From 55fe01bb97c112de47653ca0e8afc07c8b05d577 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 26 Sep 2024 07:34:18 +0000 Subject: [PATCH 1/3] DMCA compliance, installer download at runtime --- Dockerfile | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 40accb6..7a67bf0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -162,10 +162,6 @@ WORKDIR /home/arch/OSX-KVM # shortname default is catalina, which means :latest is catalina ARG SHORTNAME=catalina -RUN make \ - && qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \ - && rm ./BaseSystem.dmg - # fix invalid signature on old libguestfs ARG SIGLEVEL=Never @@ -189,7 +185,17 @@ ARG BRANCH=master ARG REPO='https://github.com/sickcodes/Docker-OSX.git' RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH:=master}" "${REPO:=https://github.com/sickcodes/Docker-OSX.git}" -RUN touch Launch.sh \ +# DMCA compliant download process +# If BaseSystem.img does not exist, download $SHORTNAME + +ARG BASESYSTEM_IMAGE=BaseSystem.img + +RUN ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ + && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ + && make \ + && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \ + && rm ./BaseSystem.dmg \ + ; touch Launch.sh \ && chmod +x ./Launch.sh \ && tee -a Launch.sh <<< '#!/bin/bash' \ && tee -a Launch.sh <<< 'set -eux' \ From a1df7c5a65603f622bdfe89805a960f0731cbbee Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 26 Sep 2024 07:47:40 +0000 Subject: [PATCH 2/3] Wrong spot --- Dockerfile | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7a67bf0..0bf600b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -185,17 +185,7 @@ ARG BRANCH=master ARG REPO='https://github.com/sickcodes/Docker-OSX.git' RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH:=master}" "${REPO:=https://github.com/sickcodes/Docker-OSX.git}" -# DMCA compliant download process -# If BaseSystem.img does not exist, download $SHORTNAME - -ARG BASESYSTEM_IMAGE=BaseSystem.img - -RUN ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ - && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ - && make \ - && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \ - && rm ./BaseSystem.dmg \ - ; touch Launch.sh \ +RUN touch Launch.sh \ && chmod +x ./Launch.sh \ && tee -a Launch.sh <<< '#!/bin/bash' \ && tee -a Launch.sh <<< 'set -eux' \ @@ -366,7 +356,17 @@ VOLUME ["/tmp/.X11-unix"] # the default serial numbers are already contained in ./OpenCore/OpenCore.qcow2 # And the default serial numbers -CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ +# DMCA compliant download process +# If BaseSystem.img does not exist, download $SHORTNAME + +ARG BASESYSTEM_IMAGE=BaseSystem.img + +CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ + && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ + && make \ + && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \ + && rm ./BaseSystem.dmg \ + ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; [[ "${NOPICKER}" == true ]] && { \ sed -i '/^.*InstallMedia.*/d' Launch.sh \ From 19915de799a5e4708f308522be0a28ded7c4ae68 Mon Sep 17 00:00:00 2001 From: sickcodes Date: Thu, 26 Sep 2024 16:17:43 +0000 Subject: [PATCH 3/3] `-e SHORTNAME=sonoma` is now a runtime arg, which is DMCA compliant, all images are under `:latest`. --- Dockerfile | 10 +- Dockerfile.auto | 15 +- Dockerfile.monterey | 255 -------------------------------- Dockerfile.naked | 15 +- Dockerfile.naked-auto | 15 +- README.md | 33 +++-- vnc-version/Dockerfile | 15 +- vnc-version/Dockerfile.nakedvnc | 15 +- 8 files changed, 96 insertions(+), 277 deletions(-) delete mode 100644 Dockerfile.monterey diff --git a/Dockerfile b/Dockerfile index 0bf600b..895e4c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -159,9 +159,6 @@ RUN yes | sudo pacman -Syu bc qemu-desktop libvirt dnsmasq virt-manager bridge-u WORKDIR /home/arch/OSX-KVM -# shortname default is catalina, which means :latest is catalina -ARG SHORTNAME=catalina - # fix invalid signature on old libguestfs ARG SIGLEVEL=Never @@ -357,9 +354,12 @@ VOLUME ["/tmp/.X11-unix"] # And the default serial numbers # DMCA compliant download process -# If BaseSystem.img does not exist, download $SHORTNAME +# If BaseSystem.img does not exist, download ${SHORTNAME} + +# shortname default is catalina, which means :latest is catalina +ENV SHORTNAME=sonoma -ARG BASESYSTEM_IMAGE=BaseSystem.img +ENV BASESYSTEM_IMAGE=BaseSystem.img CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ diff --git a/Dockerfile.auto b/Dockerfile.auto index 432d01b..b150892 100644 --- a/Dockerfile.auto +++ b/Dockerfile.auto @@ -206,7 +206,20 @@ ENV TERMS_OF_USE=i_agree ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree" -CMD echo "${BOILERPLATE}" \ +# DMCA compliant download process +# If BaseSystem.img does not exist, download ${SHORTNAME} + +# shortname default is catalina, which means :latest is catalina +ENV SHORTNAME=sonoma + +ENV BASESYSTEM_IMAGE=BaseSystem.img + +CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ + && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ + && make \ + && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \ + && rm ./BaseSystem.dmg \ + ; echo "${BOILERPLATE}" \ ; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; echo "Disk is being copied between layers... Please wait a minute..." \ ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ diff --git a/Dockerfile.monterey b/Dockerfile.monterey deleted file mode 100644 index 6d7718d..0000000 --- a/Dockerfile.monterey +++ /dev/null @@ -1,255 +0,0 @@ -#!/usr/bin/docker -# ____ __ ____ ______ __ -# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ / -# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| / -# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / | -# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| [MONTEREY] -# -# Title: Docker-OSX (Mac on Docker) -# Author: Sick.Codes https://twitter.com/sickcodes -# Version: 6.0 -# License: GPLv3+ -# Repository: https://github.com/sickcodes/Docker-OSX -# Website: https://sick.codes -# -# Notes: Uses a self-hosted BaseSystem.img from a USB installer. -# If you want to DIY, use https://github.com/corpnewt/gibMacOS -# Set seed as developer, and install the Install Assistant on Big Sur -# Burn to a USB, and pull out BaseSystem.img -# Or download from https://images.sick.codes/BaseSystem_Monterey.dmg -# - -FROM sickcodes/docker-osx - -LABEL maintainer='https://twitter.com/sickcodes ' - -SHELL ["/bin/bash", "-c"] - -# change disk size here or add during build, e.g. --build-arg VERSION=10.14.5 --build-arg SIZE=50G -ARG SIZE=200G -ARG BASE_SYSTEM='https://images.sick.codes/BaseSystem_Monterey.dmg' - -WORKDIR /home/arch/OSX-KVM - -RUN wget -O BaseSystem.dmg "${BASE_SYSTEM}" \ - && qemu-img convert BaseSystem.dmg -O qcow2 -p -c BaseSystem.img \ - && rm -f BaseSystem.dmg - -RUN qemu-img create -f qcow2 /home/arch/OSX-KVM/mac_hdd_ng.img "${SIZE}" - -WORKDIR /home/arch/OSX-KVM - -#### libguestfs versioning - -# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6 - -ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux -ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1 -ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1 -ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst -ENV KERNEL_HEADERS_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-headers-5.12.14.arch1-1-x86_64.pkg.tar.zst -ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst - -ARG LINUX=true - -# required to use libguestfs inside a docker container, to create bootdisks for docker-osx on-the-fly -RUN if [[ "${LINUX}" == true ]]; then \ - sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \ - ; sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \ - ; sudo pacman -U "${KERNEL_HEADERS_PACKAGE_URL}" --noconfirm \ - ; sudo pacman -S mkinitcpio --noconfirm \ - ; sudo libguestfs-test-tool \ - ; sudo rm -rf /var/tmp/.guestfs-* \ - ; fi - -#### - - -# optional --build-arg to change branches for testing -ARG BRANCH=master -ARG REPO='https://github.com/sickcodes/Docker-OSX.git' -# RUN git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}" -RUN rm -rf ./Docker-OSX \ - && git clone --recurse-submodules --depth 1 --branch "${BRANCH}" "${REPO}" - -RUN touch Launch.sh \ - && chmod +x ./Launch.sh \ - && tee -a Launch.sh <<< '#!/bin/bash' \ - && tee -a Launch.sh <<< 'set -eux' \ - && tee -a Launch.sh <<< 'sudo chown $(id -u):$(id -g) /dev/kvm 2>/dev/null || true' \ - && tee -a Launch.sh <<< 'sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true' \ - && tee -a Launch.sh <<< '[[ "${RAM}" = max ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 1000000"))"' \ - && tee -a Launch.sh <<< '[[ "${RAM}" = half ]] && export RAM="$(("$(head -n1 /proc/meminfo | tr -dc "[:digit:]") / 2000000"))"' \ - && tee -a Launch.sh <<< 'sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true' \ - && tee -a Launch.sh <<< 'exec qemu-system-x86_64 -m ${RAM:-2}000 \' \ - && tee -a Launch.sh <<< '-cpu ${CPU:-Penryn},${CPUID_FLAGS:-vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,}${BOOT_ARGS} \' \ - && tee -a Launch.sh <<< '-machine q35,${KVM-"accel=kvm:tcg"} \' \ - && tee -a Launch.sh <<< '-smp ${CPU_STRING:-${SMP:-4},cores=${CORES:-4}} \' \ - && tee -a Launch.sh <<< '-usb -device usb-kbd -device usb-tablet \' \ - && tee -a Launch.sh <<< '-device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \' \ - && tee -a Launch.sh <<< '-drive if=pflash,format=raw,readonly=on,file=/home/arch/OSX-KVM/OVMF_CODE.fd \' \ - && tee -a Launch.sh <<< '-drive if=pflash,format=raw,file=/home/arch/OSX-KVM/OVMF_VARS-1024x768.fd \' \ - && tee -a Launch.sh <<< '-smbios type=2 \' \ - && tee -a Launch.sh <<< '-audiodev ${AUDIO_DRIVER:-alsa},id=hda -device ich9-intel-hda -device hda-duplex,audiodev=hda \' \ - && tee -a Launch.sh <<< '-device ich9-ahci,id=sata \' \ - && tee -a Launch.sh <<< '-drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=${BOOTDISK:-/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2} \' \ - && tee -a Launch.sh <<< '-device ide-hd,bus=sata.2,drive=OpenCoreBoot \' \ - && tee -a Launch.sh <<< '-device ide-hd,bus=sata.3,drive=InstallMedia \' \ - && tee -a Launch.sh <<< '-drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \' \ - && tee -a Launch.sh <<< '-drive id=MacHDD,if=none,file=${IMAGE_PATH:-/home/arch/OSX-KVM/mac_hdd_ng.img},format=${IMAGE_FORMAT:-qcow2} \' \ - && tee -a Launch.sh <<< '-device ide-hd,bus=sata.4,drive=MacHDD \' \ - && tee -a Launch.sh <<< '-netdev user,id=net0,hostfwd=tcp::${INTERNAL_SSH_PORT:-10022}-:22,hostfwd=tcp::${SCREEN_SHARE_PORT:-5900}-:5900,${ADDITIONAL_PORTS} \' \ - && tee -a Launch.sh <<< '-device ${NETWORKING:-vmxnet3},netdev=net0,id=net0,mac=${MAC_ADDRESS:-52:54:00:09:49:17} \' \ - && tee -a Launch.sh <<< '-monitor stdio \' \ - && tee -a Launch.sh <<< '-boot menu=on \' \ - && tee -a Launch.sh <<< '-vga vmware \' \ - && tee -a Launch.sh <<< '${EXTRA:-}' - -# docker exec containerid mv ./Launch-nopicker.sh ./Launch.sh -# This is now a legacy command. -# You can use -e BOOTDISK=/bootdisk with -v ./bootdisk.img:/bootdisk -RUN grep -v InstallMedia ./Launch.sh > ./Launch-nopicker.sh \ - && chmod +x ./Launch-nopicker.sh \ - && sed -i -e s/OpenCore\.qcow2/OpenCore\-nopicker\.qcow2/ ./Launch-nopicker.sh - -USER arch - -ENV USER arch - - -#### libguestfs versioning - -# 5.13+ problem resolved by building the qcow2 against 5.12 using libguestfs-1.44.1-6 - -ENV SUPERMIN_KERNEL=/boot/vmlinuz-linux -ENV SUPERMIN_MODULES=/lib/modules/5.12.14-arch1-1 -ENV SUPERMIN_KERNEL_VERSION=5.12.14-arch1-1 -ENV KERNEL_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-5.12.14.arch1-1-x86_64.pkg.tar.zst -ENV KERNEL_HEADERS_PACKAGE_URL=https://archive.archlinux.org/packages/l/linux/linux-headers-5.12.14.arch1-1-x86_64.pkg.tar.zst -ENV LIBGUESTFS_PACKAGE_URL=https://archive.archlinux.org/packages/l/libguestfs/libguestfs-1.44.1-6-x86_64.pkg.tar.zst - -RUN sudo pacman -Syy \ - && sudo pacman -Rns linux --noconfirm \ - ; sudo pacman -S mkinitcpio --noconfirm \ - && sudo pacman -U "${KERNEL_PACKAGE_URL}" --noconfirm \ - && sudo pacman -U "${LIBGUESTFS_PACKAGE_URL}" --noconfirm \ - && rm -rf /var/tmp/.guestfs-* \ - ; libguestfs-test-tool || exit 1 - -#### - -# symlink the old directory, for redundancy -RUN ln -s /home/arch/OSX-KVM/OpenCore /home/arch/OSX-KVM/OpenCore-Catalina || true - -#### - -#### SPECIAL RUNTIME ARGUMENTS BELOW - -# env -e ADDITIONAL_PORTS with a comma -# for example, -e ADDITIONAL_PORTS=hostfwd=tcp::23-:23, -ENV ADDITIONAL_PORTS= - -# add additional QEMU boot arguments -ENV BOOT_ARGS= - -ENV BOOTDISK= - -# edit the CPU that is being emulated -ENV CPU=Penryn -ENV CPUID_FLAGS='vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on,+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check,' - -ENV DISPLAY=:0.0 - -# Deprecated -ENV ENV=/env - -# Boolean for generating a bootdisk with new random serials. -ENV GENERATE_UNIQUE=false - -# Boolean for generating a bootdisk with specific serials. -ENV GENERATE_SPECIFIC=false - -ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img -ENV IMAGE_FORMAT=qcow2 - -ENV KVM='accel=kvm:tcg' - -ENV MASTER_PLIST_URL="https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist" - -# ENV NETWORKING=e1000-82545em -ENV NETWORKING=vmxnet3 - -# boolean for skipping the disk selection menu at in the boot process -ENV NOPICKER=false - -# dynamic RAM options for runtime -ENV RAM=3 -# ENV RAM=max -# ENV RAM=half - -# The x and y coordinates for resolution. -# Must be used with either -e GENERATE_UNIQUE=true or -e GENERATE_SPECIFIC=true. -ENV WIDTH=1920 -ENV HEIGHT=1080 - -# libguestfs verbose -ENV LIBGUESTFS_DEBUG=1 -ENV LIBGUESTFS_TRACE=1 - -VOLUME ["/tmp/.X11-unix"] - -# check if /image is a disk image or a directory. This allows you to optionally use -v disk.img:/image -# NOPICKER is used to skip the disk selection screen -# GENERATE_UNIQUE is used to generate serial numbers on boot. -# /env is a file that you can generate and save using -v source.sh:/env -# the env file is a file that you can carry to the next container which will supply the serials numbers. -# GENERATE_SPECIFIC is used to either accept the env serial numbers OR you can supply using: - # -e DEVICE_MODEL="iMacPro1,1" \ - # -e SERIAL="C02TW0WAHX87" \ - # -e BOARD_SERIAL="C027251024NJG36UE" \ - # -e UUID="5CCB366D-9118-4C61-A00A-E5BAF3BED451" \ - # -e MAC_ADDRESS="A8:5C:2C:9A:46:2F" \ - -# the output will be /bootdisk. -# /bootdisk is a useful persistent place to store the 15Mb serial number bootdisk. - -# if you don't set any of the above: -# the default serial numbers are already contained in ./OpenCore/OpenCore.qcow2 -# And the default serial numbers - -CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ - ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ - ; [[ "${NOPICKER}" == true ]] && { \ - sed -i '/^.*InstallMedia.*/d' Launch.sh \ - && export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore-nopicker.qcow2}" \ - ; } \ - || export BOOTDISK="${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \ - ; [[ "${GENERATE_UNIQUE}" == true ]] && { \ - ./Docker-OSX/osx-serial-generator/generate-unique-machine-values.sh \ - --master-plist-url="${MASTER_PLIST_URL}" \ - --count 1 \ - --tsv ./serial.tsv \ - --bootdisks \ - --width "${WIDTH:-1920}" \ - --height "${HEIGHT:-1080}" \ - --output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \ - --output-env "${ENV:=/env}" \ - || exit 1 ; } \ - ; [[ "${GENERATE_SPECIFIC}" == true ]] && { \ - source "${ENV:=/env}" 2>/dev/null \ - ; ./Docker-OSX/osx-serial-generator/generate-specific-bootdisk.sh \ - --master-plist-url="${MASTER_PLIST_URL}" \ - --model "${DEVICE_MODEL}" \ - --serial "${SERIAL}" \ - --board-serial "${BOARD_SERIAL}" \ - --uuid "${UUID}" \ - --mac-address "${MAC_ADDRESS}" \ - --width "${WIDTH:-1920}" \ - --height "${HEIGHT:-1080}" \ - --output-bootdisk "${BOOTDISK:=/home/arch/OSX-KVM/OpenCore/OpenCore.qcow2}" \ - || exit 1 ; } \ - ; ./enable-ssh.sh && /bin/bash -c ./Launch.sh - -# virt-manager mode: eta son -# CMD virsh define <(envsubst < Docker-OSX.xml) && virt-manager || virt-manager -# CMD virsh define <(envsubst < macOS-libvirt-Catalina.xml) && virt-manager || virt-manager diff --git a/Dockerfile.naked b/Dockerfile.naked index 712d059..41f4fef 100644 --- a/Dockerfile.naked +++ b/Dockerfile.naked @@ -166,7 +166,20 @@ ENV HEIGHT=1080 ENV LIBGUESTFS_DEBUG=1 ENV LIBGUESTFS_TRACE=1 -CMD sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ +# DMCA compliant download process +# If BaseSystem.img does not exist, download ${SHORTNAME} + +# shortname default is catalina, which means :latest is catalina +ENV SHORTNAME=sonoma + +ENV BASESYSTEM_IMAGE=BaseSystem.img + +CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ + && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ + && make \ + && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \ + && rm ./BaseSystem.dmg \ + ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; sudo chown -R $(id -u):$(id -g) /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ ; { [[ "${DISPLAY}" = ':99' ]] || [[ "${HEADLESS}" == true ]] ; } && { \ nohup Xvfb :99 -screen 0 1920x1080x16 \ diff --git a/Dockerfile.naked-auto b/Dockerfile.naked-auto index 44f2866..6e8bddd 100644 --- a/Dockerfile.naked-auto +++ b/Dockerfile.naked-auto @@ -183,7 +183,20 @@ ENV TERMS_OF_USE=i_agree ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree" -CMD echo "${BOILERPLATE}" \ +# DMCA compliant download process +# If BaseSystem.img does not exist, download ${SHORTNAME} + +# shortname default is catalina, which means :latest is catalina +ENV SHORTNAME=sonoma + +ENV BASESYSTEM_IMAGE=BaseSystem.img + +CMD ! [[ -e "${BASESYSTEM_IMAGE:-BaseSystem.img}" ]] \ + && printf '%s\n' "No BaseSystem.img available, downloading ${SHORTNAME}" \ + && make \ + && qemu-img convert BaseSystem.dmg -O qcow2 -p -c ${BASESYSTEM_IMAGE:-BaseSystem.img} \ + && rm ./BaseSystem.dmg \ + ; echo "${BOILERPLATE}" \ ; [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \ ; echo "Disk is being copied between layers... Please wait a minute..." \ ; sudo touch /dev/kvm /dev/snd "${IMAGE_PATH}" "${BOOTDISK}" "${ENV}" 2>/dev/null || true \ diff --git a/README.md b/README.md index d2bc22b..d3b0e76 100644 --- a/README.md +++ b/README.md @@ -64,6 +64,7 @@ docker run -it \ -p 50922:10022 \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -e "DISPLAY=${DISPLAY:-:0.0}" \ + -e SHORTNAME=catalina \ sickcodes/docker-osx:latest # docker build -t docker-osx . @@ -76,9 +77,10 @@ docker run -it \ -p 50922:10022 \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -e "DISPLAY=${DISPLAY:-:0.0}" \ - sickcodes/docker-osx:big-sur + -e SHORTNAME=big-sur \ + sickcodes/docker-osx:latest -# docker build -t docker-osx --build-arg SHORTNAME=big-sur . +# docker build -t docker-osx . ``` ### Monterey (12) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/monterey?label=sickcodes%2Fdocker-osx%3Amonterey](https://img.shields.io/docker/image-size/sickcodes/docker-osx/monterey?label=sickcodes%2Fdocker-osx%3Amonterey)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated) @@ -92,9 +94,10 @@ docker run -it \ -e "DISPLAY=${DISPLAY:-:0.0}" \ -e GENERATE_UNIQUE=true \ -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \ - sickcodes/docker-osx:monterey + -e SHORTNAME=monterey \ + sickcodes/docker-osx:latest -# docker build -t docker-osx --build-arg SHORTNAME=monterey . +# docker build -t docker-osx . ``` ### Ventura (13) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/ventura?label=sickcodes%2Fdocker-osx%3Aventura](https://img.shields.io/docker/image-size/sickcodes/docker-osx/ventura?label=sickcodes%2Fdocker-osx%3Aventura)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated) @@ -108,9 +111,10 @@ docker run -it \ -e "DISPLAY=${DISPLAY:-:0.0}" \ -e GENERATE_UNIQUE=true \ -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \ - sickcodes/docker-osx:ventura + -e SHORTNAME=ventura \ + sickcodes/docker-osx:latest -# docker build -t docker-osx --build-arg SHORTNAME=ventura . +# docker build -t docker-osx . ``` ### Sonoma (14) [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/sonoma?label=sickcodes%2Fdocker-osx%3Asonoma](https://img.shields.io/docker/image-size/sickcodes/docker-osx/sonoma?label=sickcodes%2Fdocker-osx%3Asonoma)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated) @@ -126,9 +130,10 @@ docker run -it \ -e CPU='Haswell-noTSX' \ -e CPUID_FLAGS='kvm=on,vendor=GenuineIntel,+invtsc,vmware-cpuid-freq=on' \ -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom-sonoma.plist' \ - sickcodes/docker-osx:sonoma + -e SHORTNAME=sonoma \ + sickcodes/docker-osx:latest -# docker build -t docker-osx --build-arg SHORTNAME=sonoma . +# docker build -t docker-osx . ``` #### Run Catalina Pre-Installed [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto](https://img.shields.io/docker/image-size/sickcodes/docker-osx/auto?label=sickcodes%2Fdocker-osx%3Aauto)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated) @@ -161,9 +166,10 @@ docker run -it \ -p 50922:10022 \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -e "DISPLAY=${DISPLAY:-:0.0}" \ - sickcodes/docker-osx:high-sierra + -e SHORTNAME=high-sierra \ + sickcodes/docker-osx:latest -# docker build -t docker-osx --build-arg SHORTNAME=high-sierra . +# docker build -t docker-osx . ``` ### Mojave [![https://img.shields.io/docker/image-size/sickcodes/docker-osx/mojave?label=sickcodes%2Fdocker-osx%3Amojave](https://img.shields.io/docker/image-size/sickcodes/docker-osx/mojave?label=sickcodes%2Fdocker-osx%3Amojave)](https://hub.docker.com/r/sickcodes/docker-osx/tags?page=1&ordering=last_updated) @@ -175,9 +181,10 @@ docker run -it \ -p 50922:10022 \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -e "DISPLAY=${DISPLAY:-:0.0}" \ - sickcodes/docker-osx:mojave + -e SHORTNAME=mojave \ + sickcodes/docker-osx:latest -# docker build -t docker-osx --build-arg SHORTNAME=mojave . +# docker build -t docker-osx . ``` @@ -200,6 +207,7 @@ docker run -it \ -e "DISPLAY=${DISPLAY:-:0.0}" \ -e GENERATE_UNIQUE=true \ -e MASTER_PLIST_URL=https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/custom/config-nopicker-custom.plist \ + -e SHORTNAME=catalina \ sickcodes/docker-osx:naked ``` @@ -229,6 +237,7 @@ docker run -it \ -e "PASSWORD=alpine" \ -e GENERATE_UNIQUE=true \ -e MASTER_PLIST_URL=https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/custom/config-nopicker-custom.plist \ + -e SHORTNAME=monterey \ sickcodes/docker-osx:naked-auto ``` diff --git a/vnc-version/Dockerfile b/vnc-version/Dockerfile index d4ef8b7..42ebe93 100644 --- a/vnc-version/Dockerfile +++ b/vnc-version/Dockerfile @@ -125,4 +125,17 @@ RUN printf '\n\n\n\n%s\n%s\n\n\n\n' '===========VNC_PASSWORD========== ' "$( ${HOME}/.vnc/passwd RUN chmod 600 ~/.vnc/passwd RUN printf '\n\n\n\n%s\n%s\n\n\n\n' '===========VNC_PASSWORD========== ' "$(