xstefen/Docker-OSX
1
0
Fork 0
mirror of https://github.com/sickcodes/Docker-OSX.git synced 2025-07-03 03:03:31 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: xstefen:master
Branches Tags
xstefen:master xstefen:sequoia xstefen:runtime-download xstefen:mouse-fix xstefen:sonoma xstefen:ventura xstefen:naked-vnc-legacy-patch xstefen:persistent xstefen:rollback-naked xstefen:shrink-naked xstefen:mojave-high-sierra xstefen:libguestfs-linux-hold xstefen:netdev xstefen:stock-images-in-dockerfile xstefen:monterey xstefen:naked-auto xstefen:cpu-max-features xstefen:glibc-revert-wip xstefen:file-downgrade-all-images xstefen:osx-serial-update xstefen:custom-plist-always xstefen:custom-identity
..
compare: xstefen:glibc-revert-wip
Branches Tags
xstefen:master xstefen:sequoia xstefen:runtime-download xstefen:mouse-fix xstefen:sonoma xstefen:ventura xstefen:naked-vnc-legacy-patch xstefen:persistent xstefen:rollback-naked xstefen:shrink-naked xstefen:mojave-high-sierra xstefen:libguestfs-linux-hold xstefen:netdev xstefen:stock-images-in-dockerfile xstefen:monterey xstefen:naked-auto xstefen:cpu-max-features xstefen:glibc-revert-wip xstefen:file-downgrade-all-images xstefen:osx-serial-update xstefen:custom-plist-always xstefen:custom-identity

2 Commits
master ... glibc-reve

Author SHA1 Message Date
sickcodes
57f1532dd1 Merge branch 'master' into glibc-revert-wip 2021-05-02 23:45:04 +00:00
sickcodes
b79f26a508 Revert glibc patch when applicable. 2021-03-01 11:32:23 +00:00
34 changed files with 507 additions and 5999 deletions
Expand all files Collapse all files

52
.github/workflows/docker-build.yml vendored
View File

@ -1,52 +0,0 @@
name: Push Docker Image to Docker Hub
on:
push:
branches:
- master
jobs:
push_to_docker_hub:
name: Push Docker Image to Docker Hub
runs-on: ubuntu-latest
steps:
- name: Checkout code
id: checkout_code
uses: actions/checkout@v3
- name: Login to Docker Hub
id: login_docker_hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USER_NAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Echo Docker Hub Username
run: echo ${{ secrets.DOCKER_HUB_USER_NAME }}
- name: Echo GitHub SHA
run: echo $GITHUB_SHA
- name: Build Docker image
id: build_image
run: |
docker build "$GITHUB_WORKSPACE" -t sickcodes/docker-osx:master --label dockerfile-path="Dockerfile"
- name: Label Master Docker Image as Latest
id: label_image
run: |
docker tag sickcodes/docker-osx:master sickcodes/docker-osx:latest
- name: Push Docker image master
id: push_master
run: docker push sickcodes/docker-osx:master
- name: Push Docker image latest
id: push_latest
run: docker push sickcodes/docker-osx:latest
- name: Logout from Docker Hub
run: docker logout
- name: End
run: echo "Docker image pushed to Docker Hub successfully"

8
CHANGELOG.md
View File

@ -1,13 +1,5 @@
|Version|Date|Notes|
|---|---|---|
| |2021-09-09|Add Monterey|
| |2021-08-27|Add iPhone passthrough OTA!|
|6.0|2021-08-25|Added naked-auto. Keep kernel at 5.13, even tho it's just for supermin.|
|5.0|2021-07-25|Retire glibc patch. Retire file command patch. Add bootmenu=on.|
| |2021-07-08|Add CPUID_FLAGS to edit the CPUID flags on the fly.|
|4.4|2021-05-06|Prepare nakedvnc for hub.docker.com. Add `ENV BOOT_ARGS=` to supply additon boot arguments, for example, `vmx,rdtscp`. Add `ENV CPU=Penryn` to allow changes to the CPU emulation, for example, `Skylake-Client`, or see [more examples here](https://manpages.ubuntu.com/manpages/disco/man7/qemu-cpu-models.7.html).|
| |2021-05-04|Disable arbitrary chown warning|
| |2021-04-27|Fixed missing sudo|
| |2021-04-18|Add LIBGUESTFS debug & trace commands, exit on fail when creating bootdisks. Silence touch errors.|
|4.3|2021-03-24|Enable interactive QEMU again. Remove envsubst since we are already using bash... Add set -x flag|
|4.2|2021-03-24|Add all ENV variables to each dockerfile for readability. Add RAM allocation buffer and cache drop bug fix. Add kvm and libvirt groups. Add `IMAGE_FORMAT=qcow2` to allow `IMAGE_FORMAT=raw` too.|

56
CREDITS.md
View File

@ -1,7 +1,5 @@
# Credits
The most important part of the project. You.
## Upstream Acknowledgements:
This project uses OSX-KVM from https://github.com/kholia/OSX-KVM and fully appreciates the work done by [@Kholia](https://github.com/Kholia) and all the contributors who are listed: [https://github.com/kholia/OSX-KVM/blob/master/CREDITS.md](https://github.com/kholia/OSX-KVM/blob/master/CREDITS.md)
@ -12,7 +10,7 @@ We use a special fork by [Nicholas Sherlock](https://www.nicksherlock.com/) of K
This project now uses the fantastic OpenCore bootloader from the community OpenCore project: https://github.com/acidanthera/OpenCorePkg. You can join their [Subreddit here](https://www.reddit.com/r/hackintosh/)!
## These credits refer to the legendary contributors to this repository:
## These credits refer to the contributors to this repository:
[@GreeFine](https://github.com/GreeFine) - Readme Typo #9
@ -30,7 +28,7 @@ This project now uses the fantastic OpenCore bootloader from the community OpenC
[@jviotti](https://github.com/jviotti) - Auto-boot thru ShowPicker
[@IAmBenMitchell]([https://github.com/MrBenFTW](https://github.com/iambenmitchell)) - Updated macOS version 10.15.5 -> 10.15.6, Enabled screen sharing port forwarding, Removed the need to remove 1gb from the partition.
[@MrBenFTW](https://github.com/MrBenFTW) - Updated macOS version 10.15.5 -> 10.15.6, Enabled screen sharing port forwarding, Removed the need to remove 1gb from the partition.
[@hoantp](https://github.com/hoantp) - Initialized TigerVNC 1.11.0 fix
@ -74,60 +72,10 @@ This project now uses the fantastic OpenCore bootloader from the community OpenC
[@ggjulio](https://github.com/ggjulio) - Restarting an "auto" container #216
[@panos](https://github.com/panos) - Improved README #212
[@panos](https://github.com/panos) - Made further improvements to the README #219
[@kaoudis](https://github.com/kaoudis) README / troubleshooting docs improvements #235
[@a10kiloham](https://github.com/a10kiloham) - Dockerfile for :naked image with VNC support #245
[@a10kiloham](https://github.com/a10kiloham) - Adding Bluebubbles as an example use case #250
[@aronzvi](https://github.com/aronzvi) - Fixed Failed to boot OSX with GENERATE_UNIQUE #244
[@tinjaw](https://github.com/tinjaw) - Fixed Type #258
[@m-zheng](https://github.com/m-zheng) - Update README.md #260
[@johnjhacking](https://github.com/johnjhacking) - Change call function to Popen #288
[@allansrc](https://github.com/allansrc) - Update Doc detail for run on WLS #318
[@mcandre](https://github.com/mcandre) - fix typo #334
[@cybik](https://github.com/cybik) Spice fix #337
[@Silfalion](https://github.com/Silfalion) - [https://github.com/Silfalion/Iphone_docker_osx_passthrough](https://github.com/Silfalion/Iphone_docker_osx_passthrough)
[@chirag350](https://github.com/chirag350) use LABEL instead of MAINTAINER since MAINTAINER is deprecated #352
[@Buthrakaur](https://github.com/Buthrakaur) readme - improve instructions for running on windows #361
[@TheHackerCoding](https://github.com/TheHackerCoding) Typo in README #367
[@cameronsteele](https://github.com/cameronsteele) fix Big Sur build example #378
[@eggplants](https://github.com/eggplants) Fix command to launch sickcodes/docker-osx:auto #366
[@martinmullins](https://github.com/martinmullins) Notes for mounting an NFS folder from a linux host #392
[@kimjammer](https://github.com/kimjammer) Readme - Added instructions for using WSLg's built in X11 server #395
[@jk2K](https://github.com/jk2K) fix: support dynamic change of Base image #408
[@MikeCoder96](https://github.com/MikeCoder96) Update README.md with WSL how to #412
[@aslafy-z](https://github.com/aslafy-z) chore(docs): update helm requirements list style #420
[@kimjammer](https://github.com/kimjammer) Update Windows Installation section #422
[@Mhartig](https://github.com/Mhartig) - Worked out issue `Enter a number (default=1): error: invalid number: y`
[@felipestt](https://github.com/felipestt) Use more CPU Cores/SMP' broken #440
[@routmoute](https://github.com/routmoute) README: add PulseAudio with WSLg #442
[@dulatello08](https://github.com/dulatello08) Update README.md #452
[@Anthropohedron](https://github.com/Anthropohedron) Added FAQ.md

199
Dockerfile
View File

@ -7,7 +7,7 @@
#
# Title: Docker-OSX (Mac on Docker)
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 6.0
# Version: 4.3
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
@ -24,7 +24,6 @@
#
# docker build -t docker-osx .
# docker build -t docker-osx --build-arg VERSION=10.15.5 --build-arg SIZE=200G .
# docker build -t docker-osx-sonoma --build-arg BRANCH=sonoma --build-arg SHORTNAME=sonoma .
#
# Basic Run:
#
@ -53,48 +52,34 @@
# # you will also need to pass the device to the container
FROM archlinux:base-devel
LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
SHELL ["/bin/bash", "-c"]
# change disk size here or add during build, e.g. --build-arg VERSION=10.14.5 --build-arg SIZE=50G
ARG SIZE=200G
ARG PARALLEL_DOWNLOADS=30
ARG VERSION=10.15.6
# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ ${PARALLEL_DOWNLOADS:=30}/g /etc/pacman.conf
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10
RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
RUN pacman -Sy archlinux-keyring --noconfirm \
&& rm -rf /etc/pacman.d/gnupg \
&& pacman-key --init \
&& pacman-key --populate archlinux
RUN if [[ "${RANKMIRRORS}" ]]; then \
{ pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
| head -n "$((${MIRROR_COUNT:-10}+1))" \
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist \
; fi
RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
# This fails on hub.docker.com, useful for debugging in cloud
# RUN [[ $(egrep -c '(svm|vmx)' /proc/cpuinfo) -gt 0 ]] || { echo KVM not possible on this host && exit 1; }
@ -105,11 +90,11 @@ RUN pacman -Syu git zip vim nano alsa-utils openssh --noconfirm \
&& ln -s /bin/vim /bin/vi \
&& useradd arch -p arch \
&& tee -a /etc/sudoers <<< 'arch ALL=(ALL) NOPASSWD: ALL' \
&& mkdir -p /home/arch \
&& mkdir /home/arch \
&& chown arch:arch /home/arch
# allow ssh to container
RUN mkdir -p -m 700 /root/.ssh
RUN mkdir -m 700 /root/.ssh
WORKDIR /root/.ssh
RUN touch authorized_keys \
@ -128,7 +113,7 @@ RUN tee -a sshd_config <<< 'AllowTcpForwarding yes' \
USER arch
# download OSX-KVM for the submodules
# download OSX-KVM
RUN git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git /home/arch/OSX-KVM
# enable ssh
@ -154,33 +139,54 @@ RUN touch enable-ssh.sh \
# RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm
RUN yes | sudo pacman -Syu bc qemu-desktop libvirt dnsmasq virt-manager bridge-utils openresolv jack2 ebtables edk2-ovmf netctl libvirt-dbus wget scrot --overwrite --noconfirm \
RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils openresolv jack ebtables edk2-ovmf netctl libvirt-dbus wget --overwrite --noconfirm \
&& yes | sudo pacman -Scc
# RUN sudo systemctl enable libvirtd.service
# RUN sudo systemctl enable virtlogd.service
WORKDIR /home/arch/OSX-KVM
# fix invalid signature on old libguestfs
ARG SIGLEVEL=Never
RUN wget https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/fetch-macOS.py
RUN sudo tee -a /etc/pacman.conf <<< "SigLevel = ${SIGLEVEL}" \
&& sudo tee -a /etc/pacman.conf <<< 'RemoteFileSigLevel = Optional' \
&& sudo sed -i -e 's/^\#RemoteFileSigLevel/RemoteFileSigLevel/g' /etc/pacman.conf
RUN [[ "${VERSION%%.*}" -lt 11 ]] && { python fetch-macOS.py --version "${VERSION}" \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
&& qemu-img create -f qcow2 mac_hdd_ng.img "${SIZE}" \
&& rm -f BaseSystem.dmg \
; } || true
# VERSION=11.2.1
# this downloads LATEST ONLY
ARG FETCH_MAC_OS_RAW=https://raw.githubusercontent.com/acidanthera/OpenCorePkg/master/Utilities/macrecovery/macrecovery.py
# submit a PR to here to get the version option https://github.com/acidanthera/OpenCorePkg/blob/master/Utilities/macrecovery/macrecovery.py
RUN [[ "${VERSION%%.*}" -ge 11 ]] && { wget "${FETCH_MAC_OS_RAW}" \
&& python macrecovery.py download \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \
&& qemu-img create -f qcow2 mac_hdd_ng.img "${SIZE}" \
&& rm -f BaseSystem.dmg \
; } || true
WORKDIR /home/arch/OSX-KVM
ARG LINUX=true
# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly
# reminder this is what makes :naked image larger than expected
RUN if [[ "${LINUX}" == true ]]; then \
sudo pacman -Syu linux linux-headers archlinux-keyring guestfs-tools mkinitcpio pcre pcre2 --noconfirm \
&& libguestfs-test-tool \
&& rm -rf /var/tmp/.guestfs-* \
&& yes | sudo pacman -Scc \
sudo pacman -Syu linux libguestfs --noconfirm \
; fi
# TEMP-FIX for file 5.40 libguestfs issue
RUN yes | sudo pacman -U https://archive.archlinux.org/packages/f/file/file-5.39-1-x86_64.pkg.tar.zst \
&& patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for file 5.40 libguestfs issue
# optional --build-arg to change branches for testing
ARG BRANCH=master
ARG REPO='https://github.com/sickcodes/Docker-OSX.git'
RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH:=master}" "${REPO:=https://github.com/sickcodes/Docker-OSX.git}"
RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}"
RUN touch Launch.sh \
&& chmod +x ./Launch.sh \
@ -191,116 +197,50 @@ RUN touch Launch.sh \
&& tee -a Launch.sh <<< '[[ "${RAM}" = max ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 1000000"))"' \
&& tee -a Launch.sh <<< '[[ "${RAM}" = half ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 2000000"))"' \
&& tee -a Launch.sh <<< 'sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true' \
&& tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-4}000 \' \
&& tee -a Launch.sh <<< '-cpu ${CPU:-Penryn},${CPUID_FLAGS:-vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,}${BOOT_ARGS} \' \
&& tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-2}000 \' \
&& tee -a Launch.sh <<< '-cpu Penryn,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+pcid,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check \' \
&& tee -a Launch.sh <<< '-machine q35,${KVM-"accel=kvm:tcg"} \' \
&& tee -a Launch.sh <<< '-smp ${CPU_STRING:-${SMP:-4},cores=${CORES:-4}} \' \
&& tee -a Launch.sh <<< '-device qemu-xhci,id=xhci \' \
&& tee -a Launch.sh <<< '-device usb-kbd,bus=xhci.0 -device usb-tablet,bus=xhci.0 \' \
&& tee -a Launch.sh <<< '-usb -device usb-kbd -device usb-tablet \' \
&& tee -a Launch.sh <<< '-device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \' \
&& tee -a Launch.sh <<< '-drive if=pflash,format=raw,readonly=on,file=/home/arch/OSX-KVM/OVMF_CODE.fd \' \
&& tee -a Launch.sh <<< '-drive if=pflash,format=raw,readonly,file=/home/arch/OSX-KVM/OVMF_CODE.fd \' \
&& tee -a Launch.sh <<< '-drive if=pflash,format=raw,file=/home/arch/OSX-KVM/OVMF_VARS-1024x768.fd \' \
&& tee -a Launch.sh <<< '-smbios type=2 \' \
&& tee -a Launch.sh <<< '-audiodev ${AUDIO_DRIVER:-alsa},id=hda -device ich9-intel-hda -device hda-duplex,audiodev=hda \' \
&& tee -a Launch.sh <<< '-device ich9-ahci,id=sata \' \
&& tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=${BOOTDISK:-/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2} \' \
&& tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2} \' \
&& tee -a Launch.sh <<< '-device ide-hd,bus=sata.2,drive=OpenCoreBoot \' \
&& tee -a Launch.sh <<< '-device ide-hd,bus=sata.3,drive=InstallMedia \' \
&& tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=${BASESYSTEM_FORMAT:-qcow2} \' \
&& tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \' \
&& tee -a Launch.sh <<< '-drive id=MacHDD,if=none,file=${IMAGE_PATH:-/home/arch/OSX-KVM/mac_hdd_ng.img},format=${IMAGE_FORMAT:-qcow2} \' \
&& tee -a Launch.sh <<< '-device ide-hd,bus=sata.4,drive=MacHDD \' \
&& tee -a Launch.sh <<< '-netdev user,id=net0,hostfwd=tcp::${INTERNAL_SSH_PORT:-10022}-:22,hostfwd=tcp::${SCREEN_SHARE_PORT:-5900}-:5900,${ADDITIONAL_PORTS} \' \
&& tee -a Launch.sh <<< '-device ${NETWORKING:-vmxnet3},netdev=net0,id=net0,mac=${MAC_ADDRESS:-52:54:00:09:49:17} \' \
&& tee -a Launch.sh <<< '-monitor stdio \' \
&& tee -a Launch.sh <<< '-boot menu=on \' \
&& tee -a Launch.sh <<< '-vga vmware \' \
&& tee -a Launch.sh <<< '${EXTRA:-}'
# docker exec containerid mv ./Launch-nopicker.sh ./Launch.sh
# This is now a legacy command.
# You can use -e BOOTDISK=/bootdisk with -v ./bootdisk.img:/bootdisk
### LEGACY CODE
RUN grep -v InstallMedia ./Launch.sh > ./Launch-nopicker.sh \
&& chmod +x ./Launch-nopicker.sh \
&& sed -i -e s/OpenCore\.qcow2/OpenCore\-nopicker\.qcow2/ ./Launch-nopicker.sh
###
USER arch
ENV USER=arch
# These are hardcoded serials for non-iMessage related research
# Overwritten by using GENERATE_UNIQUE=true
# Upstream removed nopicker, so we are adding it back in, at build time
# Once again, this is just for the Docker build so there is a default nopicker image there
# libguestfs verbose
ENV LIBGUESTFS_DEBUG=1
ENV LIBGUESTFS_TRACE=1
ARG STOCK_DEVICE_MODEL=iMacPro1,1
ARG STOCK_SERIAL=C02TM2ZBHX87
ARG STOCK_BOARD_SERIAL=C02717306J9JG361M
ARG STOCK_UUID=007076A6-F2A2-4461-BBE5-BAD019F8025A
ARG STOCK_MAC_ADDRESS=00:0A:27:00:00:00
ARG STOCK_WIDTH=1920
ARG STOCK_HEIGHT=1080
ARG STOCK_MASTER_PLIST_URL=https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist
ARG STOCK_MASTER_PLIST_URL_NOPICKER=https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-nopicker-custom.plist
ARG STOCK_BOOTDISK=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2
ARG STOCK_BOOTDISK_NOPICKER=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2
RUN ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
--master-plist-url="${STOCK_MASTER_PLIST_URL}" \
--model "${STOCK_DEVICE_MODEL}" \
--serial "${STOCK_SERIAL}" \
--board-serial "${STOCK_BOARD_SERIAL}" \
--uuid "${STOCK_UUID}" \
--mac-address "${STOCK_MAC_ADDRESS}" \
--width "${STOCK_WIDTH}" \
--height "${STOCK_HEIGHT}" \
--output-bootdisk "${STOCK_BOOTDISK}" || exit 1 \
; rm -rf /var/tmp/.guestfs-*
RUN ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
--master-plist-url="${STOCK_MASTER_PLIST_URL_NOPICKER}" \
--model "${STOCK_DEVICE_MODEL}" \
--serial "${STOCK_SERIAL}" \
--board-serial "${STOCK_BOARD_SERIAL}" \
--uuid "${STOCK_UUID}" \
--mac-address "${STOCK_MAC_ADDRESS}" \
--width "${STOCK_WIDTH}" \
--height "${STOCK_HEIGHT}" \
--output-bootdisk "${STOCK_BOOTDISK_NOPICKER}" || exit 1 \
; rm -rf /var/tmp/.guestfs-*
### symlink the old directory as upstream has renamed a directory. Symlinking purely for backwards compatability!
RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
####
ENV USER arch
#### SPECIAL RUNTIME ARGUMENTS BELOW
# env -e ADDITIONAL_PORTS with a comma
# for example, -e ADDITIONAL_PORTS=hostfwd=tcp::23-:23,
ENV ADDITIONAL_PORTS=
# since the Makefile uses raw, and raw uses the full disk amount
# we want to use a compressed qcow2
# ENV BASESYSTEM_FORMAT=raw
ENV BASESYSTEM_FORMAT=qcow2
# add additional QEMU boot arguments
ENV BOOT_ARGS=
ENV BOOTDISK=
# edit the CPU that is being emulated
ENV CPU=Penryn
ENV CPUID_FLAGS='vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,'
ENV DISPLAY=:0.0
# Deprecated
ENV ENV=/env
# Boolean for generating a bootdisk with new random serials.
@ -314,7 +254,7 @@ ENV IMAGE_FORMAT=qcow2
ENV KVM='accel=kvm:tcg'
ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist"
ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-nopicker-custom.plist"
# ENV NETWORKING=e1000-82545em
ENV NETWORKING=vmxnet3
@ -323,7 +263,7 @@ ENV NETWORKING=vmxnet3
ENV NOPICKER=false
# dynamic RAM options for runtime
ENV RAM=4
ENV RAM=3
# ENV RAM=max
# ENV RAM=half
@ -332,6 +272,10 @@ ENV RAM=4
ENV WIDTH=1920
ENV HEIGHT=1080
# libguestfs verbose
ENV LIBGUESTFS_DEBUG=1
ENV LIBGUESTFS_TRACE=1
VOLUME ["/tmp/.X11-unix"]
# check if /image is a disk image or a directory. This allows you to optionally use -v disk.img:/image
@ -350,29 +294,16 @@ VOLUME ["/tmp/.X11-unix"]
# /bootdisk is a useful persistent place to store the 15Mb serial number bootdisk.
# if you don't set any of the above:
# the default serial numbers are already contained in ./OpenCore/OpenCore.qcow2
# the default serial numbers are already contained in ./OpenCore-Catalina/OpenCore.qcow2
# And the default serial numbers
# DMCA compliant download process
# If BaseSystem.img does not exist, download ${SHORTNAME}
# shortname default is below
ENV SHORTNAME=sequoia
ENV BASESYSTEM_IMAGE=BaseSystem.img
CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
&& make \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
&& rm ./BaseSystem.dmg \
; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" || true \
; [[ "${NOPICKER}" == true ]] && { \
sed -i '/^.*InstallMedia.*/d' Launch.sh \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2}" \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2}" \
; } \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
; [[ "${GENERATE_UNIQUE}" == true ]] && { \
./Docker-OSX/osx-serial-generator/generate-unique-machine-values.sh \
--master-plist-url="${MASTER_PLIST_URL}" \
@ -381,7 +312,7 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
--bootdisks \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
--output-env "${ENV:=/env}" \
|| exit 1 ; } \
; [[ "${GENERATE_SPECIFIC}" == true ]] && { \
@ -395,7 +326,7 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
--mac-address "${MAC_ADDRESS}" \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
|| exit 1 ; } \
; ./enable-ssh.sh && /bin/bash -c ./Launch.sh

100
Dockerfile.auto
View File

@ -7,7 +7,7 @@
#
# Title: Docker-OSX (Mac on Docker)
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 6.0
# Version: 4.3
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
@ -42,7 +42,7 @@
FROM sickcodes/docker-osx:latest
LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
USER root
@ -53,41 +53,24 @@ ARG SCROT
# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ 30/g /etc/pacman.conf
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10
RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
RUN pacman -Sy archlinux-keyring --noconfirm \
&& rm -rf /etc/pacman.d/gnupg \
&& pacman-key --init \
&& pacman-key --populate archlinux
RUN if [[ "${RANKMIRRORS}" ]]; then \
{ pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
| head -n "$((${MIRROR_COUNT:-10}+1))" \
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist \
; fi
; fi \
; yes | pacman -Scc
RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr --noconfirm \
RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noconfirm \
&& if [[ "${SCROT}" ]]; then \
pacman -Syu scrot base-devel --noconfirm \
&& git clone --recurse-submodules --depth 1 https://github.com/stolk/imcat.git \
@ -104,13 +87,21 @@ RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr --noconfirm \
; fi \
; yes | pacman -Scc
RUN pacman -S sshpass --noconfirm \
&& yes | pacman -Scc
# TEMP-FIX for pacman issue
RUN patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for pacman issue
# TEMP-FIX for file 5.40 libguestfs issue
RUN yes | sudo pacman -U https://archive.archlinux.org/packages/f/file/file-5.39-1-x86_64.pkg.tar.zst \
&& patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for file 5.40 libguestfs issue
USER arch
ENV USER arch
WORKDIR /home/arch/OSX-KVM
RUN mkdir -p ~/.ssh \
@ -140,26 +131,12 @@ RUN if [[ "${COMPLETE}" ]]; then \
&& wget ${WGET_OPTIONS} -O /home/arch/OSX-KVM/mac_hdd_ng.img "${IMAGE_URL}" \
; fi
####
# symlink the old directory, for redundancy
RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
####
#### SPECIAL RUNTIME ARGUMENTS BELOW
ENV ADDITIONAL_PORTS=
# add additional QEMU boot arguments
ENV BOOT_ARGS=
ENV BOOTDISK=
# edit the CPU that is beign emulated
ENV CPU=Penryn
ENV DISPLAY=:99
ENV HEADLESS=false
@ -184,10 +161,6 @@ ENV NETWORKING=vmxnet3
ENV NOPICKER=true
# set the username and password for automatically logging in
ENV USERNAME=user
ENV PASSWORD=alpine
# dynamic RAM options for runtime
ENV RAM=3
# ENV RAM=max
@ -206,29 +179,16 @@ ENV TERMS_OF_USE=i_agree
ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree"
# DMCA compliant download process
# If BaseSystem.img does not exist, download ${SHORTNAME}
# shortname default is catalina, which means :latest is catalina
ENV SHORTNAME=sonoma
ENV BASESYSTEM_IMAGE=BaseSystem.img
CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
&& make \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
&& rm ./BaseSystem.dmg \
; echo "${BOILERPLATE}" \
CMD echo "${BOILERPLATE}" \
; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \
; echo "Disk is being copied between layers... Please wait a minute..." \
; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" || true \
; [[ "${NOPICKER}" == true ]] && { \
sed -i '/^.*InstallMedia.*/d' Launch.sh \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2}" \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2}" \
; } \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
; [[ "${GENERATE_UNIQUE}" == true ]] && { \
./Docker-OSX/osx-serial-generator/generate-unique-machine-values.sh \
--master-plist-url="${MASTER_PLIST_URL}" \
@ -237,7 +197,7 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
--bootdisks \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
--output-env "${ENV:=/env}" \
|| exit 1 ; } \
; [[ "${GENERATE_SPECIFIC}" == true ]] && { \
@ -251,7 +211,7 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
--mac-address "${MAC_ADDRESS}" \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-bootdisk "${BOOTDISK:-/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
|| exit 1 ; } \
; { [[ "${DISPLAY}" = ':99' ]] || [[ "${HEADLESS}" == true ]] ; } && { \
nohup Xvfb :99 -screen 0 1920x1080x16 \
@ -266,13 +226,13 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
; } \
; /bin/bash -c ./Launch.sh \
& echo "Booting Docker-OSX in the background. Please wait..." \
; until [[ "$(sshpass -p${PASSWORD:=alpine} ssh-copy-id -f -i ~/.ssh/id_docker_osx.pub -p 10022 ${USERNAME:=user}@127.0.0.1)" ]]; do \
; until [[ "$(sshpass -palpine ssh-copy-id -f -i ~/.ssh/id_docker_osx.pub -p 10022 user@127.0.0.1)" ]]; do \
echo "Disk is being copied between layers. Repeating until able to copy SSH key into OSX..." \
; sleep 1 \
; done \
; grep id_docker_osx ~/.ssh/config || { \
tee -a ~/.ssh/config <<< 'Host 127.0.0.1' \
; tee -a ~/.ssh/config <<< " User ${USERNAME:=user}" \
; tee -a ~/.ssh/config <<< ' User user' \
; tee -a ~/.ssh/config <<< ' Port 10022' \
; tee -a ~/.ssh/config <<< ' IdentityFile ~/.ssh/id_docker_osx' \
; tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
@ -281,7 +241,7 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& echo 'Default username: user' \
&& echo 'Default password: alpine' \
&& echo 'Change it immediately using the command: passwd' \
&& ssh -i ~/.ssh/id_docker_osx ${USERNAME:=user}@127.0.0.1 -p 10022 "${OSX_COMMANDS}"
&& ssh -i ~/.ssh/id_docker_osx user@127.0.0.1 -p 10022 "${OSX_COMMANDS}"
# username: user
# password: alpine

86
Dockerfile.naked
View File

@ -7,7 +7,7 @@
#
# Title: Docker-OSX (Mac on Docker)
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 6.0
# Version: 4.3
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
@ -32,7 +32,7 @@
FROM sickcodes/docker-osx:latest
LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
USER root
@ -42,36 +42,19 @@ RUN rm -f /home/arch/OSX-KVM/mac_hdd_ng.img
# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ 30/g /etc/pacman.conf
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10
RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
RUN pacman -Sy archlinux-keyring --noconfirm \
&& rm -rf /etc/pacman.d/gnupg \
&& pacman-key --init \
&& pacman-key --populate archlinux
RUN if [[ "${RANKMIRRORS}" ]]; then \
{ pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
| head -n "$((${MIRROR_COUNT:-10}+1))" \
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
&& cat /etc/pacman.d/mirrorlist \
; fi
RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist ; fi
# For taking screenshots of the Xfvb screen, useful during development.
ARG SCROT
@ -93,9 +76,20 @@ RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noc
; fi \
; yes | pacman -Scc
USER arch
# TEMP-FIX for pacman issue
RUN patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for pacman issue
ENV USER arch
# TEMP-FIX for file 5.40 libguestfs issue
RUN yes | sudo pacman -U https://archive.archlinux.org/packages/f/file/file-5.39-1-x86_64.pkg.tar.zst \
&& patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for file 5.40 libguestfs issue
USER arch
WORKDIR /home/arch/OSX-KVM
@ -109,25 +103,12 @@ RUN mkdir -p ~/.ssh \
&& tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
&& tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null'
####
# symlink the old directory, for redundancy
RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
####
#### SPECIAL RUNTIME ARGUMENTS BELOW
ENV ADDITIONAL_PORTS=
# add additional QEMU boot arguments
ENV BOOT_ARGS=
ENV BOOTDISK=
# edit the CPU that is beign emulated
ENV CPU=Penryn
ENV DISPLAY=:99
ENV HEADLESS=false
@ -166,30 +147,17 @@ ENV HEIGHT=1080
ENV LIBGUESTFS_DEBUG=1
ENV LIBGUESTFS_TRACE=1
# DMCA compliant download process
# If BaseSystem.img does not exist, download ${SHORTNAME}
# shortname default is catalina, which means :latest is catalina
ENV SHORTNAME=sonoma
ENV BASESYSTEM_IMAGE=BaseSystem.img
CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
&& make \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
&& rm ./BaseSystem.dmg \
; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" || true \
; { [[ "${DISPLAY}" = ':99' ]] || [[ "${HEADLESS}" == true ]] ; } && { \
nohup Xvfb :99 -screen 0 1920x1080x16 \
& until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \
; } \
; [[ "${NOPICKER}" == true ]] && { \
sed -i '/^.*InstallMedia.*/d' Launch.sh \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2}" \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore-nopicker.qcow2}" \
; } \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
; [[ "${GENERATE_UNIQUE}" == true ]] && { \
./Docker-OSX/osx-serial-generator/generate-unique-machine-values.sh \
--master-plist-url="${MASTER_PLIST_URL}" \
@ -198,7 +166,7 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
--bootdisks \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
--output-env "${ENV:=/env}" \
|| exit 1 ; } \
; [[ "${GENERATE_SPECIFIC}" == true ]] && { \
@ -212,6 +180,6 @@ CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
--mac-address "${MAC_ADDRESS}" \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
|| exit 1 ; } \
; ./enable-ssh.sh && /bin/bash -c ./Launch.sh

258
Dockerfile.naked-auto
View File

@ -1,258 +0,0 @@
#!/usr/bin/docker
# ____ __ ____ ______ __
# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ /
# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| /
# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / |
# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| :NAKED-AUTO
#
# Title: Docker-OSX (Mac on Docker)
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 6.0
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
#
# This Dockerfile needs you to supply a pre-installed installation of Docker-OSX!
#
# Visit https://github.com/sickcodes/Docker-OSX for info
FROM sickcodes/docker-osx:latest
LABEL maintainer='https://twitter.com/sickcodes <https://sick.codes>'
USER root
WORKDIR /root
RUN rm -f /home/arch/OSX-KVM/mac_hdd_ng.img
# For taking screenshots of the Xfvb screen, useful during development.
ARG SCROT
# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
RUN perl -i -p -e s/^\#Color/Color$'\n'ParallelDownloads\ =\ 30/g /etc/pacman.conf
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10
RUN tee /etc/pacman.d/mirrorlist <<< 'Server = https://geo.mirror.pkgbuild.com/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch'
# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
RUN pacman -Sy archlinux-keyring --noconfirm \
&& rm -rf /etc/pacman.d/gnupg \
&& pacman-key --init \
&& pacman-key --populate archlinux
RUN if [[ "${RANKMIRRORS}" ]]; then \
{ pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/${BRANCH:=master}/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
| head -n "$((${MIRROR_COUNT:-10}+1))" \
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
&& cat /etc/pacman.d/mirrorlist \
; fi
RUN tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://keyserver.ubuntu.com' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://hkps.pool.sks-keyservers.net:443' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkp://pgp.mit.edu:11371' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.openpgp.org' \
&& tee -a /etc/pacman.d/gnupg/gpg.conf <<< 'keyserver hkps://keys.mailvelope.com'
# For taking screenshots of the Xfvb screen, useful during development.
ARG SCROT
RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr --noconfirm \
&& if [[ "${SCROT}" ]]; then \
pacman -Syu scrot base-devel --noconfirm \
&& git clone --recurse-submodules --depth 1 https://github.com/stolk/imcat.git \
&& cd imcat \
&& make \
&& sudo cp imcat /usr/bin/imcat \
&& touch /usr/bin/scrotcat \
&& tee -a /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)' \
&& chmod +x /usr/bin/scrotcat \
; else \
touch /usr/bin/scrotcat \
&& echo echo >> /usr/bin/scrotcat \
&& chmod +x /usr/bin/scrotcat \
; fi \
; yes | pacman -Scc
RUN pacman -S sshpass --noconfirm \
&& yes | pacman -Scc
USER arch
ENV USER arch
WORKDIR /home/arch/OSX-KVM
RUN mkdir -p ~/.ssh \
&& touch ~/.ssh/authorized_keys \
&& touch ~/.ssh/config \
&& chmod 700 ~/.ssh \
&& chmod 600 ~/.ssh/config \
&& chmod 600 ~/.ssh/authorized_keys \
&& tee -a ~/.ssh/config <<< 'Host *' \
&& tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
&& tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null'
ARG COMPLETE=
# use the COMPLETE arg, for a complete image, ready to boot.
# otherwise use your own image: -v "$PWD/disk.img":/image
ARG WGET_OPTIONS=
# ARG WGET_OPTIONS='--no-verbose'
# Feel free to take a copy of this image and then host it internally
ARG IMAGE_URL=
# ARG IMAGE_URL='https://images.sick.codes/mac_hdd_ng_auto_big_sur.img'
RUN if [[ "${COMPLETE}" ]]; then \
echo "Downloading your image... This step might take a while... Press Ctrl+C if you want to abort." \
; rm -f /home/arch/OSX-KVM/mac_hdd_ng.img \
&& wget ${WGET_OPTIONS} -O /home/arch/OSX-KVM/mac_hdd_ng.img "${IMAGE_URL}" \
; fi
####
# symlink the old directory, for redundancy
RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true
####
#### SPECIAL RUNTIME ARGUMENTS BELOW
ENV ADDITIONAL_PORTS=
# add additional QEMU boot arguments
ENV BOOT_ARGS=
ENV BOOTDISK=
# edit the CPU that is beign emulated
ENV CPU=Penryn
ENV DISPLAY=:99
ENV HEADLESS=false
ENV ENV=/env
# Boolean for generating a bootdisk with new random serials.
ENV GENERATE_UNIQUE=false
# Boolean for generating a bootdisk with specific serials.
ENV GENERATE_SPECIFIC=false
ENV IMAGE_PATH=/image
ENV IMAGE_FORMAT=qcow2
ENV KVM='accel=kvm:tcg'
# ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist"
# ENV NETWORKING=e1000-82545em
ENV NETWORKING=vmxnet3
ENV NOPICKER=true
# set the username and password for automatically logging in
ENV USERNAME=user
ENV PASSWORD=alpine
# dynamic RAM options for runtime
ENV RAM=3
# ENV RAM=max
# ENV RAM=half
# The x and y coordinates for resolution.
# Must be used with either -e GENERATE_UNIQUE=true or -e GENERATE_SPECIFIC=true.
ENV WIDTH=1920
ENV HEIGHT=1080
# libguestfs verbose
ENV LIBGUESTFS_DEBUG=1
ENV LIBGUESTFS_TRACE=1
ENV TERMS_OF_USE=i_agree
ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree"
# DMCA compliant download process
# If BaseSystem.img does not exist, download ${SHORTNAME}
# shortname default is catalina, which means :latest is catalina
ENV SHORTNAME=sonoma
ENV BASESYSTEM_IMAGE=BaseSystem.img
CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
&& make \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
&& rm ./BaseSystem.dmg \
; echo "${BOILERPLATE}" \
; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \
; echo "Disk is being copied between layers... Please wait a minute..." \
; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; [[ "${NOPICKER}" == true ]] && { \
sed -i '/^.*InstallMedia.*/d' Launch.sh \
&& export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2}" \
; } \
|| export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
; [[ "${GENERATE_UNIQUE}" == true ]] && { \
./Docker-OSX/osx-serial-generator/generate-unique-machine-values.sh \
--master-plist-url="${MASTER_PLIST_URL}" \
--count 1 \
--tsv ./serial.tsv \
--bootdisks \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
--output-env "${ENV:=/env}" \
|| exit 1 ; } \
; [[ "${GENERATE_SPECIFIC}" == true ]] && { \
source "${ENV:=/env}" 2>/dev/null \
; ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
--master-plist-url="${MASTER_PLIST_URL}" \
--model "${DEVICE_MODEL}" \
--serial "${SERIAL}" \
--board-serial "${BOARD_SERIAL}" \
--uuid "${UUID}" \
--mac-address "${MAC_ADDRESS}" \
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \
|| exit 1 ; } \
; { [[ "${DISPLAY}" = ':99' ]] || [[ "${HEADLESS}" == true ]] ; } && { \
nohup Xvfb :99 -screen 0 1920x1080x16 \
& until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \
; } \
; stat "${IMAGE_PATH}" \
; echo "Large image is being copied between layers, please wait a minute..." \
; ./enable-ssh.sh \
; [[ -e ~/.ssh/id_docker_osx ]] || { \
/usr/bin/ssh-keygen -t rsa -f ~/.ssh/id_docker_osx -q -N "" \
&& chmod 600 ~/.ssh/id_docker_osx \
; } \
; /bin/bash -c ./Launch.sh \
& echo "Booting Docker-OSX in the background. Please wait..." \
; until [[ "$(sshpass -p${PASSWORD:=alpine} ssh-copy-id -f -i ~/.ssh/id_docker_osx.pub -p 10022 ${USERNAME:=user}@127.0.0.1)" ]]; do \
echo "Disk is being copied between layers. Repeating until able to copy SSH key into OSX..." \
; sleep 1 \
; done \
; grep id_docker_osx ~/.ssh/config || { \
tee -a ~/.ssh/config <<< 'Host 127.0.0.1' \
; tee -a ~/.ssh/config <<< " User ${USERNAME:=user}" \
; tee -a ~/.ssh/config <<< ' Port 10022' \
; tee -a ~/.ssh/config <<< ' IdentityFile ~/.ssh/id_docker_osx' \
; tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
; tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null' \
; } \
&& ssh -i ~/.ssh/id_docker_osx ${USERNAME:=user}@127.0.0.1 -p 10022 "${OSX_COMMANDS}"

357
FAQ.md
View File

@ -1,357 +0,0 @@
# Frequently Asked Questions
These questions come up regularly, so here are the answers.
## Basics
### Is this legal?
The [macOS software license](https://www.apple.com/legal/sla/) allows running (some versions of) macOS in a virtual machine only on Apple hardware. The [Apple Security Bounty terms and conditions](https://security.apple.com/terms-and-conditions/) make an exception to that (and essentially anything in the macOS software license) under some specific circumstances.
Therefore, yes, there is a legal use for Docker-OSX. If your use doesn't fall under the license or the security bounty terms, then you are/will be violating the macOS software license. **Note that this is not provided as legal advice, and you should consult with your own counsel for legal guidance.**
You may also be interested in this [deeper dive into the subject](https://sick.codes/is-hackintosh-osx-kvm-or-docker-osx-legal/).
### What does Docker-OSX do?
Docker-OSX is an approach to setting up and launching a macOS virtual machine (VM) under [docker](https://en.wikipedia.org/wiki/Docker_(software)). The [Dockerfile](Dockerfile) is essentially a docker image building script that:
1. validates a few things about the environment
2. installs VM software (qemu) and creates a virtual disk within the docker container
3. generates a serial number and firmware to make the VM look (enough) like Mac hardware
4. downloads a macOS installer disk image
5. generates a shell script to start the VM
The default configuration is intended to create an ephemeral but repeatably bootable macOS that can be probed for security research.
### Why docker?
Docker provides a straightforward way to package a flexible turnkey solution to setting up a macOS VM. It is not the only way to do so, nor is it necessarily the best approach to setting up a long-lived, persistent macOS VM. You may prefer to study the [Dockerfile](Dockerfile) and/or [OSX-KVM](https://github.com/kholia/OSX-KVM) to prepare a VM to run under [proxmox](https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment) or [libvirt](https://en.wikipedia.org/wiki/Libvirt).
## Can I...
### ...run BlueBubbles/AirMessage/Beeper on it?
Yes. Make sure you [make serial numbers persist across reboots](README.md#making-serial-numbers-persist-across-reboots) after generating a unique serial number for yourself; don't use the default serial number. There is, of course, no guarantee that Apple won't block/disable your account, or inflict other consequences. See also the [legal considerations](#is-this-legal).
### ...develop iPhone apps on it?
Yes. You will probably find Xcode's UI frustratingly slow, but yes. Compiling apps (e.g. React Native) from the command line is likely to be less frustrating. There is, of course, no guarantee that Apple won't block/disable your account, remove you from the Apple Developer program, or inflict other consequences. See also the [legal considerations](#is-this-legal).
### ...connect my iPhone or other USB device to it?
Yes, at least if your host OS is Linux. See [instructions](README.md#vfio-iphone-usb-passthrough-vfio). It may or may not be possible if your host OS is Windows.
### ...run CI/CD processes with it?
Maybe, but there are several reasons not to:
1. There are [legal considerations](#is-this-legal).
2. Nested virtualization is generally unavailable on cloud-hosted CI/CD and therefore Docker-OSX doesn't run.
3. You are almost always better off using your own macOS runners (on virtual or actual Mac hardware) rather than trying to make the square peg of Docker-OSX fit the round hole of macOS-specific CI/CD.
You absolutely can install runners on the macOS VM itself (which does not get around the legal considerations mentioned above), but [Docker-OSX may not be the best approach](#why-docker).
### ...run on Linux but with Wayland?
Yes, but your Wayland server must support X11 connections (or you can [use VNC instead](README.md#building-a-headless-container-that-allows-insecure-vnc-on-localhost-for-local-use-only)).
### ...run on Windows?
Yes, as long as you have a new enough version of Windows 11 and have WSL2 set up. See [this section of the README](README.md#id-like-to-run-docker-osx-on-windows) for details. No, it will not work under Windows 10. Not even if you have WSL2 set up.
### ...run on macOS?
If you have a Mac with Apple Silicon you are better served by [UTM](https://apps.apple.com/us/app/utm-virtual-machines/id1538878817?mt=12).
If you have an Intel Mac you can install and run docker (either [Docker Desktop](https://www.docker.com/products/docker-desktop/) or [colima](https://github.com/abiosoft/colima)). In either case, docker will be running under a Linux VM, which complicates things. You are likely to encounter one or more of the [common errors](#common-errors) below. Consider using qemu directly with HVF acceleration (e.g. with [libvirt](https://libvirt.org/macos.html)) instead.
### ...run on cloud services?
Cloud providers typically run their various services within virtual machines running on top of their actual hardware. These VMs typically are not set up to provide nested virtualization, which means KVM is unavailable so Docker-OSX will not work. This is _especially and specifically_ the case on CI/CD runners such as GitHub Actions, Azure DevOps Pipelines, CircleCI, GitLab CI/CD, etc. (however, see [running CI/CD](#run-cicd-processes-with-it)). Some cloud providers offer services that do allow virtualization, such as [Amazon's EC2 Bare Metal Instances](https://aws.amazon.com/about-aws/whats-new/2018/05/announcing-general-availability-of-amazon-ec2-bare-metal-instances/), but often at a significant premium.
In short, probably not.
## Common Errors
### Docker Errors
If you get an error like `docker: command not found` then you don't have docker installed and none of this works. Try [Docker Desktop](https://www.docker.com/products/docker-desktop/) on Windows or your distribution's normal package manager on Linux.
If you get an error like `docker: Got permission denied while trying to connect to the Docker daemon` or `docker: unknown server OS: .` the mostly likely explanation is that your user isn't in the `docker` Unix group. You'll need to add yourself to the `docker` group, log out, and log back in.
If you get an error like `Cannot connect to the Docker daemon at unix://var/run/docker.sock. Is the docker daemon running?` then `dockerd` isn't running. On most Linux distributions you should be able to start it with `sudo systemctl enable docker --now`.
### GTK Initialization Failed
This is an X11 error and means that the arguments to qemu are telling it to connect to an X11 display that it either can't connect to at all or doesn't have permission to connect to. In the latter case, this can usually be fixed by running `xhost +` on the host running the X11 server.
In many cases, however, it is preferable to tell qemu to listen for a VNC connection instead of trying to connect to X11; see [this section of the README](README.md#building-a-headless-container-that-allows-insecure-vnc-on-localhost-for-local-use-only) for instructions.
### KVM Error
If you get an error like `error gathering device information while adding custom device "/dev/kvm": no such file or directory` that means KVM is not available/working on the Linux kernel on which you are running docker. This could be because you are attempting to run somewhere that doesn't support nested virtualization (see [above](#can-i-run-this-on)), or because your BIOS does not have virtualization extensions turned on, or because your CPU is too old to support virtualization extensions, or your Linux kernel does not have KVM support loaded/enabled. Fixing KVM issues is well beyond the scope of this document, but you can [start here](https://www.linux-kvm.org/page/FAQ).
### ALSA Error
You might get an error like this:
```
(qemu) ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize DAC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize DAC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
audio: Failed to create voice `dac'
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize ADC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4745:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5233:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2660:(snd_pcm_open_noupdate) Unknown PCM default
alsa: Could not initialize ADC
alsa: Failed to open `default':
alsa: Reason: No such file or directory
audio: Failed to create voice `adc'
```
Docker-OSX defaults to telling qemu to use ALSA for audio output. Your host system may be using PulseAudio instead (see [PulseAudio](README.md#pulseaudio)), but you may not need audio output at all. You can pass `-e AUDIO_DRIVER="id=none,driver=none"` to disable audio output.
### No Disk to Install On
If you have launched the installer but don't see a disk to install macOS on, it probably means you skipped the step where you run Disk Utility to format the virtual disk. See the [README](README.md#additional-boot-instructions-for-when-you-are-creating-your-container).
### Slow Installation
This is not unique to virtual hardware. The macOS installation process gives apparently random and dependably incorrect time estimates, and can often appear to have completely frozen. Just be patient. It could take hours, maybe even more than a day.
### Installer After Completing Install
If you wind up in the installer again after you've installed macOS it means you booted from the installer disk instead of the disk you installed macOS on. Reboot and make sure you choose the correct disk to boot.
## Next Steps
Congratulations, you got a macOS VM up and running! Now what?
# Fixing Apple ID Login Issues in macOS Virtual Machines
## Problem Overview
When running macOS in a virtual machine, you may encounter problems logging into Apple services including:
- Apple ID
- iMessage
- iCloud
- App Store
This happens because Apple's services can detect that macOS is running in a virtual environment and block access. The solution is to apply a kernel patch that hides the VM presence from Apple's detection mechanism.
NOTE as per forum post: Unfortunately, this would very possibly break qemu-guest-agent, which is necessary for the host getting VM status or taking hot snapshot while the VM is running. This is because qemu-guest-agent also checks the hv_vmm_present flag, but only works if it is true (=1).
Use at your own risk. Hope it would help.
## Solution: Kernel Patching
This guide provides three methods to apply the necessary kernel patch. All methods implement the same fix originally described in [this forum post](https://forum.proxmox.com/threads/anyone-can-make-bluetooth-work-on-sonoma.153301/#post-697832).
### Prerequisites
Before proceeding with any method:
- Make sure you can access your EFI partition
- Locate your OpenCore `config.plist` file (typically in the `EFI/OC` folder)
- Back up your current `config.plist` before making changes
## Method 1: Using the Utility Script (Simplest Approach)
This is the fastest and easiest way to apply the patch.
1. Mount your EFI partition using Clover Configurator or another EFI mounting tool
2. Download the patch script:
```bash
curl -o apply_appleid_kernelpatch.py https://raw.githubusercontent.com/sickcodes/Docker-OSX/scripts/apply_appleid_kernelpatch.py
```
3. Run the script with your `config.plist` file path:
```bash
python3 apply_appleid_kernelpatch.py /path/to/config.plist
```
**Pro Tip**: You can drag and drop the `config.plist` file into your terminal after typing `python3 apply_appleid_kernelpatch.py` for an easy path insertion.
**Note**: If you encounter a "permission denied" error, run the command with `sudo`:
```bash
sudo python3 apply_appleid_kernelpatch.py /path/to/config.plist
```
## Method 2: Using OCAT (OpenCore Auxiliary Tools) GUI
If you prefer a graphical approach:
1. Open OCAT and load your `config.plist`
2. Navigate to the **Kernel** section
3. Go to the **Patch** subsection
4. Add two new patch entries with the following details:
### Patch 1
| Setting | Value |
|---------|-------|
| **Identifier** | `kernel` |
| **Base** | *(leave empty)* |
| **Count** | `1` |
| **Find (Hex)** | `68696265726E61746568696472656164790068696265726E617465636F756E7400` |
| **Limit** | `0` |
| **Mask** | *(leave empty)* |
| **Replace (Hex)** | `68696265726E61746568696472656164790068765F766D6D5F70726573656E7400` |
| **Skip** | `0` |
| **Arch** | `x86_64` |
| **MinKernel** | `20.4.0` |
| **MaxKernel** | *(leave empty)* |
| **Enabled** | `True` |
| **Comment** | `Sonoma VM BT Enabler - PART 1 of 2 - Patch kern.hv_vmm_present=0` |
### Patch 2
| Setting | Value |
|---------|-------|
| **Identifier** | `kernel` |
| **Base** | *(leave empty)* |
| **Count** | `1` |
| **Find (Hex)** | `626F6F742073657373696F6E20555549440068765F766D6D5F70726573656E7400` |
| **Limit** | `0` |
| **Mask** | *(leave empty)* |
| **Replace (Hex)** | `626F6F742073657373696F6E20555549440068696265726E617465636F756E7400` |
| **Skip** | `0` |
| **Arch** | `x86_64` |
| **MinKernel** | `22.0.0` |
| **MaxKernel** | *(leave empty)* |
| **Enabled** | `True` |
| **Comment** | `Sonoma VM BT Enabler - PART 2 of 2 - Patch kern.hv_vmm_present=0` |
5. Save the configuration
6. Reboot your VM
## Method 3: Direct `config.plist` Editing
For users who prefer to manually edit the configuration file:
1. Mount your EFI partition
2. Locate and open your `config.plist` file in a text editor
3. Find the `<key>Kernel</key>` → `<dict>` → `<key>Patch</key>` → `<array>` section
4. Add these two `<dict>` entries within the `<array>`:
```xml
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>Base</key>
<string></string>
<key>Comment</key>
<string>Sonoma VM BT Enabler - PART 1 of 2 - Patch kern.hv_vmm_present=0</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<true/>
<key>Find</key>
<data>aGliZXJuYXRlaGlkcmVhZHkAaGliZXJuYXRlY291bnQA</data>
<key>Identifier</key>
<string>kernel</string>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data></data>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>20.4.0</string>
<key>Replace</key>
<data>aGliZXJuYXRlaGlkcmVhZHkAaHZfdm1tX3ByZXNlbnQA</data>
<key>ReplaceMask</key>
<data></data>
<key>Skip</key>
<integer>0</integer>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>Base</key>
<string></string>
<key>Comment</key>
<string>Sonoma VM BT Enabler - PART 2 of 2 - Patch kern.hv_vmm_present=0</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<true/>
<key>Find</key>
<data>Ym9vdCBzZXNzaW9uIFVVSUQAaHZfdm1tX3ByZXNlbnQA</data>
<key>Identifier</key>
<string>kernel</string>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data></data>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>22.0.0</string>
<key>Replace</key>
<data>Ym9vdCBzZXNzaW9uIFVVSUQAaGliZXJuYXRlY291bnQA</data>
<key>ReplaceMask</key>
<data></data>
<key>Skip</key>
<integer>0</integer>
</dict>
```
5. Save the file
6. Reboot your VM
## Important Notes
- The `MinKernel` values (`20.4.0` and `22.0.0`) may need adjustment depending on your specific macOS version (Monterey, Ventura, Sonoma, etc.)
- If you encounter issues, consult the [OpenCore documentation](https://dortania.github.io/docs/) for appropriate values for your setup
- Always back up your configuration before making changes
- After applying the patch and rebooting, try signing into Apple services again
## What This Patch Does
This patch tricks macOS into believing it's running on physical hardware by redirecting the `hv_vmm_present` kernel variable, which normally indicates VM presence. After applying the patch, Apple services should function normally within your virtual environment.
### Slow UI
The macOS UI expects and relies on GPU acceleration, and there is (currently) no way to provide GPU acceleration in the virtual hardware. See [osx-optimizer](https://github.com/sickcodes/osx-optimizer) for macOS configuration to speed things up.
### Extract the Virtual Disk
With the container stopped, `sudo find /var/lib/docker -size +10G -name mac_hdd_ng.img` to find the disk image then copy it where you want it.
### Disk Space
Is your host machine's disk, specifically `/var` (because of `/var/lib/docker`), getting full? [Fix it](README.md#increase-disk-space-by-moving-varlibdocker-to-external-drive-block-storage-nfs-or-any-other-location-conceivable).
### Increase RAM or CPUs/cores
The `RAM`, `SMP`, and `CORES` options are all docker environment variables, which means it uses whatever you provide any time you start a container.

947
README.md
View File

File diff suppressed because it is too large Load Diff

BIN
Youtube-Screenshot-Docker-OSX-Setup.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 104 KiB

BIN
Youtube-USBFLUXD-Screenshot-Docker-OSX.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 673 KiB

1401
custom/config-custom.plist
View File

File diff suppressed because it is too large Load Diff

883
custom/config-legacy.plist
View File

@ -1,883 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ACPI</key>
<dict>
<key>Add</key>
<array>
<dict>
<key>Comment</key>
<string>add DTGP method</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-DTGP.aml</string>
</dict>
<dict>
<key>Comment</key>
<string>Fake EC and USBX Power</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-EC.aml</string>
</dict>
<dict>
<key>Comment</key>
<string>USB 2.0 Injection</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-EHCI.aml</string>
</dict>
<dict>
<key>Comment</key>
<string>CPU AGPM Plugin=1</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-PLUG.aml</string>
</dict>
</array>
<key>Delete</key>
<array>
<dict>
<key>All</key>
<false/>
<key>Comment</key>
<string>Delete CpuPm</string>
<key>Enabled</key>
<false/>
<key>OemTableId</key>
<data>Q3B1UG0AAAA=</data>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data>U1NEVA==</data>
</dict>
<dict>
<key>All</key>
<false/>
<key>Comment</key>
<string>Delete Cpu0Ist</string>
<key>Enabled</key>
<false/>
<key>OemTableId</key>
<data>Q3B1MElzdAA=</data>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data>U1NEVA==</data>
</dict>
</array>
<key>Patch</key>
<array>
<dict>
<key>Comment</key>
<string>_Q11 to XQ11</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<false/>
<key>Find</key>
<data>X1ExMQ==</data>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data></data>
<key>OemTableId</key>
<data></data>
<key>Replace</key>
<data>WFExMQ==</data>
<key>ReplaceMask</key>
<data></data>
<key>Skip</key>
<integer>0</integer>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data></data>
</dict>
<dict>
<key>Comment</key>
<string>_Q12 to XQ12</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<false/>
<key>Find</key>
<data>X1ExMg==</data>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data></data>
<key>OemTableId</key>
<data></data>
<key>Replace</key>
<data>WFExMg==</data>
<key>ReplaceMask</key>
<data></data>
<key>Skip</key>
<integer>0</integer>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data></data>
</dict>
</array>
<key>Quirks</key>
<dict>
<key>FadtEnableReset</key>
<false/>
<key>NormalizeHeaders</key>
<false/>
<key>RebaseRegions</key>
<false/>
<key>ResetHwSig</key>
<false/>
<key>ResetLogoStatus</key>
<false/>
</dict>
</dict>
<key>Booter</key>
<dict>
<key>MmioWhitelist</key>
<array/>
<key>Quirks</key>
<dict>
<key>AvoidRuntimeDefrag</key>
<true/>
<key>DevirtualiseMmio</key>
<false/>
<key>DisableSingleUser</key>
<false/>
<key>DisableVariableWrite</key>
<false/>
<key>DiscardHibernateMap</key>
<false/>
<key>EnableSafeModeSlide</key>
<true/>
<key>EnableWriteUnprotector</key>
<true/>
<key>ForceExitBootServices</key>
<false/>
<key>ProtectMemoryRegions</key>
<false/>
<key>ProtectSecureBoot</key>
<false/>
<key>ProtectUefiServices</key>
<false/>
<key>ProvideCustomSlide</key>
<true/>
<key>ProvideMaxSlide</key>
<integer>0</integer>
<key>RebuildAppleMemoryMap</key>
<false/>
<key>SetupVirtualMap</key>
<false/>
<key>SignalAppleOS</key>
<false/>
<key>SyncRuntimePermissions</key>
<false/>
</dict>
</dict>
<key>DeviceProperties</key>
<dict>
<key>Add</key>
<dict>
<key>PciRoot(0x1)/Pci(0x1F,0x0)</key>
<dict>
<key>compatible</key>
<string>pci8086,2916</string>
<key>device-id</key>
<data>
FikA
</data>
<key>name</key>
<string>pci8086,2916</string>
</dict>
</dict>
<key>Delete</key>
<dict>
<key>PciRoot(0x0)/Pci(0x1b,0x0)</key>
<array>
<string>MaximumBootBeepVolume</string>
</array>
</dict>
</dict>
<key>Kernel</key>
<dict>
<key>Add</key>
<array>
<dict>
<key>Arch</key>
<string>Any</string>
<key>BundlePath</key>
<string>VoodooHDA.kext</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string>Contents/MacOS/VoodooHDA</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>Lilu.kext</string>
<key>Comment</key>
<string>Patch engine</string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string>Contents/MacOS/Lilu</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>12.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>VirtualSMC.kext</string>
<key>Comment</key>
<string>SMC emulator</string>
<key>Enabled</key>
<false/>
<key>ExecutablePath</key>
<string>Contents/MacOS/VirtualSMC</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>12.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>WhateverGreen.kext</string>
<key>Comment</key>
<string>Video patches</string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string>Contents/MacOS/WhateverGreen</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>12.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>BundlePath</key>
<string>AGPMInjector.kext</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string></string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>BundlePath</key>
<string>USBPorts.kext</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string></string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>MCEReporterDisabler.kext</string>
<key>Comment</key>
<string>AppleMCEReporter disabler</string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string></string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>19.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
</array>
<key>Block</key>
<array>
<dict>
<key>Arch</key>
<string>Any</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<false/>
<key>Identifier</key>
<string>com.apple.driver.AppleTyMCEDriver</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
</dict>
</array>
<key>Emulate</key>
<dict>
<key>Cpuid1Data</key>
<data>
VAYFAAAAAAAAAAAAAAAAAA==
</data>
<key>Cpuid1Mask</key>
<data>
////AAAAAAAAAAAAAAAAAA==
</data>
</dict>
<key>Force</key>
<array>
<dict>
<key>Arch</key>
<string>Any</string>
<key>BundlePath</key>
<string>System/Library/Extensions/IONetworkingFamily.kext</string>
<key>Comment</key>
<string>Patch engine</string>
<key>Enabled</key>
<false/>
<key>Identifier</key>
<string>com.apple.iokit.IONetworkingFamily</string>
<key>ExecutablePath</key>
<string>Contents/MacOS/IONetworkingFamily</string>
<key>MaxKernel</key>
<string>13.99.99</string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
</array>
<key>Patch</key>
<array>
<dict>
<key>Base</key>
<string>_cpu_topology_sort</string>
<key>Comment</key>
<string>algrey - cpu_topology_sort -disable _x86_validate_topology</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<true/>
<key>Find</key>
<data>
6AAA//8=
</data>
<key>Identifier</key>
<string>kernel</string>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data>
/wAA//8=
</data>
<key>MaxKernel</key>
<string>20.99.99</string>
<key>MinKernel</key>
<string>17.0.0</string>
<key>Replace</key>
<data>
Dx9EAAA=
</data>
<key>ReplaceMask</key>
<data>
</data>
<key>Skip</key>
<integer>0</integer>
</dict>
<dict>
<key>Base</key>
<string></string>
<key>Comment</key>
<string>algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<true/>
<key>Find</key>
<data>
MduAPQAAAAAGdQA=
</data>
<key>Identifier</key>
<string>kernel</string>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data>
/////wAAAP///wA=
</data>
<key>MaxKernel</key>
<string>20.99.99</string>
<key>MinKernel</key>
<string>17.0.0</string>
<key>Replace</key>
<data>
u7xP6njpXQAAAJA=
</data>
<key>ReplaceMask</key>
<data>
</data>
<key>Skip</key>
<integer>0</integer>
</dict>
</array>
<key>Quirks</key>
<dict>
<key>AppleCpuPmCfgLock</key>
<false/>
<key>AppleXcpmCfgLock</key>
<false/>
<key>AppleXcpmExtraMsrs</key>
<false/>
<key>AppleXcpmForceBoost</key>
<false/>
<key>CustomSMBIOSGuid</key>
<false/>
<key>DisableIoMapper</key>
<false/>
<key>DisableLinkeditJettison</key>
<true/>
<key>DisableRtcChecksum</key>
<false/>
<key>DummyPowerManagement</key>
<true/>
<key>ExternalDiskIcons</key>
<false/>
<key>IncreasePciBarSize</key>
<false/>
<key>LapicKernelPanic</key>
<false/>
<key>PanicNoKextDump</key>
<false/>
<key>PowerTimeoutKernelPanic</key>
<false/>
<key>ThirdPartyDrives</key>
<false/>
<key>XhciPortLimit</key>
<false/>
</dict>
<key>Scheme</key>
<dict>
<key>FuzzyMatch</key>
<true/>
<key>KernelArch</key>
<string>x86_64</string>
<key>KernelCache</key>
<string>Auto</string>
</dict>
</dict>
<key>Misc</key>
<dict>
<key>BlessOverride</key>
<array/>
<key>Boot</key>
<dict>
<key>ConsoleAttributes</key>
<integer>0</integer>
<key>HibernateMode</key>
<string>Auto</string>
<key>HideAuxiliary</key>
<false/>
<key>PickerAttributes</key>
<integer>1</integer>
<key>PickerAudioAssist</key>
<false/>
<key>PickerMode</key>
<string>External</string>
<key>PollAppleHotKeys</key>
<true/>
<key>ShowPicker</key>
<true/>
<key>TakeoffDelay</key>
<integer>0</integer>
<key>Timeout</key>
<integer>0</integer>
</dict>
<key>Debug</key>
<dict>
<key>AppleDebug</key>
<false/>
<key>ApplePanic</key>
<false/>
<key>DisableWatchDog</key>
<false/>
<key>DisplayDelay</key>
<integer>0</integer>
<key>DisplayLevel</key>
<integer>2147483650</integer>
<key>SerialInit</key>
<false/>
<key>SysReport</key>
<false/>
<key>Target</key>
<integer>3</integer>
</dict>
<key>Entries</key>
<array/>
<key>Security</key>
<dict>
<key>AllowNvramReset</key>
<true/>
<key>AllowSetDefault</key>
<false/>
<key>ApECID</key>
<integer>0</integer>
<key>AuthRestart</key>
<false/>
<key>BootProtect</key>
<string>None</string>
<key>DmgLoading</key>
<string>Signed</string>
<key>EnablePassword</key>
<false/>
<key>ExposeSensitiveData</key>
<integer>6</integer>
<key>HaltLevel</key>
<integer>2147483648</integer>
<key>PasswordHash</key>
<data></data>
<key>PasswordSalt</key>
<data></data>
<key>ScanPolicy</key>
<integer>0</integer>
<key>SecureBootModel</key>
<string>Disabled</string>
<key>Vault</key>
<string>Optional</string>
</dict>
<key>Tools</key>
<array>
<dict>
<key>Arguments</key>
<string></string>
<key>Auxiliary</key>
<false/>
<key>Comment</key>
<string>Not signed for security reasons</string>
<key>Enabled</key>
<true/>
<key>Name</key>
<string>UEFI Shell</string>
<key>Path</key>
<string>OpenShell.efi</string>
</dict>
<dict>
<key>Arguments</key>
<string>Shutdown</string>
<key>Auxiliary</key>
<true/>
<key>Comment</key>
<string>Perform shutdown</string>
<key>Enabled</key>
<true/>
<key>Name</key>
<string>Shutdown</string>
<key>Path</key>
<string>ResetSystem.efi</string>
</dict>
</array>
</dict>
<key>NVRAM</key>
<dict>
<key>Add</key>
<dict>
<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
<dict>
<key>DefaultBackgroundColor</key>
<data>AAAAAA==</data>
<key>UIScale</key>
<data>AQ==</data>
</dict>
<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
<dict>
<key>rtc-blacklist</key>
<data></data>
</dict>
<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
<dict>
<key>SystemAudioVolume</key>
<data>Rg==</data>
<key>boot-args</key>
<string>-v keepsyms=1 tlbto_us=0 vti=9 {{KERNEL_ARGS}}</string>
<key>run-efi-updater</key>
<string>No</string>
<key>csr-active-config</key>
<data>ZwAAAA==</data>
<key>prev-lang:kbd</key>
<data>ZW4tVVM6MA==</data>
</dict>
</dict>
<key>Delete</key>
<dict>
<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
<array>
<string>UIScale</string>
<string>DefaultBackgroundColor</string>
</array>
<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
<array>
<string>rtc-blacklist</string>
</array>
<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
<array>
<string>boot-args</string>
</array>
</dict>
<key>LegacyEnable</key>
<false/>
<key>LegacyOverwrite</key>
<false/>
<key>LegacySchema</key>
<dict>
<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
<array>
<string>EFILoginHiDPI</string>
<string>EFIBluetoothDelay</string>
<string>LocationServicesEnabled</string>
<string>SystemAudioVolume</string>
<string>SystemAudioVolumeDB</string>
<string>SystemAudioVolumeSaved</string>
<string>bluetoothActiveControllerInfo</string>
<string>bluetoothInternalControllerInfo</string>
<string>flagstate</string>
<string>fmm-computer-name</string>
<string>nvda_drv</string>
<string>prev-lang:kbd</string>
</array>
<key>8BE4DF61-93CA-11D2-AA0D-00E098032B8C</key>
<array>
<string>Boot0080</string>
<string>Boot0081</string>
<string>Boot0082</string>
<string>BootNext</string>
<string>BootOrder</string>
</array>
</dict>
<key>WriteFlash</key>
<true/>
</dict>
<key>PlatformInfo</key>
<dict>
<key>Automatic</key>
<true/>
<key>Generic</key>
<dict>
<key>AdviseWindows</key>
<false/>
<key>MLB</key>
<string>{{BOARD_SERIAL_OLD}}</string>
<key>ROM</key>
<data>
{{ROM}}
</data>
<key>SpoofVendor</key>
<true/>
<key>SystemProductName</key>
<string>{{DEVICE_MODEL}}</string>
<key>SystemSerialNumber</key>
<string>{{SERIAL_OLD}}</string>
<key>SystemUUID</key>
<string>{{SYSTEM_UUID_OLD}}</string>
</dict>
<key>UpdateDataHub</key>
<true/>
<key>UpdateNVRAM</key>
<true/>
<key>UpdateSMBIOS</key>
<true/>
<key>UpdateSMBIOSMode</key>
<string>Create</string>
</dict>
<key>UEFI</key>
<dict>
<key>APFS</key>
<dict>
<key>EnableJumpstart</key>
<true/>
<key>GlobalConnect</key>
<false/>
<key>HideVerbose</key>
<false/>
<key>JumpstartHotPlug</key>
<true/>
<key>MinDate</key>
<integer>0</integer>
<key>MinVersion</key>
<integer>0</integer>
</dict>
<key>Audio</key>
<dict>
<key>AudioCodec</key>
<integer>0</integer>
<key>AudioDevice</key>
<string>PciRoot(0x1)/Pci(0x1,0x0)/Pci(0x0,0x1)</string>
<key>AudioOut</key>
<integer>0</integer>
<key>AudioSupport</key>
<false/>
<key>MinimumVolume</key>
<integer>20</integer>
<key>PlayChime</key>
<false/>
<key>VolumeAmplifier</key>
<integer>0</integer>
</dict>
<key>ConnectDrivers</key>
<true/>
<key>Drivers</key>
<array>
<string>VBoxHfs.efi</string>
<string>OpenRuntime.efi</string>
<string>OpenCanopy.efi</string>
<string>#AudioDxe.efi</string>
<string>#OpenUsbKbDxe.efi</string>
<string>#UsbMouseDxe.efi</string>
<string>#Ps2KeyboardDxe.efi</string>
<string>#Ps2MouseDxe.efi</string>
<string>#HiiDatabase.efi</string>
<string>#NvmExpressDxe.efi</string>
<string>#XhciDxe.efi</string>
<string>#ExFatDxe.efi</string>
<string>#PartitionDxe.efi</string>
<string>#CrScreenshotDxe.efi</string>
</array>
<key>Input</key>
<dict>
<key>KeyFiltering</key>
<false/>
<key>KeyForgetThreshold</key>
<integer>5</integer>
<key>KeyMergeThreshold</key>
<integer>2</integer>
<key>KeySupport</key>
<true/>
<key>KeySupportMode</key>
<string>Auto</string>
<key>KeySwap</key>
<false/>
<key>PointerSupport</key>
<false/>
<key>PointerSupportMode</key>
<string>ASUS</string>
<key>TimerResolution</key>
<integer>50000</integer>
</dict>
<key>Output</key>
<dict>
<key>ClearScreenOnModeSwitch</key>
<false/>
<key>ConsoleMode</key>
<string></string>
<key>DirectGopRendering</key>
<false/>
<key>IgnoreTextInGraphics</key>
<false/>
<key>ProvideConsoleGop</key>
<true/>
<key>ReconnectOnResChange</key>
<false/>
<key>ReplaceTabWithSpace</key>
<false/>
<key>Resolution</key>
<string>1920x1080@32</string>
<key>SanitiseClearScreen</key>
<false/>
<key>TextRenderer</key>
<string>BuiltinGraphics</string>
<key>UgaPassThrough</key>
<false/>
</dict>
<key>ProtocolOverrides</key>
<dict>
<key>AppleAudio</key>
<false/>
<key>AppleBootPolicy</key>
<false/>
<key>AppleDebugLog</key>
<false/>
<key>AppleEvent</key>
<false/>
<key>AppleFramebufferInfo</key>
<false/>
<key>AppleImageConversion</key>
<false/>
<key>AppleImg4Verification</key>
<false/>
<key>AppleKeyMap</key>
<false/>
<key>AppleRtcRam</key>
<false/>
<key>AppleSecureBoot</key>
<false/>
<key>AppleSmcIo</key>
<false/>
<key>AppleUserInterfaceTheme</key>
<false/>
<key>DataHub</key>
<false/>
<key>DeviceProperties</key>
<false/>
<key>FirmwareVolume</key>
<false/>
<key>HashServices</key>
<false/>
<key>OSInfo</key>
<false/>
<key>UnicodeCollation</key>
<false/>
</dict>
<key>Quirks</key>
<dict>
<key>ExitBootServicesDelay</key>
<integer>0</integer>
<key>IgnoreInvalidFlexRatio</key>
<false/>
<key>ReleaseUsbOwnership</key>
<false/>
<key>RequestBootVarRouting</key>
<true/>
<key>TscSyncTimeout</key>
<integer>0</integer>
<key>UnblockFsConnect</key>
<true/>
<key>ConnectDrivers</key>
<true/>
</dict>
</dict>
</dict>
</plist>

759
custom/config-nopicker-custom.plist
View File

File diff suppressed because it is too large Load Diff

883
custom/config-nopicker-legacy.plist
View File

@ -1,883 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ACPI</key>
<dict>
<key>Add</key>
<array>
<dict>
<key>Comment</key>
<string>add DTGP method</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-DTGP.aml</string>
</dict>
<dict>
<key>Comment</key>
<string>Fake EC and USBX Power</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-EC.aml</string>
</dict>
<dict>
<key>Comment</key>
<string>USB 2.0 Injection</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-EHCI.aml</string>
</dict>
<dict>
<key>Comment</key>
<string>CPU AGPM Plugin=1</string>
<key>Enabled</key>
<true/>
<key>Path</key>
<string>SSDT-PLUG.aml</string>
</dict>
</array>
<key>Delete</key>
<array>
<dict>
<key>All</key>
<false/>
<key>Comment</key>
<string>Delete CpuPm</string>
<key>Enabled</key>
<false/>
<key>OemTableId</key>
<data>Q3B1UG0AAAA=</data>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data>U1NEVA==</data>
</dict>
<dict>
<key>All</key>
<false/>
<key>Comment</key>
<string>Delete Cpu0Ist</string>
<key>Enabled</key>
<false/>
<key>OemTableId</key>
<data>Q3B1MElzdAA=</data>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data>U1NEVA==</data>
</dict>
</array>
<key>Patch</key>
<array>
<dict>
<key>Comment</key>
<string>_Q11 to XQ11</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<false/>
<key>Find</key>
<data>X1ExMQ==</data>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data></data>
<key>OemTableId</key>
<data></data>
<key>Replace</key>
<data>WFExMQ==</data>
<key>ReplaceMask</key>
<data></data>
<key>Skip</key>
<integer>0</integer>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data></data>
</dict>
<dict>
<key>Comment</key>
<string>_Q12 to XQ12</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<false/>
<key>Find</key>
<data>X1ExMg==</data>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data></data>
<key>OemTableId</key>
<data></data>
<key>Replace</key>
<data>WFExMg==</data>
<key>ReplaceMask</key>
<data></data>
<key>Skip</key>
<integer>0</integer>
<key>TableLength</key>
<integer>0</integer>
<key>TableSignature</key>
<data></data>
</dict>
</array>
<key>Quirks</key>
<dict>
<key>FadtEnableReset</key>
<false/>
<key>NormalizeHeaders</key>
<false/>
<key>RebaseRegions</key>
<false/>
<key>ResetHwSig</key>
<false/>
<key>ResetLogoStatus</key>
<false/>
</dict>
</dict>
<key>Booter</key>
<dict>
<key>MmioWhitelist</key>
<array/>
<key>Quirks</key>
<dict>
<key>AvoidRuntimeDefrag</key>
<true/>
<key>DevirtualiseMmio</key>
<false/>
<key>DisableSingleUser</key>
<false/>
<key>DisableVariableWrite</key>
<false/>
<key>DiscardHibernateMap</key>
<false/>
<key>EnableSafeModeSlide</key>
<true/>
<key>EnableWriteUnprotector</key>
<true/>
<key>ForceExitBootServices</key>
<false/>
<key>ProtectMemoryRegions</key>
<false/>
<key>ProtectSecureBoot</key>
<false/>
<key>ProtectUefiServices</key>
<false/>
<key>ProvideCustomSlide</key>
<true/>
<key>ProvideMaxSlide</key>
<integer>0</integer>
<key>RebuildAppleMemoryMap</key>
<false/>
<key>SetupVirtualMap</key>
<false/>
<key>SignalAppleOS</key>
<false/>
<key>SyncRuntimePermissions</key>
<false/>
</dict>
</dict>
<key>DeviceProperties</key>
<dict>
<key>Add</key>
<dict>
<key>PciRoot(0x1)/Pci(0x1F,0x0)</key>
<dict>
<key>compatible</key>
<string>pci8086,2916</string>
<key>device-id</key>
<data>
FikA
</data>
<key>name</key>
<string>pci8086,2916</string>
</dict>
</dict>
<key>Delete</key>
<dict>
<key>PciRoot(0x0)/Pci(0x1b,0x0)</key>
<array>
<string>MaximumBootBeepVolume</string>
</array>
</dict>
</dict>
<key>Kernel</key>
<dict>
<key>Add</key>
<array>
<dict>
<key>Arch</key>
<string>Any</string>
<key>BundlePath</key>
<string>VoodooHDA.kext</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string>Contents/MacOS/VoodooHDA</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>Lilu.kext</string>
<key>Comment</key>
<string>Patch engine</string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string>Contents/MacOS/Lilu</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>12.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>VirtualSMC.kext</string>
<key>Comment</key>
<string>SMC emulator</string>
<key>Enabled</key>
<false/>
<key>ExecutablePath</key>
<string>Contents/MacOS/VirtualSMC</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>12.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>WhateverGreen.kext</string>
<key>Comment</key>
<string>Video patches</string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string>Contents/MacOS/WhateverGreen</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>12.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>BundlePath</key>
<string>AGPMInjector.kext</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string></string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>BundlePath</key>
<string>USBPorts.kext</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string></string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
<dict>
<key>Arch</key>
<string>x86_64</string>
<key>BundlePath</key>
<string>MCEReporterDisabler.kext</string>
<key>Comment</key>
<string>AppleMCEReporter disabler</string>
<key>Enabled</key>
<true/>
<key>ExecutablePath</key>
<string></string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string>19.0.0</string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
</array>
<key>Block</key>
<array>
<dict>
<key>Arch</key>
<string>Any</string>
<key>Comment</key>
<string></string>
<key>Enabled</key>
<false/>
<key>Identifier</key>
<string>com.apple.driver.AppleTyMCEDriver</string>
<key>MaxKernel</key>
<string></string>
<key>MinKernel</key>
<string></string>
</dict>
</array>
<key>Emulate</key>
<dict>
<key>Cpuid1Data</key>
<data>
VAYFAAAAAAAAAAAAAAAAAA==
</data>
<key>Cpuid1Mask</key>
<data>
////AAAAAAAAAAAAAAAAAA==
</data>
</dict>
<key>Force</key>
<array>
<dict>
<key>Arch</key>
<string>Any</string>
<key>BundlePath</key>
<string>System/Library/Extensions/IONetworkingFamily.kext</string>
<key>Comment</key>
<string>Patch engine</string>
<key>Enabled</key>
<false/>
<key>Identifier</key>
<string>com.apple.iokit.IONetworkingFamily</string>
<key>ExecutablePath</key>
<string>Contents/MacOS/IONetworkingFamily</string>
<key>MaxKernel</key>
<string>13.99.99</string>
<key>MinKernel</key>
<string></string>
<key>PlistPath</key>
<string>Contents/Info.plist</string>
</dict>
</array>
<key>Patch</key>
<array>
<dict>
<key>Base</key>
<string>_cpu_topology_sort</string>
<key>Comment</key>
<string>algrey - cpu_topology_sort -disable _x86_validate_topology</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<true/>
<key>Find</key>
<data>
6AAA//8=
</data>
<key>Identifier</key>
<string>kernel</string>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data>
/wAA//8=
</data>
<key>MaxKernel</key>
<string>20.99.99</string>
<key>MinKernel</key>
<string>17.0.0</string>
<key>Replace</key>
<data>
Dx9EAAA=
</data>
<key>ReplaceMask</key>
<data>
</data>
<key>Skip</key>
<integer>0</integer>
</dict>
<dict>
<key>Base</key>
<string></string>
<key>Comment</key>
<string>algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN</string>
<key>Count</key>
<integer>1</integer>
<key>Enabled</key>
<true/>
<key>Find</key>
<data>
MduAPQAAAAAGdQA=
</data>
<key>Identifier</key>
<string>kernel</string>
<key>Limit</key>
<integer>0</integer>
<key>Mask</key>
<data>
/////wAAAP///wA=
</data>
<key>MaxKernel</key>
<string>20.99.99</string>
<key>MinKernel</key>
<string>17.0.0</string>
<key>Replace</key>
<data>
u7xP6njpXQAAAJA=
</data>
<key>ReplaceMask</key>
<data>
</data>
<key>Skip</key>
<integer>0</integer>
</dict>
</array>
<key>Quirks</key>
<dict>
<key>AppleCpuPmCfgLock</key>
<false/>
<key>AppleXcpmCfgLock</key>
<false/>
<key>AppleXcpmExtraMsrs</key>
<false/>
<key>AppleXcpmForceBoost</key>
<false/>
<key>CustomSMBIOSGuid</key>
<false/>
<key>DisableIoMapper</key>
<false/>
<key>DisableLinkeditJettison</key>
<true/>
<key>DisableRtcChecksum</key>
<false/>
<key>DummyPowerManagement</key>
<true/>
<key>ExternalDiskIcons</key>
<false/>
<key>IncreasePciBarSize</key>
<false/>
<key>LapicKernelPanic</key>
<false/>
<key>PanicNoKextDump</key>
<false/>
<key>PowerTimeoutKernelPanic</key>
<false/>
<key>ThirdPartyDrives</key>
<false/>
<key>XhciPortLimit</key>
<false/>
</dict>
<key>Scheme</key>
<dict>
<key>FuzzyMatch</key>
<true/>
<key>KernelArch</key>
<string>x86_64</string>
<key>KernelCache</key>
<string>Auto</string>
</dict>
</dict>
<key>Misc</key>
<dict>
<key>BlessOverride</key>
<array/>
<key>Boot</key>
<dict>
<key>ConsoleAttributes</key>
<integer>0</integer>
<key>HibernateMode</key>
<string>Auto</string>
<key>HideAuxiliary</key>
<false/>
<key>PickerAttributes</key>
<integer>1</integer>
<key>PickerAudioAssist</key>
<false/>
<key>PickerMode</key>
<string>External</string>
<key>PollAppleHotKeys</key>
<true/>
<key>ShowPicker</key>
<false/>
<key>TakeoffDelay</key>
<integer>0</integer>
<key>Timeout</key>
<integer>0</integer>
</dict>
<key>Debug</key>
<dict>
<key>AppleDebug</key>
<false/>
<key>ApplePanic</key>
<false/>
<key>DisableWatchDog</key>
<false/>
<key>DisplayDelay</key>
<integer>0</integer>
<key>DisplayLevel</key>
<integer>2147483650</integer>
<key>SerialInit</key>
<false/>
<key>SysReport</key>
<false/>
<key>Target</key>
<integer>3</integer>
</dict>
<key>Entries</key>
<array/>
<key>Security</key>
<dict>
<key>AllowNvramReset</key>
<true/>
<key>AllowSetDefault</key>
<false/>
<key>ApECID</key>
<integer>0</integer>
<key>AuthRestart</key>
<false/>
<key>BootProtect</key>
<string>None</string>
<key>DmgLoading</key>
<string>Signed</string>
<key>EnablePassword</key>
<false/>
<key>ExposeSensitiveData</key>
<integer>6</integer>
<key>HaltLevel</key>
<integer>2147483648</integer>
<key>PasswordHash</key>
<data></data>
<key>PasswordSalt</key>
<data></data>
<key>ScanPolicy</key>
<integer>0</integer>
<key>SecureBootModel</key>
<string>Disabled</string>
<key>Vault</key>
<string>Optional</string>
</dict>
<key>Tools</key>
<array>
<dict>
<key>Arguments</key>
<string></string>
<key>Auxiliary</key>
<false/>
<key>Comment</key>
<string>Not signed for security reasons</string>
<key>Enabled</key>
<true/>
<key>Name</key>
<string>UEFI Shell</string>
<key>Path</key>
<string>OpenShell.efi</string>
</dict>
<dict>
<key>Arguments</key>
<string>Shutdown</string>
<key>Auxiliary</key>
<true/>
<key>Comment</key>
<string>Perform shutdown</string>
<key>Enabled</key>
<true/>
<key>Name</key>
<string>Shutdown</string>
<key>Path</key>
<string>ResetSystem.efi</string>
</dict>
</array>
</dict>
<key>NVRAM</key>
<dict>
<key>Add</key>
<dict>
<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
<dict>
<key>DefaultBackgroundColor</key>
<data>AAAAAA==</data>
<key>UIScale</key>
<data>AQ==</data>
</dict>
<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
<dict>
<key>rtc-blacklist</key>
<data></data>
</dict>
<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
<dict>
<key>SystemAudioVolume</key>
<data>Rg==</data>
<key>boot-args</key>
<string>-v keepsyms=1 tlbto_us=0 vti=9 {{KERNEL_ARGS}}</string>
<key>run-efi-updater</key>
<string>No</string>
<key>csr-active-config</key>
<data>ZwAAAA==</data>
<key>prev-lang:kbd</key>
<data>ZW4tVVM6MA==</data>
</dict>
</dict>
<key>Delete</key>
<dict>
<key>4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14</key>
<array>
<string>UIScale</string>
<string>DefaultBackgroundColor</string>
</array>
<key>4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102</key>
<array>
<string>rtc-blacklist</string>
</array>
<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
<array>
<string>boot-args</string>
</array>
</dict>
<key>LegacyEnable</key>
<false/>
<key>LegacyOverwrite</key>
<false/>
<key>LegacySchema</key>
<dict>
<key>7C436110-AB2A-4BBB-A880-FE41995C9F82</key>
<array>
<string>EFILoginHiDPI</string>
<string>EFIBluetoothDelay</string>
<string>LocationServicesEnabled</string>
<string>SystemAudioVolume</string>
<string>SystemAudioVolumeDB</string>
<string>SystemAudioVolumeSaved</string>
<string>bluetoothActiveControllerInfo</string>
<string>bluetoothInternalControllerInfo</string>
<string>flagstate</string>
<string>fmm-computer-name</string>
<string>nvda_drv</string>
<string>prev-lang:kbd</string>
</array>
<key>8BE4DF61-93CA-11D2-AA0D-00E098032B8C</key>
<array>
<string>Boot0080</string>
<string>Boot0081</string>
<string>Boot0082</string>
<string>BootNext</string>
<string>BootOrder</string>
</array>
</dict>
<key>WriteFlash</key>
<true/>
</dict>
<key>PlatformInfo</key>
<dict>
<key>Automatic</key>
<true/>
<key>Generic</key>
<dict>
<key>AdviseWindows</key>
<false/>
<key>MLB</key>
<string>{{BOARD_SERIAL_OLD}}</string>
<key>ROM</key>
<data>
{{ROM}}
</data>
<key>SpoofVendor</key>
<true/>
<key>SystemProductName</key>
<string>{{DEVICE_MODEL}}</string>
<key>SystemSerialNumber</key>
<string>{{SERIAL_OLD}}</string>
<key>SystemUUID</key>
<string>{{SYSTEM_UUID_OLD}}</string>
</dict>
<key>UpdateDataHub</key>
<true/>
<key>UpdateNVRAM</key>
<true/>
<key>UpdateSMBIOS</key>
<true/>
<key>UpdateSMBIOSMode</key>
<string>Create</string>
</dict>
<key>UEFI</key>
<dict>
<key>APFS</key>
<dict>
<key>EnableJumpstart</key>
<true/>
<key>GlobalConnect</key>
<false/>
<key>HideVerbose</key>
<false/>
<key>JumpstartHotPlug</key>
<true/>
<key>MinDate</key>
<integer>0</integer>
<key>MinVersion</key>
<integer>0</integer>
</dict>
<key>Audio</key>
<dict>
<key>AudioCodec</key>
<integer>0</integer>
<key>AudioDevice</key>
<string>PciRoot(0x1)/Pci(0x1,0x0)/Pci(0x0,0x1)</string>
<key>AudioOut</key>
<integer>0</integer>
<key>AudioSupport</key>
<false/>
<key>MinimumVolume</key>
<integer>20</integer>
<key>PlayChime</key>
<false/>
<key>VolumeAmplifier</key>
<integer>0</integer>
</dict>
<key>ConnectDrivers</key>
<true/>
<key>Drivers</key>
<array>
<string>VBoxHfs.efi</string>
<string>OpenRuntime.efi</string>
<string>OpenCanopy.efi</string>
<string>#AudioDxe.efi</string>
<string>#OpenUsbKbDxe.efi</string>
<string>#UsbMouseDxe.efi</string>
<string>#Ps2KeyboardDxe.efi</string>
<string>#Ps2MouseDxe.efi</string>
<string>#HiiDatabase.efi</string>
<string>#NvmExpressDxe.efi</string>
<string>#XhciDxe.efi</string>
<string>#ExFatDxe.efi</string>
<string>#PartitionDxe.efi</string>
<string>#CrScreenshotDxe.efi</string>
</array>
<key>Input</key>
<dict>
<key>KeyFiltering</key>
<false/>
<key>KeyForgetThreshold</key>
<integer>5</integer>
<key>KeyMergeThreshold</key>
<integer>2</integer>
<key>KeySupport</key>
<true/>
<key>KeySupportMode</key>
<string>Auto</string>
<key>KeySwap</key>
<false/>
<key>PointerSupport</key>
<false/>
<key>PointerSupportMode</key>
<string>ASUS</string>
<key>TimerResolution</key>
<integer>50000</integer>
</dict>
<key>Output</key>
<dict>
<key>ClearScreenOnModeSwitch</key>
<false/>
<key>ConsoleMode</key>
<string></string>
<key>DirectGopRendering</key>
<false/>
<key>IgnoreTextInGraphics</key>
<false/>
<key>ProvideConsoleGop</key>
<true/>
<key>ReconnectOnResChange</key>
<false/>
<key>ReplaceTabWithSpace</key>
<false/>
<key>Resolution</key>
<string>1920x1080@32</string>
<key>SanitiseClearScreen</key>
<false/>
<key>TextRenderer</key>
<string>BuiltinGraphics</string>
<key>UgaPassThrough</key>
<false/>
</dict>
<key>ProtocolOverrides</key>
<dict>
<key>AppleAudio</key>
<false/>
<key>AppleBootPolicy</key>
<false/>
<key>AppleDebugLog</key>
<false/>
<key>AppleEvent</key>
<false/>
<key>AppleFramebufferInfo</key>
<false/>
<key>AppleImageConversion</key>
<false/>
<key>AppleImg4Verification</key>
<false/>
<key>AppleKeyMap</key>
<false/>
<key>AppleRtcRam</key>
<false/>
<key>AppleSecureBoot</key>
<false/>
<key>AppleSmcIo</key>
<false/>
<key>AppleUserInterfaceTheme</key>
<false/>
<key>DataHub</key>
<false/>
<key>DeviceProperties</key>
<false/>
<key>FirmwareVolume</key>
<false/>
<key>HashServices</key>
<false/>
<key>OSInfo</key>
<false/>
<key>UnicodeCollation</key>
<false/>
</dict>
<key>Quirks</key>
<dict>
<key>ExitBootServicesDelay</key>
<integer>0</integer>
<key>IgnoreInvalidFlexRatio</key>
<false/>
<key>ReleaseUsbOwnership</key>
<false/>
<key>RequestBootVarRouting</key>
<true/>
<key>TscSyncTimeout</key>
<integer>0</integer>
<key>UnblockFsConnect</key>
<true/>
<key>ConnectDrivers</key>
<true/>
</dict>
</dict>
</dict>
</plist>

9
custom/generate-specific-bootdisk.sh
View File

@ -24,7 +24,6 @@ Required options:
Optional options:
--width <integer> Resolution x axis length in px, default 1920
--height <integer> Resolution y axis length in px, default 1080
--kernel-args <string> Additional boot-args
--input-plist-url <url> Specify an alternative master plist, via URL
--master-plist-url <url> Same as above.
--custom-plist <filename> Optionally change the input plist.
@ -194,12 +193,12 @@ done
download_qcow_efi_folder () {
export EFI_FOLDER=./OpenCore/EFI
export EFI_FOLDER=./OpenCore-Catalina/EFI
export RESOURCES_FOLDER=./resources/OcBinaryData/Resources
# check if we are inside OSX-KVM already
# if not, download OSX-KVM locally
[ -d ./OpenCore/EFI/ ] || {
[ -d ./OpenCore-Catalina/EFI/ ] || {
[ -d ./OSX-KVM/ ] || git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git
export EFI_FOLDER="./OSX-KVM/${EFI_FOLDER}"
}
@ -253,7 +252,6 @@ generate_bootdisk () {
-e s/\{\{ROM\}\}/"${ROM}"/g \
-e s/\{\{WIDTH\}\}/"${WIDTH:-1920}"/g \
-e s/\{\{HEIGHT\}\}/"${HEIGHT:-1080}"/g \
-e s/\{\{KERNEL_ARGS\}\}/"${KERNEL_ARGS:-}"/g \
"${MASTER_PLIST}" > ./tmp.config.plist || exit 1
else
cat <<EOF && exit 1
@ -265,11 +263,8 @@ Error: one of the following values is missing:
--uuid "${UUID:-MISSING}"
--mac-address "${MAC_ADDRESS:-MISSING}"
Optional:
--width "${WIDTH:-1920}"
--height "${HEIGHT:-1080}"
--kernel-args "${KERNEL_ARGS:-}"
EOF
fi

20
custom/generate-unique-machine-values.sh
View File

@ -22,7 +22,6 @@ General options:
--output-dir <directory> Optionally change the script output location
--width <string> Resolution x axis length in px, default 1920
--height <string> Resolution y axis length in px, default 1080
--kernel-args <string> Additional boot-args
--input-plist-url <url> Specify an alternative master plist, via URL
--master-plist-url <url> Same as above.
--custom-plist <filename> Optionally change the input plist.
@ -39,7 +38,7 @@ Additional options only if you are creating ONE serial set:
Custom plist placeholders:
{{DEVICE_MODEL}}, {{SERIAL}}, {{BOARD_SERIAL}},
{{UUID}}, {{ROM}}, {{WIDTH}}, {{HEIGHT}}, {{KERNEL_ARGS}}
{{UUID}}, {{ROM}}, {{WIDTH}}, {{HEIGHT}}
Example:
./generate-unique-machine-values.sh --count 1 --plists --bootdisks --envs
@ -227,12 +226,12 @@ download_vendor_mac_addresses () {
download_qcow_efi_folder () {
export EFI_FOLDER=./OpenCore/EFI
export EFI_FOLDER=./OpenCore-Catalina/EFI
export RESOURCES_FOLDER=./resources/OcBinaryData/Resources
# check if we are inside OSX-KVM already
# if not, download OSX-KVM locally
[ -d ./OpenCore/EFI/ ] || {
[ -d ./OpenCore-Catalina/EFI/ ] || {
[ -d ./OSX-KVM/ ] || git clone --recurse-submodules --depth 1 https://github.com/kholia/OSX-KVM.git
export EFI_FOLDER="./OSX-KVM/${EFI_FOLDER}"
}
@ -290,14 +289,14 @@ generate_serial_sets () {
# append to csv file
tee -a "${CSV_SERIAL_SETS_FILE}" <<EOF
"${DEVICE_MODEL}","${SERIAL}","${BOARD_SERIAL}","${UUID}","${MAC_ADDRESS}","${WIDTH}","${HEIGHT}","${KERNEL_ARGS}"
"${DEVICE_MODEL}","${SERIAL}","${BOARD_SERIAL}","${UUID}","${MAC_ADDRESS}","${WIDTH}","${HEIGHT}"
EOF
echo "Wrote CSV to: ${CSV_SERIAL_SETS_FILE}"
# append to tsv file
T=$'\t'
tee -a "${TSV_SERIAL_SETS_FILE}" <<EOF
${DEVICE_MODEL}${T}${SERIAL}${T}${BOARD_SERIAL}${T}${UUID}${T}${MAC_ADDRESS}${T}${WIDTH}${T}${HEIGHT}${T}${KERNEL_ARGS}
${DEVICE_MODEL}${T}${SERIAL}${T}${BOARD_SERIAL}${T}${UUID}${T}${MAC_ADDRESS}${T}${WIDTH}${T}${HEIGHT}
EOF
echo "Wrote TSV to: ${TSV_SERIAL_SETS_FILE}"
@ -336,8 +335,8 @@ EOF
mkdir -p "${OUTPUT_DIRECTORY}/plists"
source "${OUTPUT_ENV_FILE}"
ROM="${MAC_ADDRESS//\:/}"
ROM="${ROM,,}"
ROM_VALUE="${MAC_ADDRESS//\:/}"
ROM_VALUE="${ROM_VALUE,,}"
sed -e s/\{\{DEVICE_MODEL\}\}/"${DEVICE_MODEL}"/g \
-e s/\{\{SERIAL\}\}/"${SERIAL}"/g \
-e s/\{\{BOARD_SERIAL\}\}/"${BOARD_SERIAL}"/g \
@ -345,7 +344,6 @@ EOF
-e s/\{\{ROM\}\}/"${ROM}"/g \
-e s/\{\{WIDTH\}\}/"${WIDTH}"/g \
-e s/\{\{HEIGHT\}\}/"${HEIGHT}"/g \
-e s/\{\{KERNEL_ARGS\}\}/"${KERNEL_ARGS:-}"/g \
"${MASTER_PLIST}" > "${OUTPUT_DIRECTORY}/plists/${SERIAL}.config.plist" || exit 1
fi
@ -363,11 +361,11 @@ EOF
done
[ -e "${CSV_SERIAL_SETS_FILE}" ] && \
cat <(echo "DEVICE_MODEL,SERIAL,BOARD_SERIAL,UUID,MAC_ADDRESS,WIDTH,HEIGHT,KERNEL_ARGS") "${CSV_SERIAL_SETS_FILE}"
cat <(echo "DEVICE_MODEL,SERIAL,BOARD_SERIAL,UUID,MAC_ADDRESS,WIDTH,HEIGHT") "${CSV_SERIAL_SETS_FILE}"
[ -e "${TSV_SERIAL_SETS_FILE}" ] && \
cat <(printf "DEVICE_MODEL\tSERIAL\tBOARD_SERIAL\tUUID\tMAC_ADDRESS\tWIDTH\tHEIGHT\tKERNEL_ARGS\n") "${TSV_SERIAL_SETS_FILE}"
cat <(printf "DEVICE_MODEL\tSERIAL\tBOARD_SERIAL\tUUID\tMAC_ADDRESS\tWIDTH\tHEIGHT\n") "${TSV_SERIAL_SETS_FILE}"
}

4
custom/opencore-image-ng.sh
View File

@ -133,7 +133,7 @@ fish part-add /dev/sda p 302048 -2048
fish part-set-gpt-type /dev/sda 1 C12A7328-F81F-11D2-BA4B-00A0C93EC93B
fish part-set-bootable /dev/sda 1 true
fish mkfs vfat /dev/sda1 label:EFI
fish mkfs vfat /dev/sda2 label:OpenCore
fish mkfs vfat /dev/sda2 label:OpenCoreBoo
fish mount /dev/sda2 /
fish mkdir /ESP
fish mount /dev/sda1 /ESP
@ -151,7 +151,7 @@ fish copy-in $WORK/EFI/OC/OpenCore.efi /ESP/EFI/OC
fish copy-in $WORK/EFI/OC/Drivers /ESP/EFI/OC/
fish copy-in $WORK/EFI/OC/Kexts /ESP/EFI/OC/
fish copy-in $WORK/EFI/OC/ACPI /ESP/EFI/OC/
fish copy-in $BASE/resources/OcBinaryData/Resources /ESP/EFI/OC/
fish copy-in $WORK/EFI/OC/Resources /ESP/EFI/OC/
fish copy-in $WORK/EFI/OC/Tools /ESP/EFI/OC/
# Note

14
discord-logo.svg
View File

@ -1,14 +0,0 @@
<!-- animated SVG is from https://github.com/NNTin/discord-logo -->
<svg width="90" height="90" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" class="discord-logo-container" viewBox="0 0 48 48">
<defs>
<g>
<path id="discord-logo" d="m40,12c0,0 -4.585,-3.588 -10,-4l-0.488,0.976c4.896,1.198 7.142,2.915 9.488,5.024c-4.045,-2.065 -8.039,-4 -15,-4s-10.955,1.935 -15,4c2.346,-2.109 5.018,-4.015 9.488,-5.024l-0.488,-0.976c-5.681,0.537 -10,4 -10,4s-5.121,7.425 -6,22c5.162,5.953 13,6 13,6l1.639,-2.185c-2.782,-0.967 -5.924,-2.694 -8.639,-5.815c3.238,2.45 8.125,5 16,5s12.762,-2.55 16,-5c-2.715,3.121 -5.857,4.848 -8.639,5.815l1.639,2.185c0,0 7.838,-0.047 13,-6c-0.879,-14.575 -6,-22 -6,-22zm-22.5,18c-1.933,0 -3.5,-1.791 -3.5,-4c0,-2.209 1.567,-4 3.5,-4s3.5,1.791 3.5,4c0,2.209 -1.567,4 -3.5,4zm13,0c-1.933,0 -3.5,-1.791 -3.5,-4c0,-2.209 1.567,-4 3.5,-4s3.5,1.791 3.5,4c0,2.209 -1.567,4 -3.5,4z" />
</g>
</defs>
<g class="discord-logo">
<use class="discord-original" href="#discord-logo">
</use>
<animateTransform attributeName="transform" type="rotate" values="0 24 24;-18 24 24;16.8 24 24;-11.4 24 24;8.7 24 24;-7.5 24 24;6 24 24;-4.8 24 24;3.79 24 24;-3.12 24 24;2.52 24 24;-2.01 24 24;1.56 24 24;-1.2 24 24;0.96 24 24;-0.75 24 24;0.6 24 24;-0.48 24 24;0.384 24 24;0 24 24;0 24 24;0 24 24;0 24 24;0 24 24;0 24 24" begin="0s" dur="2s" fill="freeze" repeatCount="indefinite" />
</g>
<animate fill="freeze" dur="0000ms" begin="0s" values="#17f018;#000000;#17f018;#000000;#17f018;#000000;#17f018;#000000;#17f018" calMode="linear" attributeName="fill" repeatCount="indefinite" />
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1.6 KiB

4
fetch-macOS.py
View File

@ -87,8 +87,8 @@ class ReplicationError(Exception):
def cmd_exists(cmd):
return subprocess.Popen("type " + cmd, shell=True,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
return subprocess.call("type " + cmd, shell=True,
stdout=subprocess.PIPE, stderr=subprocess.PIPE) == 0
def replicate_url(full_url,

10
helm/README.md
View File

@ -33,11 +33,11 @@ This installs `docker-osx` in Kubernetes.
## Requirements
* Install [host machine requirements](#INSTALL-QEMU-AND-GPU-IOMMU.md)
* Ensure you are running QEMU 5.X
* Kubernetes
* Helm v2
* `sickcodes/docker-osx-vnc` Docker image
*) Install [host machine requirements](#INSTALL-QEMU-AND-GPU-IOMMU.md)
*) Ensure you are running QEMU 5.X
*) Kubernetes
*) Helm v2
*) `sickcodes/docker-osx-vnc` Docker image
### Build `sickcodes/docker-osx-vnc`

2
osx-serial-generator

Submodule osx-serial-generator updated: 908b3d687a...1d7425a7fa

92
scripts/apply_appleid_kernelpatch.py
View File

@ -1,92 +0,0 @@
#!/usr/bin/env python3
import plistlib
import base64
import os
import sys
def add_kernel_patches(config_path):
# Make a backup of the original file
backup_path = config_path + '.backup'
os.system(f'cp "{config_path}" "{backup_path}"')
print(f"Backup created at {backup_path}")
# Read the plist file
with open(config_path, 'rb') as f:
config = plistlib.load(f)
# Prepare the patch entries
patch1 = {
'Arch': 'x86_64',
'Base': '',
'Comment': 'Sonoma VM BT Enabler - PART 1 of 2 - Patch kern.hv_vmm_present=0',
'Count': 1,
'Enabled': True,
'Find': base64.b64decode('aGliZXJuYXRlaGlkcmVhZHkAaGliZXJuYXRlY291bnQA'),
'Identifier': 'kernel',
'Limit': 0,
'Mask': b'',
'MaxKernel': '',
'MinKernel': '20.4.0',
'Replace': base64.b64decode('aGliZXJuYXRlaGlkcmVhZHkAaHZfdm1tX3ByZXNlbnQA'),
'ReplaceMask': b'',
'Skip': 0,
}
patch2 = {
'Arch': 'x86_64',
'Base': '',
'Comment': 'Sonoma VM BT Enabler - PART 2 of 2 - Patch kern.hv_vmm_present=0',
'Count': 1,
'Enabled': True,
'Find': base64.b64decode('Ym9vdCBzZXNzaW9uIFVVSUQAaHZfdm1tX3ByZXNlbnQA'),
'Identifier': 'kernel',
'Limit': 0,
'Mask': b'',
'MaxKernel': '',
'MinKernel': '22.0.0',
'Replace': base64.b64decode('Ym9vdCBzZXNzaW9uIFVVSUQAaGliZXJuYXRlY291bnQA'),
'ReplaceMask': b'',
'Skip': 0,
}
# Add patches to the kernel patch section
if 'Kernel' in config and 'Patch' in config['Kernel']:
# Check if patches already exist
patch_exists = False
for patch in config['Kernel']['Patch']:
if isinstance(patch, dict) and 'Comment' in patch:
if 'Sonoma VM BT Enabler' in patch['Comment']:
patch_exists = True
print(f"Patch already exists: {patch['Comment']}")
if not patch_exists:
config['Kernel']['Patch'].append(patch1)
config['Kernel']['Patch'].append(patch2)
print("Added both Sonoma VM BT Enabler patches to config.plist")
else:
print("Error: Could not find Kernel -> Patch section in config.plist")
return False
# Write the updated plist file
with open(config_path, 'wb') as f:
plistlib.dump(config, f)
print(f"Successfully updated {config_path}")
return True
if __name__ == "__main__":
if len(sys.argv) != 2:
print("Usage: python apply_appleid_kernelpatch.py /path/to/config.plist")
sys.exit(1)
config_path = sys.argv[1]
if not os.path.exists(config_path):
print(f"Error: File {config_path} does not exist")
sys.exit(1)
success = add_kernel_patches(config_path)
if success:
print("Patches applied successfully. Please reboot to apply changes.")
else:
print("Failed to apply patches.")

BIN
tests/big-sur_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 196 KiB

71
tests/boot-images.sh
View File

@ -1,71 +0,0 @@
#!/bin/bash
# Author: Sick.Codes https://twitter.com/sickcodes
# Contact: https://github.com/sickcodes, https://sick.codes
# Copyright: sickcodes (C) 2021
# License: GPLv3+
# Title: Docker-OSX (Mac on Docker)
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
#
# Status: Used internally to run each image and take screenshots until they match the pngs in this folder.
#
# note to self: # to get master images, boot each image, then screen shot using DISPLAY=:99 in the test.sh script
# scrot -o high-sierra_master.png
# scrot -o mojave_master.png
# scrot -o catalina_master.png
# scrot -o big-sur_master.png
# scrot -o monterey_master.png
# scrot -o ventura_master.png
# scrot --overwrite --display :99 --file ~/${TEST}.png
# pull off remote server to the tests folder
# REMOTE_SERVER=
# scp root@"${REMOTE_SERVER}":~/*_master.png .
export DISPLAY=:99
TESTS=(
high-sierra
mojave
catalina
big-sur
monterey
ventura
sonoma
)
# test each docker image to see if they boot to their unique respective installation screens.
for TEST in "${TESTS[@]}"; do
# run the image detached
docker run --rm -d \
--device /dev/kvm \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=:99" \
"sickcodes/docker-osx:${TEST}"
# imcat the expected test screenshot to ./"${TEST}_master.txt"
imcat ~/Docker-OSX/tests/${TEST}_master.png > ./"${TEST}_master.txt"
# run until the screen matches the expected screen
while :; do
sleep 5
# screenshot the Xvfb
scrotcat > ./"${TEST}.txt"
# diff the low res txt files created from imcat
diff "./${TEST}.txt" ./"${TEST}_master.txt" && break
scrotcat
done
# kill any containers
docker kill "$(docker ps --format "{{.ID}}")"
# ensure all containers are dead
until [[ "$(docker ps | wc -l)" = 1 ]]; do
sleep 1
docker ps | xargs docker kill
done
done
exit 0

BIN
tests/catalina_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 316 KiB

BIN
tests/high-sierra_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 328 KiB

BIN
tests/mojave_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 316 KiB

BIN
tests/monterey_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 194 KiB

BIN
tests/sonoma_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 132 KiB

166
tests/test.sh
View File

@ -1,4 +1,4 @@
#!/usr/bin/bash
#!/usr/bin/docker
# ____ __ ____ ______ __
# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ /
# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| /
@ -12,7 +12,7 @@
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
#
# Status: Used internally to auto build, run and test images on DO.
# Status: Work in progress.
#
help_text="Usage: ./test.sh --branch <string> --repo <string>
@ -120,47 +120,18 @@ NO_CACHE="${NO_CACHE:=--no-cache}"
TEST_BUILDS=(
'docker-osx:naked'
'docker-osx:naked-auto'
'docker-osx:auto'
'docker-osx:latest'
'docker-osx:naked'
'docker-osx:big-sur'
'docker-osx:auto'
#'docker-osx:auto-big-sur'
)
TEST_BUILDS=(
'docker-osx:naked'
'docker-osx:naked-auto'
'docker-osx:auto'
)
VERSION_BUILDS=(
'high-sierra'
'mojave'
'catalina'
'big-sur'
'monterey'
'ventura'
'sonoma'
)
warning () {
clear
for j in {15..1}; do
echo "############# WARNING: THIS SCRIPT IS NOT INTENDED FOR USE BY ################"
echo "############# IT IS USED BY THE PROJECT TO BUILD AND PUSH TO DOCKERHUB #######"
echo ""
echo " Press Ctrl C to stop. "
MAX_COLS=$((${COLUMNS}/2))
printf "$j %.0s" {1..20}
echo
sleep 1
done
}
install_docker () {
apt remove docker docker-engine docker.io containerd runc -y \
; apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
&& apt-key fingerprint 0EBFCD88 \
&& > /etc/apt/sources.list.d/docker.list \
&& add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
&& apt update -y \
&& apt install docker-ce docker-ce-cli containerd.io -y \
@ -201,7 +172,7 @@ install_scrotcat () {
make -C ./imcat
sudo cp ./imcat/imcat /usr/bin/imcat
touch /usr/bin/scrotcat
tee /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)'
tee -a /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)'
chmod +x /usr/bin/scrotcat
}
@ -223,13 +194,25 @@ enable_kvm () {
echo 1 | tee /sys/module/kvm/parameters/ignore_msrs
}
clone_repo () {
git clone --branch="${1}" "${2}" Docker-OSX
}
docker-osx:latest () {
docker build ${NO_CACHE} \
--build-arg BRANCH="${BRANCH}" \
--build-arg RANKMIRRORS=true \
--build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-f ./Dockerfile \
-t docker-osx:latest .
docker tag docker-osx:latest sickcodes/docker-osx:latest
}
docker-osx:naked () {
docker build ${NO_CACHE} \
--squash \
--build-arg RANKMIRRORS=true \
--build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-f ./Dockerfile.naked \
@ -237,14 +220,15 @@ docker-osx:naked () {
docker tag docker-osx:naked sickcodes/docker-osx:naked
}
docker-osx:naked-auto () {
docker-osx:big-sur () {
docker build ${NO_CACHE} \
--squash \
--build-arg VERSION=11 \
--build-arg RANKMIRRORS=true \
--build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-f ./Dockerfile.naked-auto \
-t docker-osx:naked-auto .
docker tag docker-osx:naked-auto sickcodes/docker-osx:naked-auto
-f ./Dockerfile \
-t docker-osx:big-sur .
docker tag docker-osx:big-sur sickcodes/docker-osx:big-sur
}
docker-osx:auto () {
@ -256,35 +240,17 @@ docker-osx:auto () {
docker tag docker-osx:auto sickcodes/docker-osx:auto
}
# docker-osx:auto-big-sur () {
# docker build ${NO_CACHE} \
# --build-arg RANKMIRRORS=true \
# --build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
# --build-arg IMAGE_URL='https://images.sick.codes/mac_hdd_ng_auto_big_sur.img' \
# -f ./Dockerfile.auto \
# -t docker-osx:auto-big-sur .
# docker tag docker-osx:auto-big-sur sickcodes/docker-osx:auto-big-sur
# }
docker-osx:version () {
SHORTNAME="${1}"
docker-osx:auto-big-sur () {
docker build ${NO_CACHE} \
--build-arg BRANCH="${BRANCH}" \
--build-arg RANKMIRRORS=true \
--build-arg SHORTNAME="${SHORTNAME}" \
--build-arg MIRROR_COUNTRY="${MIRROR_COUNTRY}" \
-f ./Dockerfile \
-t "docker-osx:${SHORTNAME}" .
docker tag "docker-osx:${SHORTNAME}" "sickcodes/docker-osx:${SHORTNAME}"
--build-arg IMAGE_URL='https://images.sick.codes/mac_hdd_ng_auto_big_sur.img' \
-f ./Dockerfile.auto \
-t docker-osx:auto-big-sur .
docker tag docker-osx:auto-big-sur sickcodes/docker-osx:auto-big-sur
}
reset_docker_hard () {
tee /etc/docker/daemon.json <<'EOF'
{
"experimental": true
}
EOF
systemctl disable --now docker
systemctl disable --now docker.socket
systemctl stop docker
@ -293,55 +259,41 @@ EOF
systemctl enable --now docker
}
warning
tee -a ~/.bashrc <<EOF
tee -a ~/.bashrc <<EOF ; true &&
export DEBIAN_FRONTEND=noninteractive
export TZ=UTC
EOF
export DEBIAN_FRONTEND=noninteractive
export TZ=UTC
ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime
tee -a /etc/timezone <<< "${TZ}"
apt update -y
apt-get install keyboard-configuration -y
docker -v | grep '\ 20\.\|\ 19\.' || install_docker
yes | apt install -y --no-install-recommends tzdata -y
install_scrotcat
yes | install_vnc
export_display_99
apt install xvfb -y
start_xvfb
# start_vnc
enable_kvm
reset_docker_hard
# echo killall Xvfb
clone_repo "${BRANCH}" "${REPO}"
cd ./Docker-OSX
git pull
for SHORTNAME in "${VERSION_BUILDS[@]}"; do
docker-osx:version "${SHORTNAME}"
done
docker tag docker-osx:catalina sickcodes/docker-osx:latest
for TEST_BUILD in "${TEST_BUILDS[@]}"; do
export DEBIAN_FRONTEND=noninteractive \
; export TZ=UTC \
; ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime \
; tee -a /etc/timezone <<< "${TZ}" \
; apt update -y \
; apt-get install keyboard-configuration -y \
; docker -v | grep '\ 20\.\|\ 19\.' || install_docker \
; yes | apt install -y --no-install-recommends tzdata -y \
; install_scrotcat \
; yes | install_vnc \
; export_display_99 \
; echo start_xvfb \
; start_vnc \
; enable_kvm \
; echo reset_docker_hard \
; echo killall Xvfb \
; clone_repo "${BRANCH}" "${REPO}" \
; cd Docker-OSX \
; for TEST_BUILD in "${TEST_BUILDS[@]}"; do
"${TEST_BUILD}"
done
# boot each image and test
bash ./tests/boot-images.sh || exit 1
done \
&& touch COMPLETED
if [[ "${DOCKER_USERNAME}" ]] && [[ "${DOCKER_PASSWORD}" ]]; then
docker login --username "${DOCKER_USERNAME}" --password "${DOCKER_PASSWORD}" \
&& for SHORTNAME in "${VERSION_BUILDS[@]}"; do
docker push "sickcodes/docker-osx:${SHORTNAME}"
done \
&& docker push sickcodes/docker-osx:latest \
&& docker push sickcodes/docker-osx:big-sur \
&& docker push sickcodes/docker-osx:naked \
&& docker push sickcodes/docker-osx:auto \
&& docker push sickcodes/docker-osx:auto-big-sur \
&& touch PUSHED
docker push sickcodes/docker-osx:naked
docker push sickcodes/docker-osx:auto
docker push sickcodes/docker-osx:naked-auto
fi
# connect remotely to your server to use VNC

BIN
tests/ventura_master.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 194 KiB

25
vnc-version/Dockerfile
View File

@ -70,8 +70,7 @@
# VNC Version
# Let's piggyback the other image:
ARG BASE_IMAGE=sickcodes/docker-osx:latest
FROM ${BASE_IMAGE}
FROM sickcodes/docker-osx:latest
MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
@ -93,13 +92,10 @@ RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist ; fi
# Fixes issue with invalid GPG keys: update the archlinux-keyring package to get the latest keys, then remove and regenerate gnupg keys
RUN pacman -Sy archlinux-keyring --noconfirm && rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate
USER arch
RUN yes | sudo pacman -Syyuu --noconfirm \
&& yes | sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
RUN sudo pacman -Syyuu --noconfirm \
&& sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
&& mkdir -p ${HOME}/.vnc \
&& touch ~/.vnc/config \
&& tee -a ~/.vnc/config <<< 'geometry=1920x1080' \
@ -125,17 +121,4 @@ RUN printf '\n\n\n\n%s\n%s\n\n\n\n' '===========VNC_PASSWORD========== ' "$(<vnc
WORKDIR /home/arch/OSX-KVM
# DMCA compliant download process
# If BaseSystem.img does not exist, download ${SHORTNAME}
# shortname default is catalina, which means :latest is catalina
ENV SHORTNAME=sonoma
ENV BASESYSTEM_IMAGE=BaseSystem.img
CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
&& make \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
&& rm ./BaseSystem.dmg \
; ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash
CMD ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash

62
vnc-version/Dockerfile.nakedvnc
View File

@ -3,11 +3,11 @@
# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ /
# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| /
# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / |
# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| :NAKEDVNC
# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| :NAKED
#
# Title: Docker-OSX (Mac on Docker)
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 4.4
# Version: 4.3
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
# Website: https://sick.codes
@ -19,19 +19,18 @@
#
# Build:
#
# docker build -t docker-osx:nakedvnc -f Dockerfile.nakedvnc .
# docker build -t docker-osx:naked -f Dockerfile.naked .
#
# Run headless:
#
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image docker-osx:nakedvnc
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image docker-osx:naked
#
# Run with display:
#
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:nakedvnc
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:naked
#
ARG BASE_IMAGE=sickcodes/docker-osx:latest
FROM ${BASE_IMAGE}
FROM sickcodes/docker-osx:latest
MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>
@ -57,6 +56,12 @@ RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist ; fi
# TEMP-FIX for pacman issue
RUN patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for pacman issue
# For taking screenshots of the Xfvb screen, useful during development.
ARG SCROT
@ -77,6 +82,12 @@ RUN pacman -Syu xorg-server-xvfb wget xterm xorg-xhost xorg-xrandr sshpass --noc
; fi \
; yes | pacman -Scc
# TEMP-FIX for pacman issue
RUN patched_glibc=glibc-linux4-2.33-4-x86_64.pkg.tar.zst \
&& curl -LO "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/${patched_glibc}" \
&& bsdtar -C / -xvf "${patched_glibc}" || echo "Everything is fine."
# TEMP-FIX for pacman issue
USER arch
WORKDIR /home/arch/OSX-KVM
@ -95,14 +106,8 @@ RUN mkdir -p ~/.ssh \
ENV ADDITIONAL_PORTS=
# add additional QEMU boot arguments
ENV BOOT_ARGS=
ENV BOOTDISK=
# edit the CPU that is beign emulated
ENV CPU=Penryn
ENV DISPLAY=:99
ENV HEADLESS=false
@ -137,12 +142,8 @@ ENV RAM=8
ENV WIDTH=1920
ENV HEIGHT=1080
# libguestfs verbose
ENV LIBGUESTFS_DEBUG=1
ENV LIBGUESTFS_TRACE=1
CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \
CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" || true \
; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" || true \
; { [[ "${DISPLAY}" = ':99' ]] || [[ "${HEADLESS}" == true ]] ; } && { \
nohup Xvfb :99 -screen 0 1920x1080x16 \
& until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 1 ; done \
@ -162,7 +163,7 @@ CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
--output-env "${ENV:=/env}" \
|| exit 1 ; } \
; } \
; [[ "${GENERATE_SPECIFIC}" == true ]] && { \
source "${ENV:=/env}" 2>/dev/null \
; ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \
@ -175,13 +176,13 @@ CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/
--width "${WIDTH:-1920}" \
--height "${HEIGHT:-1080}" \
--output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2}" \
|| exit 1 ; } \
; } \
# ; ./enable-ssh.sh && /bin/bash -c ./Launch.sh
WORKDIR /home/arch/OSX-KVM
RUN yes | sudo pacman -Syyuu --noconfirm \
&& yes | sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
RUN sudo pacman -Syyuu --noconfirm \
&& sudo pacman -S tigervnc xterm xorg-xhost xdotool ufw --noconfirm \
&& mkdir -p ${HOME}/.vnc \
&& touch ~/.vnc/config \
&& tee -a ~/.vnc/config <<< 'geometry=1920x1080' \
@ -203,18 +204,5 @@ RUN vncpasswd -f < vncpasswd_file > ${HOME}/.vnc/passwd
RUN chmod 600 ~/.vnc/passwd
RUN printf '\n\n\n\n%s\n%s\n\n\n\n' '===========VNC_PASSWORD========== ' "$(<vncpasswd_file)"
# DMCA compliant download process
# If BaseSystem.img does not exist, download ${SHORTNAME}
# shortname default is catalina, which means :latest is catalina
ENV SHORTNAME=sonoma
ENV BASESYSTEM_IMAGE=BaseSystem.img
CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \
&& printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \
&& make \
&& qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \
&& rm ./BaseSystem.dmg \
; ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash
CMD ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash