				<string>USBPorts.kext</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string></string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>MCEReporterDisabler.kext</string>
+				<key>Comment</key>
+				<string>AppleMCEReporter disabler</string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string></string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>19.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+		</array>
+		<key>Block</key>
+		<array>
+			<dict>
+				<key>Arch</key>
+				<string>Any</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<false/>
+				<key>Identifier</key>
+				<string>com.apple.driver.AppleTyMCEDriver</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+			</dict>
+		</array>
+		<key>Emulate</key>
+		<dict>
+			<key>Cpuid1Data</key>
+			<data>
+			VAYFAAAAAAAAAAAAAAAAAA==
+			</data>
+			<key>Cpuid1Mask</key>
+			<data>
+			////AAAAAAAAAAAAAAAAAA==
+			</data>
+		</dict>
+		<key>Force</key>
+		<array>
+			<dict>
+				<key>Arch</key>
+				<string>Any</string>
+				<key>BundlePath</key>
+				<string>System/Library/Extensions/IONetworkingFamily.kext</string>
+				<key>Comment</key>
+				<string>Patch engine</string>
+				<key>Enabled</key>
+				<false/>
+				<key>Identifier</key>
+				<string>com.apple.iokit.IONetworkingFamily</string>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/IONetworkingFamily</string>
+				<key>MaxKernel</key>
+				<string>13.99.99</string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+		</array>
+		<key>Patch</key>
+		<array>
+			<dict>
+				<key>Base</key>
+				<string>_cpu_topology_sort</string>
+				<key>Comment</key>
+				<string>algrey - cpu_topology_sort -disable _x86_validate_topology</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<true/>
+				<key>Find</key>
+				<data>
+				6AAA//8=
+				</data>
+				<key>Identifier</key>
+				<string>kernel</string>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data>
+				/wAA//8=
+				</data>
+				<key>MaxKernel</key>
+				<string>20.99.99</string>
+				<key>MinKernel</key>
+				<string>17.0.0</string>
+				<key>Replace</key>
+				<data>
+				Dx9EAAA=
+				</data>
+				<key>ReplaceMask</key>
+				<data>
+				</data>
+				<key>Skip</key>
+				<integer>0</integer>
+			</dict>
+			<dict>
+				<key>Base</key>
+				<string></string>
+				<key>Comment</key>
+				<string>algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<true/>
+				<key>Find</key>
+				<data>
+				MduAPQAAAAAGdQA=
+				</data>
+				<key>Identifier</key>
+				<string>kernel</string>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data>
+				/////wAAAP///wA=
+				</data>
+				<key>MaxKernel</key>
+				<string>20.99.99</string>
+				<key>MinKernel</key>
+				<string>17.0.0</string>
+				<key>Replace</key>
+				<data>
+				u7xP6njpXQAAAJA=
+				</data>
+				<key>ReplaceMask</key>
+				<data>
+				</data>
+				<key>Skip</key>
+				<integer>0</integer>
+			</dict>
+		</array>
+		<key>Quirks</key>
+		<dict>
+			<key>AppleCpuPmCfgLock</key>
+			<false/>
+			<key>AppleXcpmCfgLock</key>
+			<false/>
+			<key>AppleXcpmExtraMsrs</key>
+			<false/>
+			<key>AppleXcpmForceBoost</key>
+			<false/>
+			<key>CustomSMBIOSGuid</key>
+			<false/>
+			<key>DisableIoMapper</key>
+			<false/>
+			<key>DisableLinkeditJettison</key>
+			<true/>
+			<key>DisableRtcChecksum</key>
+			<false/>
+			<key>DummyPowerManagement</key>
+			<true/>
+			<key>ExternalDiskIcons</key>
+			<false/>
+			<key>IncreasePciBarSize</key>
+			<false/>
+			<key>LapicKernelPanic</key>
+			<false/>
+			<key>PanicNoKextDump</key>
+			<false/>
+			<key>PowerTimeoutKernelPanic</key>
+			<false/>
+			<key>ThirdPartyDrives</key>
+			<false/>
+			<key>XhciPortLimit</key>
+			<false/>
+		</dict>
+		<key>Scheme</key>
+		<dict>
+			<key>FuzzyMatch</key>
+			<true/>
+			<key>KernelArch</key>
+			<string>x86_64</string>
+			<key>KernelCache</key>
+			<string>Auto</string>
+		</dict>
+	</dict>
+	<key>Misc</key>
+	<dict>
+		<key>BlessOverride</key>
+		<array/>
+		<key>Boot</key>
+		<dict>
+			<key>ConsoleAttributes</key>
+			<integer>0</integer>
+			<key>HibernateMode</key>
+			<string>Auto</string>
+			<key>HideAuxiliary</key>
+			<false/>
+			<key>PickerAttributes</key>
+			<integer>1</integer>
+			<key>PickerAudioAssist</key>
+			<false/>
+			<key>PickerMode</key>
+			<string>External</string>
+			<key>PollAppleHotKeys</key>
+			<true/>
+			<key>ShowPicker</key>
+			<true/>
+			<key>TakeoffDelay</key>
+			<integer>0</integer>
+			<key>Timeout</key>
+			<integer>0</integer>
+		</dict>
+		<key>Debug</key>
+		<dict>
+			<key>AppleDebug</key>
+			<false/>
+			<key>ApplePanic</key>
+			<false/>
+			<key>DisableWatchDog</key>
+			<false/>
+			<key>DisplayDelay</key>
+			<integer>0</integer>
+			<key>DisplayLevel</key>
+			<integer>2147483650</integer>
+			<key>SerialInit</key>
+			<false/>
+			<key>SysReport</key>
+			<false/>
+			<key>Target</key>
+			<integer>3</integer>
+		</dict>
+		<key>Entries</key>
+		<array/>
+		<key>Security</key>
+		<dict>
+			<key>AllowNvramReset</key>
+			<true/>
+			<key>AllowSetDefault</key>
+			<false/>
+			<key>ApECID</key>
+			<integer>0</integer>
+			<key>AuthRestart</key>
+			<false/>
+			<key>BootProtect</key>
+			<string>None</string>
+			<key>DmgLoading</key>
+			<string>Signed</string>
+			<key>EnablePassword</key>
+			<false/>
+			<key>ExposeSensitiveData</key>
+			<integer>6</integer>
+			<key>HaltLevel</key>
+			<integer>2147483648</integer>
+			<key>PasswordHash</key>
+			<data></data>
+			<key>PasswordSalt</key>
+			<data></data>
+			<key>ScanPolicy</key>
+			<integer>0</integer>
+			<key>SecureBootModel</key>
+			<string>Disabled</string>
+			<key>Vault</key>
+			<string>Optional</string>
+		</dict>
+		<key>Tools</key>
+		<array>
+			<dict>
+				<key>Arguments</key>
+				<string></string>
+				<key>Auxiliary</key>
+				<false/>
+				<key>Comment</key>
+				<string>Not signed for security reasons</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Name</key>
+				<string>UEFI Shell</string>
+				<key>Path</key>
+				<string>OpenShell.efi</string>
+			</dict>
+			<dict>
+				<key>Arguments</key>
+				<string>Shutdown</string>
+				<key>Auxiliary</key>
+				<true/>
+				<key>Comment</key>
+				<string>Perform shutdown</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Name</key>
+				<string>Shutdown</string>
+				<key>Path</key>
+				<string>ResetSystem.efi</string>
+			</dict>
+		</array>
+	</dict>
+	<key>NVRAM</key>
+	<dict>
+		<key>Add</key>
+		<dict>
+			<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
+			<dict>
+				<key>DefaultBackgroundColor</key>
+				<data>AAAAAA==</data>
+				<key>UIScale</key>
+				<data>AQ==</data>
+			</dict>
+			<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
+			<dict>
+				<key>rtc-blacklist</key>
+				<data></data>
+			</dict>
+			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
+			<dict>
+				<key>SystemAudioVolume</key>
+				<data>Rg==</data>
+				<key>boot-args</key>
+				<string>-v keepsyms=1 tlbto_us=0 vti=9 {{KERNEL_ARGS}}</string>
+				<key>run-efi-updater</key>
+				<string>No</string>
+				<key>csr-active-config</key>
+				<data>ZwAAAA==</data>
+				<key>prev-lang:kbd</key>
+				<data>ZW4tVVM6MA==</data>
+			</dict>
+		</dict>
+		<key>Delete</key>
+		<dict>
+			<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
+			<array>
+				<string>UIScale</string>
+				<string>DefaultBackgroundColor</string>
+			</array>
+			<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
+			<array>
+				<string>rtc-blacklist</string>
+			</array>
+			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
+			<array>
+				<string>boot-args</string>
+			</array>
+		</dict>
+		<key>LegacyEnable</key>
+		<false/>
+		<key>LegacyOverwrite</key>
+		<false/>
+		<key>LegacySchema</key>
+		<dict>
+			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
+			<array>
+				<string>EFILoginHiDPI</string>
+				<string>EFIBluetoothDelay</string>
+				<string>LocationServicesEnabled</string>
+				<string>SystemAudioVolume</string>
+				<string>SystemAudioVolumeDB</string>
+				<string>SystemAudioVolumeSaved</string>
+				<string>bluetoothActiveControllerInfo</string>
+				<string>bluetoothInternalControllerInfo</string>
+				<string>flagstate</string>
+				<string>fmm-computer-name</string>
+				<string>nvda_drv</string>
+				<string>prev-lang:kbd</string>
+			</array>
+			<key>8BE4DF61-93CA-11D2-AA0D-00E098032B8C</key>
+			<array>
+				<string>Boot0080</string>
+				<string>Boot0081</string>
+				<string>Boot0082</string>
+				<string>BootNext</string>
+				<string>BootOrder</string>
+			</array>
+		</dict>
+		<key>WriteFlash</key>
+		<true/>
+	</dict>
+	<key>PlatformInfo</key>
+	<dict>
+		<key>Automatic</key>
+		<true/>
+		<key>Generic</key>
+		<dict>
+			<key>AdviseWindows</key>
+			<false/>
+			<key>MLB</key>
+			<string>{{BOARD_SERIAL_OLD}}</string>
+			<key>ROM</key>
+			<data>
+			{{ROM}}
+			</data>
+			<key>SpoofVendor</key>
+			<true/>
+			<key>SystemProductName</key>
+			<string>{{DEVICE_MODEL}}</string>
+			<key>SystemSerialNumber</key>
+			<string>{{SERIAL_OLD}}</string>
+			<key>SystemUUID</key>
+			<string>{{SYSTEM_UUID_OLD}}</string>
+		</dict>
+		<key>UpdateDataHub</key>
+		<true/>
+		<key>UpdateNVRAM</key>
+		<true/>
+		<key>UpdateSMBIOS</key>
+		<true/>
+		<key>UpdateSMBIOSMode</key>
+		<string>Create</string>
+	</dict>
+	<key>UEFI</key>
+	<dict>
+		<key>APFS</key>
+		<dict>
+			<key>EnableJumpstart</key>
+			<true/>
+			<key>GlobalConnect</key>
+			<false/>
+			<key>HideVerbose</key>
+			<false/>
+			<key>JumpstartHotPlug</key>
+			<true/>
+			<key>MinDate</key>
+			<integer>0</integer>
+			<key>MinVersion</key>
+			<integer>0</integer>
+		</dict>
+		<key>Audio</key>
+		<dict>
+			<key>AudioCodec</key>
+			<integer>0</integer>
+			<key>AudioDevice</key>
+			<string>PciRoot(0x1)/Pci(0x1,0x0)/Pci(0x0,0x1)</string>
+			<key>AudioOut</key>
+			<integer>0</integer>
+			<key>AudioSupport</key>
+			<false/>
+			<key>MinimumVolume</key>
+			<integer>20</integer>
+			<key>PlayChime</key>
+			<false/>
+			<key>VolumeAmplifier</key>
+			<integer>0</integer>
+		</dict>
+		<key>ConnectDrivers</key>
+		<true/>
+		<key>Drivers</key>
+		<array>
+			<string>VBoxHfs.efi</string>
+			<string>OpenRuntime.efi</string>
+			<string>OpenCanopy.efi</string>
+			<string>#AudioDxe.efi</string>
+			<string>#OpenUsbKbDxe.efi</string>
+			<string>#UsbMouseDxe.efi</string>
+			<string>#Ps2KeyboardDxe.efi</string>
+			<string>#Ps2MouseDxe.efi</string>
+			<string>#HiiDatabase.efi</string>
+			<string>#NvmExpressDxe.efi</string>
+			<string>#XhciDxe.efi</string>
+			<string>#ExFatDxe.efi</string>
+			<string>#PartitionDxe.efi</string>
+			<string>#CrScreenshotDxe.efi</string>
+		</array>
+		<key>Input</key>
+		<dict>
+			<key>KeyFiltering</key>
+			<false/>
+			<key>KeyForgetThreshold</key>
+			<integer>5</integer>
+			<key>KeyMergeThreshold</key>
+			<integer>2</integer>
+			<key>KeySupport</key>
+			<true/>
+			<key>KeySupportMode</key>
+			<string>Auto</string>
+			<key>KeySwap</key>
+			<false/>
+			<key>PointerSupport</key>
+			<false/>
+			<key>PointerSupportMode</key>
+			<string>ASUS</string>
+			<key>TimerResolution</key>
+			<integer>50000</integer>
+		</dict>
+		<key>Output</key>
+		<dict>
+			<key>ClearScreenOnModeSwitch</key>
+			<false/>
+			<key>ConsoleMode</key>
+			<string></string>
+			<key>DirectGopRendering</key>
+			<false/>
+			<key>IgnoreTextInGraphics</key>
+			<false/>
+			<key>ProvideConsoleGop</key>
+			<true/>
+			<key>ReconnectOnResChange</key>
+			<false/>
+			<key>ReplaceTabWithSpace</key>
+			<false/>
+			<key>Resolution</key>
+			<string>1920x1080@32</string>
+			<key>SanitiseClearScreen</key>
+			<false/>
+			<key>TextRenderer</key>
+			<string>BuiltinGraphics</string>
+			<key>UgaPassThrough</key>
+			<false/>
+		</dict>
+		<key>ProtocolOverrides</key>
+		<dict>
+			<key>AppleAudio</key>
+			<false/>
+			<key>AppleBootPolicy</key>
+			<false/>
+			<key>AppleDebugLog</key>
+			<false/>
+			<key>AppleEvent</key>
+			<false/>
+			<key>AppleFramebufferInfo</key>
+			<false/>
+			<key>AppleImageConversion</key>
+			<false/>
+			<key>AppleImg4Verification</key>
+			<false/>
+			<key>AppleKeyMap</key>
+			<false/>
+			<key>AppleRtcRam</key>
+			<false/>
+			<key>AppleSecureBoot</key>
+			<false/>
+			<key>AppleSmcIo</key>
+			<false/>
+			<key>AppleUserInterfaceTheme</key>
+			<false/>
+			<key>DataHub</key>
+			<false/>
+			<key>DeviceProperties</key>
+			<false/>
+			<key>FirmwareVolume</key>
+			<false/>
+			<key>HashServices</key>
+			<false/>
+			<key>OSInfo</key>
+			<false/>
+			<key>UnicodeCollation</key>
+			<false/>
+		</dict>
+		<key>Quirks</key>
+		<dict>
+			<key>ExitBootServicesDelay</key>
+			<integer>0</integer>
+			<key>IgnoreInvalidFlexRatio</key>
+			<false/>
+			<key>ReleaseUsbOwnership</key>
+			<false/>
+			<key>RequestBootVarRouting</key>
+			<true/>
+			<key>TscSyncTimeout</key>
+			<integer>0</integer>
+			<key>UnblockFsConnect</key>
+			<true/>
+			<key>ConnectDrivers</key>
+			<true/>
+		</dict>
+	</dict>
+</dict>
+</plist>

custom/config-nopicker-legacy.plist

@@ -0,0 +1,883 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>ACPI</key>
+	<dict>
+		<key>Add</key>
+		<array>
+			<dict>
+				<key>Comment</key>
+				<string>add DTGP method</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-DTGP.aml</string>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>Fake EC and USBX Power</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-EC.aml</string>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>USB 2.0 Injection</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-EHCI.aml</string>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>CPU AGPM Plugin=1</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Path</key>
+				<string>SSDT-PLUG.aml</string>
+			</dict>
+		</array>
+		<key>Delete</key>
+		<array>
+			<dict>
+				<key>All</key>
+				<false/>
+				<key>Comment</key>
+				<string>Delete CpuPm</string>
+				<key>Enabled</key>
+				<false/>
+				<key>OemTableId</key>
+				<data>Q3B1UG0AAAA=</data>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data>U1NEVA==</data>
+			</dict>
+			<dict>
+				<key>All</key>
+				<false/>
+				<key>Comment</key>
+				<string>Delete Cpu0Ist</string>
+				<key>Enabled</key>
+				<false/>
+				<key>OemTableId</key>
+				<data>Q3B1MElzdAA=</data>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data>U1NEVA==</data>
+			</dict>
+		</array>
+		<key>Patch</key>
+		<array>
+			<dict>
+				<key>Comment</key>
+				<string>_Q11 to XQ11</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<false/>
+				<key>Find</key>
+				<data>X1ExMQ==</data>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data></data>
+				<key>OemTableId</key>
+				<data></data>
+				<key>Replace</key>
+				<data>WFExMQ==</data>
+				<key>ReplaceMask</key>
+				<data></data>
+				<key>Skip</key>
+				<integer>0</integer>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data></data>
+			</dict>
+			<dict>
+				<key>Comment</key>
+				<string>_Q12 to XQ12</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<false/>
+				<key>Find</key>
+				<data>X1ExMg==</data>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data></data>
+				<key>OemTableId</key>
+				<data></data>
+				<key>Replace</key>
+				<data>WFExMg==</data>
+				<key>ReplaceMask</key>
+				<data></data>
+				<key>Skip</key>
+				<integer>0</integer>
+				<key>TableLength</key>
+				<integer>0</integer>
+				<key>TableSignature</key>
+				<data></data>
+			</dict>
+		</array>
+		<key>Quirks</key>
+		<dict>
+			<key>FadtEnableReset</key>
+			<false/>
+			<key>NormalizeHeaders</key>
+			<false/>
+			<key>RebaseRegions</key>
+			<false/>
+			<key>ResetHwSig</key>
+			<false/>
+			<key>ResetLogoStatus</key>
+			<false/>
+		</dict>
+	</dict>
+	<key>Booter</key>
+	<dict>
+		<key>MmioWhitelist</key>
+		<array/>
+		<key>Quirks</key>
+		<dict>
+			<key>AvoidRuntimeDefrag</key>
+			<true/>
+			<key>DevirtualiseMmio</key>
+			<false/>
+			<key>DisableSingleUser</key>
+			<false/>
+			<key>DisableVariableWrite</key>
+			<false/>
+			<key>DiscardHibernateMap</key>
+			<false/>
+			<key>EnableSafeModeSlide</key>
+			<true/>
+			<key>EnableWriteUnprotector</key>
+			<true/>
+			<key>ForceExitBootServices</key>
+			<false/>
+			<key>ProtectMemoryRegions</key>
+			<false/>
+			<key>ProtectSecureBoot</key>
+			<false/>
+			<key>ProtectUefiServices</key>
+			<false/>
+			<key>ProvideCustomSlide</key>
+			<true/>
+			<key>ProvideMaxSlide</key>
+			<integer>0</integer>
+			<key>RebuildAppleMemoryMap</key>
+			<false/>
+			<key>SetupVirtualMap</key>
+			<false/>
+			<key>SignalAppleOS</key>
+			<false/>
+			<key>SyncRuntimePermissions</key>
+			<false/>
+		</dict>
+	</dict>
+	<key>DeviceProperties</key>
+	<dict>
+		<key>Add</key>
+		<dict>
+			<key>PciRoot(0x1)/Pci(0x1F,0x0)</key>
+			<dict>
+				<key>compatible</key>
+				<string>pci8086,2916</string>
+				<key>device-id</key>
+				<data>
+				FikA
+				</data>
+				<key>name</key>
+				<string>pci8086,2916</string>
+			</dict>
+		</dict>
+		<key>Delete</key>
+		<dict>
+			<key>PciRoot(0x0)/Pci(0x1b,0x0)</key>
+			<array>
+				<string>MaximumBootBeepVolume</string>
+			</array>
+		</dict>
+	</dict>
+	<key>Kernel</key>
+	<dict>
+		<key>Add</key>
+		<array>
+			<dict>
+				<key>Arch</key>
+				<string>Any</string>
+				<key>BundlePath</key>
+				<string>VoodooHDA.kext</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/VoodooHDA</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>Lilu.kext</string>
+				<key>Comment</key>
+				<string>Patch engine</string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/Lilu</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>12.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>VirtualSMC.kext</string>
+				<key>Comment</key>
+				<string>SMC emulator</string>
+				<key>Enabled</key>
+				<false/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/VirtualSMC</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>12.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>WhateverGreen.kext</string>
+				<key>Comment</key>
+				<string>Video patches</string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/WhateverGreen</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>12.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>BundlePath</key>
+				<string>AGPMInjector.kext</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string></string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>BundlePath</key>
+				<string>USBPorts.kext</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string></string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+			<dict>
+				<key>Arch</key>
+				<string>x86_64</string>
+				<key>BundlePath</key>
+				<string>MCEReporterDisabler.kext</string>
+				<key>Comment</key>
+				<string>AppleMCEReporter disabler</string>
+				<key>Enabled</key>
+				<true/>
+				<key>ExecutablePath</key>
+				<string></string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string>19.0.0</string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+		</array>
+		<key>Block</key>
+		<array>
+			<dict>
+				<key>Arch</key>
+				<string>Any</string>
+				<key>Comment</key>
+				<string></string>
+				<key>Enabled</key>
+				<false/>
+				<key>Identifier</key>
+				<string>com.apple.driver.AppleTyMCEDriver</string>
+				<key>MaxKernel</key>
+				<string></string>
+				<key>MinKernel</key>
+				<string></string>
+			</dict>
+		</array>
+		<key>Emulate</key>
+		<dict>
+			<key>Cpuid1Data</key>
+			<data>
+			VAYFAAAAAAAAAAAAAAAAAA==
+			</data>
+			<key>Cpuid1Mask</key>
+			<data>
+			////AAAAAAAAAAAAAAAAAA==
+			</data>
+		</dict>
+		<key>Force</key>
+		<array>
+			<dict>
+				<key>Arch</key>
+				<string>Any</string>
+				<key>BundlePath</key>
+				<string>System/Library/Extensions/IONetworkingFamily.kext</string>
+				<key>Comment</key>
+				<string>Patch engine</string>
+				<key>Enabled</key>
+				<false/>
+				<key>Identifier</key>
+				<string>com.apple.iokit.IONetworkingFamily</string>
+				<key>ExecutablePath</key>
+				<string>Contents/MacOS/IONetworkingFamily</string>
+				<key>MaxKernel</key>
+				<string>13.99.99</string>
+				<key>MinKernel</key>
+				<string></string>
+				<key>PlistPath</key>
+				<string>Contents/Info.plist</string>
+			</dict>
+		</array>
+		<key>Patch</key>
+		<array>
+			<dict>
+				<key>Base</key>
+				<string>_cpu_topology_sort</string>
+				<key>Comment</key>
+				<string>algrey - cpu_topology_sort -disable _x86_validate_topology</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<true/>
+				<key>Find</key>
+				<data>
+				6AAA//8=
+				</data>
+				<key>Identifier</key>
+				<string>kernel</string>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data>
+				/wAA//8=
+				</data>
+				<key>MaxKernel</key>
+				<string>20.99.99</string>
+				<key>MinKernel</key>
+				<string>17.0.0</string>
+				<key>Replace</key>
+				<data>
+				Dx9EAAA=
+				</data>
+				<key>ReplaceMask</key>
+				<data>
+				</data>
+				<key>Skip</key>
+				<integer>0</integer>
+			</dict>
+			<dict>
+				<key>Base</key>
+				<string></string>
+				<key>Comment</key>
+				<string>algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN</string>
+				<key>Count</key>
+				<integer>1</integer>
+				<key>Enabled</key>
+				<true/>
+				<key>Find</key>
+				<data>
+				MduAPQAAAAAGdQA=
+				</data>
+				<key>Identifier</key>
+				<string>kernel</string>
+				<key>Limit</key>
+				<integer>0</integer>
+				<key>Mask</key>
+				<data>
+				/////wAAAP///wA=
+				</data>
+				<key>MaxKernel</key>
+				<string>20.99.99</string>
+				<key>MinKernel</key>
+				<string>17.0.0</string>
+				<key>Replace</key>
+				<data>
+				u7xP6njpXQAAAJA=
+				</data>
+				<key>ReplaceMask</key>
+				<data>
+				</data>
+				<key>Skip</key>
+				<integer>0</integer>
+			</dict>
+		</array>
+		<key>Quirks</key>
+		<dict>
+			<key>AppleCpuPmCfgLock</key>
+			<false/>
+			<key>AppleXcpmCfgLock</key>
+			<false/>
+			<key>AppleXcpmExtraMsrs</key>
+			<false/>
+			<key>AppleXcpmForceBoost</key>
+			<false/>
+			<key>CustomSMBIOSGuid</key>
+			<false/>
+			<key>DisableIoMapper</key>
+			<false/>
+			<key>DisableLinkeditJettison</key>
+			<true/>
+			<key>DisableRtcChecksum</key>
+			<false/>
+			<key>DummyPowerManagement</key>
+			<true/>
+			<key>ExternalDiskIcons</key>
+			<false/>
+			<key>IncreasePciBarSize</key>
+			<false/>
+			<key>LapicKernelPanic</key>
+			<false/>
+			<key>PanicNoKextDump</key>
+			<false/>
+			<key>PowerTimeoutKernelPanic</key>
+			<false/>
+			<key>ThirdPartyDrives</key>
+			<false/>
+			<key>XhciPortLimit</key>
+			<false/>
+		</dict>
+		<key>Scheme</key>
+		<dict>
+			<key>FuzzyMatch</key>
+			<true/>
+			<key>KernelArch</key>
+			<string>x86_64</string>
+			<key>KernelCache</key>
+			<string>Auto</string>
+		</dict>
+	</dict>
+	<key>Misc</key>
+	<dict>
+		<key>BlessOverride</key>
+		<array/>
+		<key>Boot</key>
+		<dict>
+			<key>ConsoleAttributes</key>
+			<integer>0</integer>
+			<key>HibernateMode</key>
+			<string>Auto</string>
+			<key>HideAuxiliary</key>
+			<false/>
+			<key>PickerAttributes</key>
+			<integer>1</integer>
+			<key>PickerAudioAssist</key>
+			<false/>
+			<key>PickerMode</key>
+			<string>External</string>
+			<key>PollAppleHotKeys</key>
+			<true/>
+			<key>ShowPicker</key>
+			<false/>
+			<key>TakeoffDelay</key>
+			<integer>0</integer>
+			<key>Timeout</key>
+			<integer>0</integer>
+		</dict>
+		<key>Debug</key>
+		<dict>
+			<key>AppleDebug</key>
+			<false/>
+			<key>ApplePanic</key>
+			<false/>
+			<key>DisableWatchDog</key>
+			<false/>
+			<key>DisplayDelay</key>
+			<integer>0</integer>
+			<key>DisplayLevel</key>
+			<integer>2147483650</integer>
+			<key>SerialInit</key>
+			<false/>
+			<key>SysReport</key>
+			<false/>
+			<key>Target</key>
+			<integer>3</integer>
+		</dict>
+		<key>Entries</key>
+		<array/>
+		<key>Security</key>
+		<dict>
+			<key>AllowNvramReset</key>
+			<true/>
+			<key>AllowSetDefault</key>
+			<false/>
+			<key>ApECID</key>
+			<integer>0</integer>
+			<key>AuthRestart</key>
+			<false/>
+			<key>BootProtect</key>
+			<string>None</string>
+			<key>DmgLoading</key>
+			<string>Signed</string>
+			<key>EnablePassword</key>
+			<false/>
+			<key>ExposeSensitiveData</key>
+			<integer>6</integer>
+			<key>HaltLevel</key>
+			<integer>2147483648</integer>
+			<key>PasswordHash</key>
+			<data></data>
+			<key>PasswordSalt</key>
+			<data></data>
+			<key>ScanPolicy</key>
+			<integer>0</integer>
+			<key>SecureBootModel</key>
+			<string>Disabled</string>
+			<key>Vault</key>
+			<string>Optional</string>
+		</dict>
+		<key>Tools</key>
+		<array>
+			<dict>
+				<key>Arguments</key>
+				<string></string>
+				<key>Auxiliary</key>
+				<false/>
+				<key>Comment</key>
+				<string>Not signed for security reasons</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Name</key>
+				<string>UEFI Shell</string>
+				<key>Path</key>
+				<string>OpenShell.efi</string>
+			</dict>
+			<dict>
+				<key>Arguments</key>
+				<string>Shutdown</string>
+				<key>Auxiliary</key>
+				<true/>
+				<key>Comment</key>
+				<string>Perform shutdown</string>
+				<key>Enabled</key>
+				<true/>
+				<key>Name</key>
+				<string>Shutdown</string>
+				<key>Path</key>
+				<string>ResetSystem.efi</string>
+			</dict>
+		</array>
+	</dict>
+	<key>NVRAM</key>
+	<dict>
+		<key>Add</key>
+		<dict>
+			<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
+			<dict>
+				<key>DefaultBackgroundColor</key>
+				<data>AAAAAA==</data>
+				<key>UIScale</key>
+				<data>AQ==</data>
+			</dict>
+			<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
+			<dict>
+				<key>rtc-blacklist</key>
+				<data></data>
+			</dict>
+			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
+			<dict>
+				<key>SystemAudioVolume</key>
+				<data>Rg==</data>
+				<key>boot-args</key>
+                <string>-v keepsyms=1 tlbto_us=0 vti=9 {{KERNEL_ARGS}}</string>
+				<key>run-efi-updater</key>
+				<string>No</string>
+				<key>csr-active-config</key>
+				<data>ZwAAAA==</data>
+				<key>prev-lang:kbd</key>
+				<data>ZW4tVVM6MA==</data>
+			</dict>
+		</dict>
+		<key>Delete</key>
+		<dict>
+			<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
+			<array>
+				<string>UIScale</string>
+				<string>DefaultBackgroundColor</string>
+			</array>
+			<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
+			<array>
+				<string>rtc-blacklist</string>
+			</array>
+			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
+			<array>
+				<string>boot-args</string>
+			</array>
+		</dict>
+		<key>LegacyEnable</key>
+		<false/>
+		<key>LegacyOverwrite</key>
+		<false/>
+		<key>LegacySchema</key>
+		<dict>
+			<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
+			<array>
+				<string>EFILoginHiDPI</string>
+				<string>EFIBluetoothDelay</string>
+				<string>LocationServicesEnabled</string>
+				<string>SystemAudioVolume</string>
+				<string>SystemAudioVolumeDB</string>
+				<string>SystemAudioVolumeSaved</string>
+				<string>bluetoothActiveControllerInfo</string>
+				<string>bluetoothInternalControllerInfo</string>
+				<string>flagstate</string>
+				<string>fmm-computer-name</string>
+				<string>nvda_drv</string>
+				<string>prev-lang:kbd</string>
+			</array>
+			<key>8BE4DF61-93CA-11D2-AA0D-00E098032B8C</key>
+			<array>
+				<string>Boot0080</string>
+				<string>Boot0081</string>
+				<string>Boot0082</string>
+				<string>BootNext</string>
+				<string>BootOrder</string>
+			</array>
+		</dict>
+		<key>WriteFlash</key>
+		<true/>
+	</dict>
+	<key>PlatformInfo</key>
+	<dict>
+		<key>Automatic</key>
+		<true/>
+		<key>Generic</key>
+		<dict>
+			<key>AdviseWindows</key>
+			<false/>
+			<key>MLB</key>
+			<string>{{BOARD_SERIAL_OLD}}</string>
+			<key>ROM</key>
+			<data>
+			{{ROM}}
+			</data>
+			<key>SpoofVendor</key>
+			<true/>
+			<key>SystemProductName</key>
+			<string>{{DEVICE_MODEL}}</string>
+			<key>SystemSerialNumber</key>
+			<string>{{SERIAL_OLD}}</string>
+			<key>SystemUUID</key>
+			<string>{{SYSTEM_UUID_OLD}}</string>
+		</dict>
+		<key>UpdateDataHub</key>
+		<true/>
+		<key>UpdateNVRAM</key>
+		<true/>
+		<key>UpdateSMBIOS</key>
+		<true/>
+		<key>UpdateSMBIOSMode</key>
+		<string>Create</string>
+	</dict>
+	<key>UEFI</key>
+	<dict>
+		<key>APFS</key>
+		<dict>
+			<key>EnableJumpstart</key>
+			<true/>
+			<key>GlobalConnect</key>
+			<false/>
+			<key>HideVerbose</key>
+			<false/>
+			<key>JumpstartHotPlug</key>
+			<true/>
+			<key>MinDate</key>
+			<integer>0</integer>
+			<key>MinVersion</key>
+			<integer>0</integer>
+		</dict>
+		<key>Audio</key>
+		<dict>
+			<key>AudioCodec</key>
+			<integer>0</integer>
+			<key>AudioDevice</key>
+			<string>PciRoot(0x1)/Pci(0x1,0x0)/Pci(0x0,0x1)</string>
+			<key>AudioOut</key>
+			<integer>0</integer>
+			<key>AudioSupport</key>
+			<false/>
+			<key>MinimumVolume</key>
+			<integer>20</integer>
+			<key>PlayChime</key>
+			<false/>
+			<key>VolumeAmplifier</key>
+			<integer>0</integer>
+		</dict>
+		<key>ConnectDrivers</key>
+		<true/>
+		<key>Drivers</key>
+		<array>
+			<string>VBoxHfs.efi</string>
+			<string>OpenRuntime.efi</string>
+			<string>OpenCanopy.efi</string>
+			<string>#AudioDxe.efi</string>
+			<string>#OpenUsbKbDxe.efi</string>
+			<string>#UsbMouseDxe.efi</string>
+			<string>#Ps2KeyboardDxe.efi</string>
+			<string>#Ps2MouseDxe.efi</string>
+			<string>#HiiDatabase.efi</string>
+			<string>#NvmExpressDxe.efi</string>
+			<string>#XhciDxe.efi</string>
+			<string>#ExFatDxe.efi</string>
+			<string>#PartitionDxe.efi</string>
+			<string>#CrScreenshotDxe.efi</string>
+		</array>
+		<key>Input</key>
+		<dict>
+			<key>KeyFiltering</key>
+			<false/>
+			<key>KeyForgetThreshold</key>
+			<integer>5</integer>
+			<key>KeyMergeThreshold</key>
+			<integer>2</integer>
+			<key>KeySupport</key>
+			<true/>
+			<key>KeySupportMode</key>
+			<string>Auto</string>
+			<key>KeySwap</key>
+			<false/>
+			<key>PointerSupport</key>
+			<false/>
+			<key>PointerSupportMode</key>
+			<string>ASUS</string>
+			<key>TimerResolution</key>
+			<integer>50000</integer>
+		</dict>
+		<key>Output</key>
+		<dict>
+			<key>ClearScreenOnModeSwitch</key>
+			<false/>
+			<key>ConsoleMode</key>
+			<string></string>
+			<key>DirectGopRendering</key>
+			<false/>
+			<key>IgnoreTextInGraphics</key>
+			<false/>
+			<key>ProvideConsoleGop</key>
+			<true/>
+			<key>ReconnectOnResChange</key>
+			<false/>
+			<key>ReplaceTabWithSpace</key>
+			<false/>
+			<key>Resolution</key>
+			<string>1920x1080@32</string>
+			<key>SanitiseClearScreen</key>
+			<false/>
+			<key>TextRenderer</key>
+			<string>BuiltinGraphics</string>
+			<key>UgaPassThrough</key>
+			<false/>
+		</dict>
+		<key>ProtocolOverrides</key>
+		<dict>
+			<key>AppleAudio</key>
+			<false/>
+			<key>AppleBootPolicy</key>
+			<false/>
+			<key>AppleDebugLog</key>
+			<false/>
+			<key>AppleEvent</key>
+			<false/>
+			<key>AppleFramebufferInfo</key>
+			<false/>
+			<key>AppleImageConversion</key>
+			<false/>
+			<key>AppleImg4Verification</key>
+			<false/>
+			<key>AppleKeyMap</key>
+			<false/>
+			<key>AppleRtcRam</key>
+			<false/>
+			<key>AppleSecureBoot</key>
+			<false/>
+			<key>AppleSmcIo</key>
+			<false/>
+			<key>AppleUserInterfaceTheme</key>
+			<false/>
+			<key>DataHub</key>
+			<false/>
+			<key>DeviceProperties</key>
+			<false/>
+			<key>FirmwareVolume</key>
+			<false/>
+			<key>HashServices</key>
+			<false/>
+			<key>OSInfo</key>
+			<false/>
+			<key>UnicodeCollation</key>
+			<false/>
+		</dict>
+		<key>Quirks</key>
+		<dict>
+			<key>ExitBootServicesDelay</key>
+			<integer>0</integer>
+			<key>IgnoreInvalidFlexRatio</key>
+			<false/>
+			<key>ReleaseUsbOwnership</key>
+			<false/>
+			<key>RequestBootVarRouting</key>
+			<true/>
+			<key>TscSyncTimeout</key>
+			<integer>0</integer>
+			<key>UnblockFsConnect</key>
+			<true/>
+			<key>ConnectDrivers</key>
+			<true/>
+		</dict>
+	</dict>
+</dict>
+</plist>

custom/generate-specific-bootdisk.sh

@@ -24,6 +24,7 @@ Required options:
 Optional options:
     --width <integer>               Resolution x axis length in px, default 1920
     --height <integer>              Resolution y axis length in px, default 1080
+    --kernel-args <string>          Additional boot-args
     --input-plist-url <url>         Specify an alternative master plist, via URL
     --master-plist-url <url>        Same as above.
     --custom-plist <filename>       Optionally change the input plist.
@@ -193,12 +194,12 @@ done
 
 download_qcow_efi_folder () {
 
-    export EFI_FOLDER=./OpenCore-Catalina/EFI
+    export EFI_FOLDER=./OpenCore/EFI
     export RESOURCES_FOLDER=./resources/OcBinaryData/Resources
 
     # check if we are inside OSX-KVM already
     # if not, download OSX-KVM locally
-    [ -d ./OpenCore-Catalina/EFI/ ] || {
+    [ -d ./OpenCore/EFI/ ] || {
         [ -d ./OSX-KVM/ ] || git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git
         export EFI_FOLDER="./OSX-KVM/${EFI_FOLDER}"
     }
@@ -252,6 +253,7 @@ generate_bootdisk () {
             -e s/\{\{ROM\}\}/"${ROM}"/g \
             -e s/\{\{WIDTH\}\}/"${WIDTH:-1920}"/g \
             -e s/\{\{HEIGHT\}\}/"${HEIGHT:-1080}"/g \
+            -e s/\{\{KERNEL_ARGS\}\}/"${KERNEL_ARGS:-}"/g \
             "${MASTER_PLIST}" > ./tmp.config.plist || exit 1
     else
         cat <<EOF && exit 1
@@ -263,8 +265,11 @@ Error: one of the following values is missing:
 --uuid "${UUID:-MISSING}"
 --mac-address "${MAC_ADDRESS:-MISSING}"
 
+Optional:
+
 --width "${WIDTH:-1920}"
 --height "${HEIGHT:-1080}"
+--kernel-args "${KERNEL_ARGS:-}"
 
 EOF
     fi

custom/generate-unique-machine-values.sh

@@ -22,6 +22,7 @@ General options:
     --output-dir <directory>        Optionally change the script output location
     --width <string>                Resolution x axis length in px, default 1920
     --height <string>               Resolution y axis length in px, default 1080
+    --kernel-args <string>          Additional boot-args
     --input-plist-url <url>         Specify an alternative master plist, via URL
     --master-plist-url <url>        Same as above.
     --custom-plist <filename>       Optionally change the input plist.
@@ -38,7 +39,7 @@ Additional options only if you are creating ONE serial set:
 
 Custom plist placeholders:
     {{DEVICE_MODEL}}, {{SERIAL}}, {{BOARD_SERIAL}},
-    {{UUID}}, {{ROM}}, {{WIDTH}}, {{HEIGHT}}
+    {{UUID}}, {{ROM}}, {{WIDTH}}, {{HEIGHT}}, {{KERNEL_ARGS}}
 
 Example:
     ./generate-unique-machine-values.sh --count 1 --plists --bootdisks --envs
@@ -226,12 +227,12 @@ download_vendor_mac_addresses () {
 
 download_qcow_efi_folder () {
 
-    export EFI_FOLDER=./OpenCore-Catalina/EFI
+    export EFI_FOLDER=./OpenCore/EFI
     export RESOURCES_FOLDER=./resources/OcBinaryData/Resources
 
     # check if we are inside OSX-KVM already
     # if not, download OSX-KVM locally
-    [ -d ./OpenCore-Catalina/EFI/ ] || {
+    [ -d ./OpenCore/EFI/ ] || {
         [ -d ./OSX-KVM/ ] || git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git
         export EFI_FOLDER="./OSX-KVM/${EFI_FOLDER}"
     }
@@ -289,14 +290,14 @@ generate_serial_sets () {
 
             # append to csv file
             tee -a "${CSV_SERIAL_SETS_FILE}" <<EOF
-"${DEVICE_MODEL}","${SERIAL}","${BOARD_SERIAL}","${UUID}","${MAC_ADDRESS}","${WIDTH}","${HEIGHT}"
+"${DEVICE_MODEL}","${SERIAL}","${BOARD_SERIAL}","${UUID}","${MAC_ADDRESS}","${WIDTH}","${HEIGHT}","${KERNEL_ARGS}"
 EOF
             echo "Wrote CSV to: ${CSV_SERIAL_SETS_FILE}"
 
             # append to tsv file
             T=$'\t'
             tee -a "${TSV_SERIAL_SETS_FILE}" <<EOF
-${DEVICE_MODEL}${T}${SERIAL}${T}${BOARD_SERIAL}${T}${UUID}${T}${MAC_ADDRESS}${T}${WIDTH}${T}${HEIGHT}
+${DEVICE_MODEL}${T}${SERIAL}${T}${BOARD_SERIAL}${T}${UUID}${T}${MAC_ADDRESS}${T}${WIDTH}${T}${HEIGHT}${T}${KERNEL_ARGS}
 EOF
             echo "Wrote TSV to: ${TSV_SERIAL_SETS_FILE}"
 
@@ -335,8 +336,8 @@ EOF
 
                 mkdir -p "${OUTPUT_DIRECTORY}/plists"
                 source "${OUTPUT_ENV_FILE}"
-                ROM_VALUE="${MAC_ADDRESS//\:/}"
-                ROM_VALUE="${ROM_VALUE,,}"
+                ROM="${MAC_ADDRESS//\:/}"
+                ROM="${ROM,,}"
                 sed -e s/\{\{DEVICE_MODEL\}\}/"${DEVICE_MODEL}"/g \
                     -e s/\{\{SERIAL\}\}/"${SERIAL}"/g \
                     -e s/\{\{BOARD_SERIAL\}\}/"${BOARD_SERIAL}"/g \
@@ -344,6 +345,7 @@ EOF
                     -e s/\{\{ROM\}\}/"${ROM}"/g \
                     -e s/\{\{WIDTH\}\}/"${WIDTH}"/g \
                     -e s/\{\{HEIGHT\}\}/"${HEIGHT}"/g \
+                    -e s/\{\{KERNEL_ARGS\}\}/"${KERNEL_ARGS:-}"/g \
                     "${MASTER_PLIST}" > "${OUTPUT_DIRECTORY}/plists/${SERIAL}.config.plist" || exit 1
             fi
 
@@ -361,11 +363,11 @@ EOF
         done
 
         [ -e "${CSV_SERIAL_SETS_FILE}" ] && \
-            cat <(echo "DEVICE_MODEL,SERIAL,BOARD_SERIAL,UUID,MAC_ADDRESS,WIDTH,HEIGHT") "${CSV_SERIAL_SETS_FILE}"
+            cat <(echo "DEVICE_MODEL,SERIAL,BOARD_SERIAL,UUID,MAC_ADDRESS,WIDTH,HEIGHT,KERNEL_ARGS") "${CSV_SERIAL_SETS_FILE}"
 
 
         [ -e "${TSV_SERIAL_SETS_FILE}" ] && \
-            cat <(printf "DEVICE_MODEL\tSERIAL\tBOARD_SERIAL\tUUID\tMAC_ADDRESS\tWIDTH\tHEIGHT\n") "${TSV_SERIAL_SETS_FILE}"
+            cat <(printf "DEVICE_MODEL\tSERIAL\tBOARD_SERIAL\tUUID\tMAC_ADDRESS\tWIDTH\tHEIGHT\tKERNEL_ARGS\n") "${TSV_SERIAL_SETS_FILE}"
 
 }
 

custom/opencore-image-ng.sh

@@ -133,26 +133,26 @@ fish part-add /dev/sda p 302048 -2048
 fish part-set-gpt-type /dev/sda 1 C12A7328-F81F-11D2-BA4B-00A0C93EC93B
 fish part-set-bootable /dev/sda 1 true
 fish mkfs vfat /dev/sda1 label:EFI
-fish mkfs vfat /dev/sda2 label:OpenCoreBoo
+fish mkfs vfat /dev/sda2 label:OpenCore
 fish mount /dev/sda2 /
 fish mkdir /ESP
 fish mount /dev/sda1 /ESP
 
 msg "copy files to disk image"
 cp -v "$cfg" $WORK/config.plist
-fish mkdir                                     /ESP/EFI
-fish mkdir                                     /ESP/EFI/OC
-fish mkdir                                     /ESP/EFI/OC/Kexts
-fish mkdir                                     /ESP/EFI/OC/ACPI
-fish mkdir                                     /ESP/EFI/OC/Resources
-fish mkdir                                     /ESP/EFI/OC/Tools
-fish copy-in $WORK/EFI/BOOT                    /ESP/EFI
-fish copy-in $WORK/EFI/OC/OpenCore.efi         /ESP/EFI/OC
-fish copy-in $WORK/EFI/OC/Drivers              /ESP/EFI/OC/
-fish copy-in $WORK/EFI/OC/Kexts                /ESP/EFI/OC/
-fish copy-in $WORK/EFI/OC/ACPI                 /ESP/EFI/OC/
-fish copy-in $WORK/EFI/OC/Resources            /ESP/EFI/OC/
-fish copy-in $WORK/EFI/OC/Tools                /ESP/EFI/OC/
+fish mkdir /ESP/EFI
+fish mkdir /ESP/EFI/OC
+fish mkdir /ESP/EFI/OC/Kexts
+fish mkdir /ESP/EFI/OC/ACPI
+fish mkdir /ESP/EFI/OC/Resources
+fish mkdir /ESP/EFI/OC/Tools
+fish copy-in $WORK/EFI/BOOT /ESP/EFI
+fish copy-in $WORK/EFI/OC/OpenCore.efi /ESP/EFI/OC
+fish copy-in $WORK/EFI/OC/Drivers /ESP/EFI/OC/
+fish copy-in $WORK/EFI/OC/Kexts /ESP/EFI/OC/
+fish copy-in $WORK/EFI/OC/ACPI /ESP/EFI/OC/
+fish copy-in $BASE/resources/OcBinaryData/Resources /ESP/EFI/OC/
+fish copy-in $WORK/EFI/OC/Tools /ESP/EFI/OC/
 
 # Note
 fish copy-in startup.nsh /

helm/README.md

@@ -33,11 +33,11 @@ This installs `docker-osx` in Kubernetes.
 
 ## Requirements
 
-*) Install [host machine requirements](#INSTALL-QEMU-AND-GPU-IOMMU.md)
-    *) Ensure you are running QEMU 5.X
-*) Kubernetes
-*) Helm v2
-*) `sickcodes/docker-osx-vnc` Docker image
+* Install [host machine requirements](#INSTALL-QEMU-AND-GPU-IOMMU.md)
+    * Ensure you are running QEMU 5.X
+* Kubernetes
+* Helm v2
+* `sickcodes/docker-osx-vnc` Docker image
 
 ### Build `sickcodes/docker-osx-vnc`
 
@@ -84,4 +84,4 @@ _Please note, after you have installed macOS feel free to set `qemu.systemInstal
 
 #### Resources
 
-Please note, resource limits may vary based on hardware. The ones currently defined are ones that worked for me personally.
+Please note, resource limits may vary based on hardware. The ones currently defined are ones that worked for me personally.

scripts/apply_appleid_kernelpatch.py

@@ -0,0 +1,92 @@
+#!/usr/bin/env python3
+import plistlib
+import base64
+import os
+import sys
+
+def add_kernel_patches(config_path):
+    # Make a backup of the original file
+    backup_path = config_path + '.backup'
+    os.system(f'cp "{config_path}" "{backup_path}"')
+    print(f"Backup created at {backup_path}")
+    
+    # Read the plist file
+    with open(config_path, 'rb') as f:
+        config = plistlib.load(f)
+    
+    # Prepare the patch entries
+    patch1 = {
+        'Arch': 'x86_64',
+        'Base': '',
+        'Comment': 'Sonoma VM BT Enabler - PART 1 of 2 - Patch kern.hv_vmm_present=0',
+        'Count': 1,
+        'Enabled': True,
+        'Find': base64.b64decode('aGliZXJuYXRlaGlkcmVhZHkAaGliZXJuYXRlY291bnQA'),
+        'Identifier': 'kernel',
+        'Limit': 0,
+        'Mask': b'',
+        'MaxKernel': '',
+        'MinKernel': '20.4.0',
+        'Replace': base64.b64decode('aGliZXJuYXRlaGlkcmVhZHkAaHZfdm1tX3ByZXNlbnQA'),
+        'ReplaceMask': b'',
+        'Skip': 0,
+    }
+    
+    patch2 = {
+        'Arch': 'x86_64',
+        'Base': '',
+        'Comment': 'Sonoma VM BT Enabler - PART 2 of 2 - Patch kern.hv_vmm_present=0',
+        'Count': 1,
+        'Enabled': True,
+        'Find': base64.b64decode('Ym9vdCBzZXNzaW9uIFVVSUQAaHZfdm1tX3ByZXNlbnQA'),
+        'Identifier': 'kernel',
+        'Limit': 0,
+        'Mask': b'',
+        'MaxKernel': '',
+        'MinKernel': '22.0.0',
+        'Replace': base64.b64decode('Ym9vdCBzZXNzaW9uIFVVSUQAaGliZXJuYXRlY291bnQA'),
+        'ReplaceMask': b'',
+        'Skip': 0,
+    }
+    
+    # Add patches to the kernel patch section
+    if 'Kernel' in config and 'Patch' in config['Kernel']:
+        # Check if patches already exist
+        patch_exists = False
+        for patch in config['Kernel']['Patch']:
+            if isinstance(patch, dict) and 'Comment' in patch:
+                if 'Sonoma VM BT Enabler' in patch['Comment']:
+                    patch_exists = True
+                    print(f"Patch already exists: {patch['Comment']}")
+        
+        if not patch_exists:
+            config['Kernel']['Patch'].append(patch1)
+            config['Kernel']['Patch'].append(patch2)
+            print("Added both Sonoma VM BT Enabler patches to config.plist")
+        
+    else:
+        print("Error: Could not find Kernel -> Patch section in config.plist")
+        return False
+    
+    # Write the updated plist file
+    with open(config_path, 'wb') as f:
+        plistlib.dump(config, f)
+    
+    print(f"Successfully updated {config_path}")
+    return True
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print("Usage: python apply_appleid_kernelpatch.py /path/to/config.plist")
+        sys.exit(1)
+    
+    config_path = sys.argv[1]
+    if not os.path.exists(config_path):
+        print(f"Error: File {config_path} does not exist")
+        sys.exit(1)
+    
+    success = add_kernel_patches(config_path)
+    if success:
+        print("Patches applied successfully. Please reboot to apply changes.")
+    else:
+        print("Failed to apply patches.")

tests/boot-images.sh

@@ -0,0 +1,71 @@
+#!/bin/bash
+# Author:       Sick.Codes https://twitter.com/sickcodes
+# Contact:      https://github.com/sickcodes, https://sick.codes
+# Copyright:    sickcodes (C) 2021
+# License:      GPLv3+
+# Title:        Docker-OSX (Mac on Docker)
+# Repository:   https://github.com/sickcodes/Docker-OSX
+# Website:      https://sick.codes
+#
+# Status:       Used internally to run each image and take screenshots until they match the pngs in this folder.
+# 
+
+# note to self: # to get master images, boot each image, then screen shot using DISPLAY=:99 in the test.sh script
+# scrot -o high-sierra_master.png
+# scrot -o mojave_master.png
+# scrot -o catalina_master.png
+# scrot -o big-sur_master.png
+# scrot -o monterey_master.png
+# scrot -o ventura_master.png
+# scrot --overwrite --display :99 --file ~/${TEST}.png
+# pull off remote server to the tests folder
+# REMOTE_SERVER=
+# scp root@"${REMOTE_SERVER}":~/*_master.png .
+
+export DISPLAY=:99
+
+TESTS=(
+    high-sierra
+    mojave
+    catalina
+    big-sur
+    monterey
+    ventura
+    sonoma
+)
+
+# test each docker image to see if they boot to their unique respective installation screens.
+
+for TEST in "${TESTS[@]}"; do
+    # run the image detached
+    docker run --rm -d \
+        --device /dev/kvm \
+        -v /tmp/.X11-unix:/tmp/.X11-unix \
+        -e "DISPLAY=:99" \
+        "sickcodes/docker-osx:${TEST}"
+
+    # imcat the expected test screenshot to ./"${TEST}_master.txt" 
+    imcat ~/Docker-OSX/tests/${TEST}_master.png > ./"${TEST}_master.txt"
+
+    # run until the screen matches the expected screen
+    while :; do
+        sleep 5
+        # screenshot the Xvfb
+        scrotcat > ./"${TEST}.txt"
+        # diff the low res txt files created from imcat
+        diff "./${TEST}.txt" ./"${TEST}_master.txt" && break
+        scrotcat
+    done
+
+    # kill any containers
+    docker kill "$(docker ps --format "{{.ID}}")"
+    
+    # ensure all containers are dead
+    until [[ "$(docker ps | wc -l)" = 1 ]]; do
+        sleep 1
+        docker ps | xargs docker kill
+    done
+
+done
+
+exit 0

tests/test.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/docker
+#!/usr/bin/bash
 #     ____             __             ____  ______  __
 #    / __ \____  _____/ /_____  _____/ __ \/ ___/ |/ /
 #   / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \|   /
@@ -12,7 +12,7 @@
 # Repository:       https://github.com/sickcodes/Docker-OSX
 # Website:          https://sick.codes
 #
-# Status:           Work in progress.
+# Status:           Used internally to auto build, run and test images on DO.
 # 
 
 help_text="Usage: ./test.sh --branch <string> --repo <string>
@@ -120,20 +120,47 @@ NO_CACHE="${NO_CACHE:=--no-cache}"
 
 
 TEST_BUILDS=(
-'docker-osx:latest'
-'docker-osx:naked'
-'docker-osx:naked-auto'
-'docker-osx:big-sur'
-'docker-osx:monterey'
-'docker-osx:auto'
-#'docker-osx:auto-big-sur'
+    'docker-osx:naked'
+    'docker-osx:naked-auto'
+    'docker-osx:auto'
 )
 
+TEST_BUILDS=(
+    'docker-osx:naked'
+    'docker-osx:naked-auto'
+    'docker-osx:auto'
+)
+
+VERSION_BUILDS=(
+    'high-sierra'
+    'mojave'
+    'catalina'
+    'big-sur'
+    'monterey'
+    'ventura'
+    'sonoma'
+)
+
+warning () {
+    clear
+    for j in {15..1}; do 
+        echo "############# WARNING: THIS SCRIPT IS NOT INTENDED FOR USE BY ################"
+        echo "############# IT IS USED BY THE PROJECT TO BUILD AND PUSH TO DOCKERHUB #######"
+        echo ""
+        echo "                     Press Ctrl C to stop.       "
+        MAX_COLS=$((${COLUMNS}/2))
+        printf "$j %.0s" {1..20}
+        echo
+        sleep 1
+    done
+}
+
 install_docker () {
     apt remove docker docker-engine docker.io containerd runc -y \
     ; apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y \
     && curl -fsSL https://download.docker.com/linux/ubuntu/gpg |  apt-key add - \
     && apt-key fingerprint 0EBFCD88 \
+    && > /etc/apt/sources.list.d/docker.list \
     && add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
     && apt update -y \
     && apt install docker-ce docker-ce-cli containerd.io -y \
@@ -174,7 +201,7 @@ install_scrotcat () {
     make -C ./imcat
     sudo cp ./imcat/imcat /usr/bin/imcat
     touch /usr/bin/scrotcat
-    tee -a /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)'
+    tee  /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)'
     chmod +x /usr/bin/scrotcat
 }
 
@@ -196,23 +223,10 @@ enable_kvm () {
     echo 1 | tee /sys/module/kvm/parameters/ignore_msrs
 }
 
-
 clone_repo () {
     git clone --branch="${1}" "${2}" Docker-OSX
 }
 
-
-docker-osx:latest () {
-    docker build ${NO_CACHE} \
-        --build-arg BRANCH="${BRANCH}" \
-        --build-arg RANKMIRRORS=true \
-        --build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-        -f ./Dockerfile \
-        -t docker-osx:latest .
-    docker tag docker-osx:latest sickcodes/docker-osx:latest
-}
-
-
 docker-osx:naked () {
     docker build ${NO_CACHE} \
         --squash \
@@ -223,7 +237,6 @@ docker-osx:naked () {
     docker tag docker-osx:naked sickcodes/docker-osx:naked
 }
 
-
 docker-osx:naked-auto () {
     docker build ${NO_CACHE} \
         --squash \
@@ -234,26 +247,6 @@ docker-osx:naked-auto () {
     docker tag docker-osx:naked-auto sickcodes/docker-osx:naked-auto
 }
 
-
-docker-osx:big-sur () {
-    docker build ${NO_CACHE} \
-        --build-arg VERSION=11 \
-        --build-arg RANKMIRRORS=true \
-        --build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-        -f ./Dockerfile \
-        -t docker-osx:big-sur .
-    docker tag docker-osx:big-sur sickcodes/docker-osx:big-sur
-}
-
-docker-osx:monterey () {
-    docker build ${NO_CACHE} \
-        --build-arg RANKMIRRORS=true \
-        --build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-        -f ./Dockerfile.monterey \
-        -t docker-osx:monterey .
-    docker tag docker-osx:monterey sickcodes/docker-osx:monterey
-}
-
 docker-osx:auto () {
     docker build ${NO_CACHE} \
         --build-arg RANKMIRRORS=true \
@@ -263,14 +256,26 @@ docker-osx:auto () {
     docker tag docker-osx:auto sickcodes/docker-osx:auto
 }
 
-docker-osx:auto-big-sur () {
+# docker-osx:auto-big-sur () {
+#     docker build ${NO_CACHE} \
+#         --build-arg RANKMIRRORS=true \
+#         --build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
+#         --build-arg IMAGE_URL='https://images.sick.codes/mac_hdd_ng_auto_big_sur.img' \
+#         -f ./Dockerfile.auto \
+#         -t docker-osx:auto-big-sur .
+#     docker tag docker-osx:auto-big-sur sickcodes/docker-osx:auto-big-sur
+# }
+
+docker-osx:version () {
+    SHORTNAME="${1}"
     docker build ${NO_CACHE} \
+        --build-arg BRANCH="${BRANCH}" \
         --build-arg RANKMIRRORS=true \
+        --build-arg SHORTNAME="${SHORTNAME}" \
         --build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-        --build-arg IMAGE_URL='https://images.sick.codes/mac_hdd_ng_auto_big_sur.img' \
-        -f ./Dockerfile.auto \
-        -t docker-osx:auto-big-sur .
-    docker tag docker-osx:auto-big-sur sickcodes/docker-osx:auto-big-sur
+        -f ./Dockerfile \
+        -t "docker-osx:${SHORTNAME}" .
+    docker tag "docker-osx:${SHORTNAME}" "sickcodes/docker-osx:${SHORTNAME}"
 }
 
 reset_docker_hard () {
@@ -288,43 +293,55 @@ EOF
     systemctl enable --now docker
 }
 
-tee -a ~/.bashrc <<EOF ; true &&
+warning
+tee -a ~/.bashrc <<EOF
 export DEBIAN_FRONTEND=noninteractive
 export TZ=UTC
 EOF
-export DEBIAN_FRONTEND=noninteractive \
-; export TZ=UTC \
-; ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime \
-; tee -a /etc/timezone <<< "${TZ}" \
-; apt update -y \
-; apt-get install keyboard-configuration -y \
-; docker -v | grep '\ 20\.\|\ 19\.' || install_docker \
-; yes | apt install -y --no-install-recommends tzdata -y \
-; install_scrotcat \
-; yes | install_vnc \
-; export_display_99 \
-; echo start_xvfb \
-; start_vnc \
-; enable_kvm \
-; reset_docker_hard \
-; echo killall Xvfb \
-; clone_repo "${BRANCH}" "${REPO}" \
-; cd Docker-OSX \
-; for TEST_BUILD in "${TEST_BUILDS[@]}"; do
+export DEBIAN_FRONTEND=noninteractive
+export TZ=UTC
+ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime
+tee -a /etc/timezone <<< "${TZ}"
+apt update -y
+apt-get install keyboard-configuration -y
+docker -v | grep '\ 20\.\|\ 19\.' || install_docker
+yes | apt install -y --no-install-recommends tzdata -y
+install_scrotcat
+yes | install_vnc
+export_display_99
+apt install xvfb -y
+start_xvfb
+# start_vnc
+enable_kvm
+reset_docker_hard
+# echo killall Xvfb
+clone_repo "${BRANCH}" "${REPO}"
+cd ./Docker-OSX
+git pull
+
+for SHORTNAME in "${VERSION_BUILDS[@]}"; do
+    docker-osx:version "${SHORTNAME}"
+done
+
+docker tag docker-osx:catalina sickcodes/docker-osx:latest
+
+for TEST_BUILD in "${TEST_BUILDS[@]}"; do
     "${TEST_BUILD}"
-done \
-&& touch COMPLETED
+done
+
+# boot each image and test
+bash ./tests/boot-images.sh || exit 1
 
 if [[ "${DOCKER_USERNAME}" ]] && [[ "${DOCKER_PASSWORD}" ]]; then
     docker login --username "${DOCKER_USERNAME}" --password "${DOCKER_PASSWORD}" \
-        && docker push sickcodes/docker-osx:latest \
-        && docker push sickcodes/docker-osx:big-sur \
-        && docker push sickcodes/docker-osx:monterey \
-        && docker push sickcodes/docker-osx:naked \
-        && docker push sickcodes/docker-osx:naked-auto \
-        && docker push sickcodes/docker-osx:auto \
-        && docker push sickcodes/docker-osx:auto-big-sur \
+        && for SHORTNAME in "${VERSION_BUILDS[@]}"; do
+            docker push "sickcodes/docker-osx:${SHORTNAME}"
+        done \
         && touch PUSHED
+    docker push sickcodes/docker-osx:naked
+    docker push sickcodes/docker-osx:auto
+    docker push sickcodes/docker-osx:naked-auto
+
 fi
 
 # connect remotely to your server to use VNC

vnc-version/Dockerfile

@@ -70,7 +70,8 @@
 # VNC Version
 # Let's piggyback the other image:
 
-FROM sickcodes/docker-osx:latest
+ARG BASE_IMAGE=sickcodes/docker-osx:latest
+FROM ${BASE_IMAGE}
 
 MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
 
@@ -92,10 +93,13 @@ RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu
     && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
     && cat /etc/pacman.d/mirrorlist ; fi
 
+# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
+RUN pacman -Sy archlinux-keyring --noconfirm && rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate
+
 USER arch
 
-RUN sudo pacman -Syyuu --noconfirm \
-    && sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
+RUN yes | sudo pacman -Syyuu --noconfirm \
+    && yes | sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
     && mkdir -p ${HOME}/.vnc \
     && touch ~/.vnc/config \
     && tee -a ~/.vnc/config <<< 'geometry=1920x1080' \
@@ -121,4 +125,17 @@ RUN printf '\n\n\n\n%s\n%s\n\n\n\n' '===========VNC_PASSWORD========== ' "$(<vnc
 
 WORKDIR /home/arch/OSX-KVM
 
-CMD ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash
+# DMCA compliant download process
+# If BaseSystem.img does not exist, download ${SHORTNAME}
+
+# shortname default is catalina, which means :latest is catalina
+ENV SHORTNAME=sonoma
+
+ENV BASESYSTEM_IMAGE=BaseSystem.img
+
+CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
+        && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
+        && make \
+        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
+        && rm ./BaseSystem.dmg \
+    ; ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash

vnc-version/Dockerfile.nakedvnc

@@ -30,7 +30,8 @@
 #       docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:nakedvnc
 # 
 
-FROM sickcodes/docker-osx:latest
+ARG BASE_IMAGE=sickcodes/docker-osx:latest
+FROM ${BASE_IMAGE}
 
 MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
 
@@ -56,12 +57,6 @@ RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu
     && tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
     && cat /etc/pacman.d/mirrorlist ; fi
 
-# TEMP-FIX for pacman issue
-RUN patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
-    && curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
-    && bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
-# TEMP-FIX for pacman issue
-
 # For taking screenshots of the Xfvb screen, useful during development.
 ARG SCROT
 
@@ -82,12 +77,6 @@ RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noc
     ; fi \
     ; yes | pacman -Scc
 
-# TEMP-FIX for pacman issue
-RUN patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
-    && curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
-    && bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
-# TEMP-FIX for pacman issue
-
 USER arch
 
 WORKDIR /home/arch/OSX-KVM
@@ -191,21 +180,14 @@ CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}"  2>/dev/
 
 WORKDIR /home/arch/OSX-KVM
 
-RUN sudo pacman -Syyuu --noconfirm \
-    && sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
+RUN yes | sudo pacman -Syyuu --noconfirm \
+    && yes | sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
     && mkdir -p ${HOME}/.vnc \
     && touch ~/.vnc/config \
     && tee -a ~/.vnc/config <<< 'geometry=1920x1080' \
     && tee -a ~/.vnc/config <<< 'localhost' \
     && tee -a ~/.vnc/config <<< 'alwaysshared'
 
-# TEMP-FIX for file 5.40 libguestfs issue
-RUN yes | sudo pacman -U https://archive.archlinux.org/packages/f/file/file-5.39-1-x86_64.pkg.tar.zst \
-    && patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
-    && curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
-    && bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
-# TEMP-FIX for file 5.40 libguestfs issue
-
 RUN printf '\n%s\n' \
 'sudo rm -f /tmp/.X99-lock' \
 'export DISPLAY=:99' \
@@ -221,5 +203,18 @@ RUN vncpasswd -f < vncpasswd_file > ${HOME}/.vnc/passwd
 RUN chmod 600 ~/.vnc/passwd
 RUN printf '\n\n\n\n%s\n%s\n\n\n\n' '===========VNC_PASSWORD========== ' "$(<vncpasswd_file)"
 
-CMD ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash
+# DMCA compliant download process
+# If BaseSystem.img does not exist, download ${SHORTNAME}
+
+# shortname default is catalina, which means :latest is catalina
+ENV SHORTNAME=sonoma
+
+ENV BASESYSTEM_IMAGE=BaseSystem.img
+
+CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
+        && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
+        && make \
+        && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
+        && rm ./BaseSystem.dmg \
+    ; ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash