Son of InstallLion.pkg

Mountain Lion imageLast fall, I released a set of tools I called “InstallLion.pkg”. The introductory post is here.

Now that Mountain Lion has been released, you may be wondering: “Can I use these tools to create a deployment package for Mountain Lion?” The answer is yes. InstallLion.pkg can be used to make an installer package for Mountain Lion.

But I have a better set of tools for you. Today I’m introducing createOSXinstallPkg. This tool can be used to create installer packages for Lion and Mountain Lion and features many improvements over the “InstallLion.pkg” tools.

The first improvement: it’s much easier to use createOSXinstallPkg to create installer packages. With the old tools, you had to run one or two scripts — one to download an “IncompatibleAppList” package, and one to customize the InstallESD.dmg if you wanted to install additional packages along with the OS X install. And then you had to manually assemble the package, copying several components into the right places within a template package.

With createOSXinstallPkg, it’s as easy as:

sudo ./createOSXinstallPkg --source /Applications/Install\ OS\ X\ Mountain\

to create a basic uncustomized package that installs Mountain Lion.

But wait! There’s more!

Where to find it

You can download a zip archive of the createOSXinstallPkg tools here.

Or clone the Git repo: git clone

Documentation is here.

Additional improvements:

The installer packages generated by the original InstallLion.pkg tools could not install on volumes encrypted with FileVault 2. Packages created with createOSXinstallPkg can be installed on encrypted volumes.

The pre-install checks done by InstallLion.pkg-generated packages were basic and not 100% accurate — they prevented the install of Lion on most machines that could not handle it, but not all. Packages generated by createOSXinstallPkg use Apple’s pre-install checks for Lion and Mountain Lion, so packages you generate will attempt to install only on those Macs officially supported by Apple.

Finally: both InstallLion.pkg and createOSXinstallPkg allow you to add additional packages to be installed after OS X is installed. This feature is intended to allow you to: install a local account or two (especially a local admin account), disable the Setup Assistant that normally runs at first boot, and install the software needed for whatever software deployment or configuration management system you might have. This might then serve as the basis for a “thin imaging” workflow, in which you install the OS and a few other tools, and then let your software deployment or configuration management system finish the setup and configuration of the machine.

Some folks tried to use the additional packages feature as a replacement for InstaDMG and/or System Image Utility in order to build a sort of modular deployment image containing Microsoft Office or iLife or even some Adobe applications. This often failed. There are two reasons this often doesn’t work as hoped:

  1. For speed and accuracy, additional packages are added to the existing disk image, made writable through the use of disk image “shadow files”. This technique allows one to write to a normally read-only disk image. This is much faster and less error-prone than creating a large writable disk image, copying everything accurately from the InstallESD.dmg, adding the additional packages, then converting the new disk image to read-only. But the downside of this approach is that even when made writeable, the InstallESD disk image only has so much available space. For the Lion and Mountain Lion InstallESD images I’ve seen to date, this is around 350MB. createOSXinstallPkg now warns you and refuses to continue if you attempt to add more packages than will fit on the disk image.
  2. The second issue is even more important and more limiting. The OS X Install environment used by the Lion and Mountain Lion installers is very stripped down — it does not have all the tools and scripting languages available in a “full” installation of OS X. This means that many package scripts will fail to execute properly in this environment. Add that to the fact that many package scripts fail to do the correct thing when installing to anything other than the boot volume (which is NOT what is happening during an OS X install), and you’ll find you should add only those packages that are absolutely needed. Additionally, you should verify that all package scripts are compatible with the Lion/Mountain Lion install environment.

Enjoy! Feedback and discussion should be directed to the munki-dev list at

Son of InstallLion.pkg

66 thoughts on “Son of InstallLion.pkg

  1. I’m trying to deploy Mountain Lion using this tool, and using Casper Self Service to deploy the package. The package seems to deploy with no problems, and I’ve set the policy to reboot the machine, but the install never happens. The computer simply reboots and the OS is untouched. The Casper policy logs don’t show that anything went wrong with the install, but I’m guessing that’s going to be the norm, regardless of whether it works or not. I tried going through the console logs, but have no idea what I’m looking for that might give me clues. Any help would be most appreciated.


      1. For those playing along at home, the fix was:

        When you tell Casper to restart, make sure you specify “Currently Selected Startup Disk (No Bless)”.

        The OS X Install process causes the boot volume to be configured in an unusual way, causing the machine to boot from a disk image so it can install OS X on the “live” disk. If Casper re-blesses the startup disk (in the normal way), upon reboot, the machine simply reboots into the existing OS. No install will occur.

        Preserving the blessed boot environment is vital to the OS X install process.

  2. David says:

    I get this error:

    Downloading and adding IncompatibleAppList pkg…
    Error 7 retrieving
    curl: (7) couldn’t connect to host

    Traceback (most recent call last):
    File “/Volumes/SA-dayta-2/createOSXinstallPkg_20120831/createOSXinstallPkg”, line 883, in
    File “/Volumes/SA-dayta-2/createOSXinstallPkg_20120831/createOSXinstallPkg”, line 857, in main
    getPkgAndMakeIndexSproduct(destpath, os_vers=os_version)
    File “/Volumes/SA-dayta-2/createOSXinstallPkg_20120831/createOSXinstallPkg”, line 561, in getPkgAndMakeIndexSproduct
    url = findIncompatibleAppListPkgURL(catalog_url, package_name)
    File “/Volumes/SA-dayta-2/createOSXinstallPkg_20120831/createOSXinstallPkg”, line 513, in findIncompatibleAppListPkgURL
    catalog = plistlib.readPlistFromString(catalog_str)
    File “/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/”, line 103, in readPlistFromString
    return readPlist(StringIO(data))
    TypeError: expected read buffer, NoneType found

    I tried pasting the url into Safari and it does connect, so I have no idea why it should fail with curl.

    1. David says:

      To answer my own question it must be due to using a proxy which curl is not picking up. So more Googling I guess.

      1. Stephan Peterson says:

        I have the same issue in my environment. I found success by letting curl know about my proxy. I created ~/.curlrc and put in the following entry:

        proxy = http://:

        Hope this helps.

  3. Hi,
    I am trying to implement a similar method to create a hackintosh installer USB from the InstallESD.dmg. I wanted the installer to automatically install the boot loader and copy a directory (Extra) to target volume.
    I tried to create a OSInstall.collection plist with contents :


    where chimera.pkg is a flat pkg which installs the Chimera bootloader (Chameleon boot loader with a few experimental branches merged)
    The installer does not start. It says :

    There was a problem reading the Mac OS X installation disc.
    Carefully clean the disc, and then try reinstalling

    Installer log has these messages :

    Opening OSInstall package ‘/System/Installation/Packages/OSInstall.collection’.
    Collections: firtst non-recursive document (/System/Installation/Packages/chimera.pkg) is not an OSInstall document.
    Collections:Couldn’t create collection from path /System/Installation/Packages/OSInstall.collection
    Couldn’t verify OS X (Server) Install media.

    Is there anything I should add beside creating the OSInstall.collection ?

    1. Sorry, pasting plist contents did not work. I’ll try again with a | on each line
      | /System/Installation/Packages/OSInstall.mpkg
      | /System/Installation/Packages/chimera.pkg

      1. Sorry again. Plist without tag s
        ?xml version=”1.0″ encoding=”UTF-8″?
        !DOCTYPE plist PUBLIC “-//Apple//DTD PLIST 1.0//EN” “”
        plist version=”1.0″
        string /System/Installation/Packages/OSInstall.mpkg /string
        string /System/Installation/Packages/chimera.pkg /string

  4. scott says:

    I got this to work in apple remote desktop however the computer did not reboot post install. I did not add any extra payloads the the install. Its the standard lion 10..7.5 install. what do i need to do to get it to reboot?

    1. If you are using ARD, _you_ are responsible for initiating the reboot. This is covered in the documentation:

      “The next step would be to reboot, but the postflight script does not do this; it just exits. The package is marked as requiring a reboot, so whatever mechanism is used to install the package is responsible for rebooting as soon as possible after the install.”

      1. scott says:

        That sucks because ARD can not kick off the reboot because it does not run in the installer environment. Will other deployment utilities will make an OS installer to reboot?

  5. 1) Pretty sure you can tell ARD to reboot a machine.
    2) This is no different than _any_ package that declares the need to reboot; the package itself does not _cause_ the reboot. That would be problematic if you were attempting to install multiple packages!
    3) Other deployment software I am familiar with can correctly reboot a machine after installing packages that require a reboot, yes.

    1. scott says:

      ARD does not run while the installer is running. So it can to tell it to reboot. In ARD i did select force reboot after package in installed. Well all that did was reboot into the installer.

      Is there a package that I can add that adds a reboot command?

      Thanks for your quick response!


      1. “In ARD i did select force reboot after package in installed. Well all that did was reboot into the installer.”

        You mean it rebooted into the OS X Installer? That’s exactly what it is supposed to do!

      2. scott says:

        need it to reboot at the end of the installation So I don’t have to be there to reboot back into the upgraded OS.

  6. Once it reboots into the OS X installer, all control is handed over to the installer. Once the installer finishes installing Lion or Mountain Lion, it will reboot. If it’s not doing that, something is terribly wrong, and you should be looking at the logs on an affected machine.

    1. scott says:

      It just sits at the Restart screen there is no countdown timer. This is a fresh download of 10.7.5 installer.

    2. scott says:

      How do I make it restart after an upgrade install deployed this way. The Lion Installer does not do this on its own. I need it to be automated and require no end user involvement.

  7. I haven’t found that to be the case. We’ve upgraded lots of machines to Lion and Mountain Lion with a createOSXinstallPkg package.

    1. Mike says:

      will the createosxinstallpkg be updated to support next os x version, as they changed some stuff it does not work on latest dp.

      1. scott says:

        Love the script however

        for this to work for me i need the option to set auto restart on completion of installation. Mac os Net-installs wait for user initiated restart. mac os NEt Restores restart in 60 sec automatically. I really need the automatic restart function for my remote installations.

  8. Scott:

    Could you explain the issue you describe in more depth? I use DeployStudio (as one method) to install the package and then restart. Upon restart, the OS X Installer launches, installs OS X, then restarts again. I/we have no control over the behavior once it gets to this point — it’s all controlled by Apple’s code.

    It sounds like maybe you are using Apple’s NetInstall NetBoot set; if so you are stuck with the functionality it provides. Perhaps you should investigate other options.

      1. That’s not much detail, but many Mac admins would agree that ARD isn’t the best tool for this sort of thing. If you must use ARD, then you’ll have to send a restart command after installing the package.

  9. MJ says:

    Hi Greg, firstly thank you for creating this incredible tool. I’ve used it to upgrade several hundred machines across our global estate.

    I hope you can help with this – An issue I run into every now and again:
    Just after the the initial install from 10.7 to 10.8 the machine is rebooted. On some machines the install prompted for which Volume to install the upgrade to. Any idea why that would happen?

    *The only volumes on the machine are the boot volume and the installer volume.

    **I created the upgrade package using – createOSXinstallPkg_20120831

    1. scott says:

      I would query the bless command and see if a boot partition is set. Some machines will not be set to a boot partition. The OS does not care because it boots up just the same with only one boot partition, it only takes a little longer to bring up the apple logo on boot.

    2. If you mean that the machine boots to the “OS X Utilities” screen, as if you had chosen to boot to the recovery partition, typically this happens if there is too much time between when the InstallOSX.pkg is installed and the machine is rebooted. In that case, Apple skips the automation and displays the OS X Utilities window.

      If you are referring to some different behavior, I have not seen anything else — but I’d wonder about the filesystem format and/or health of the target volume.

      1. MJ says:

        In this instance the reboot occurred within 30 seconds of the install. of the 12 machines in the scope only 3 were successfull. The other 9 booted to the installer and asked where you want to install the OS to?

        Any ideas?

  10. MJ says:

    I ran the following on 1 of the machines that gave me that issue, im not sure if it looks correct?

    sudo bless -verbose -info /

    Mount point for / is /
    GPT detected
    No auxiliary booter partition required
    System partition found
    Returning booter information dictionary:
    {type = mutable dict, count = 3,
    entries =>
    0 : {contents = “System Partitions”} = (
    1 : {contents = “Data Partitions”} = (
    2 : {contents = “Auxiliary Partitions”} = (

    finderinfo[0]: 5289212 => Blessed System Folder is /System/Library/CoreServices
    finderinfo[1]: 5613619 => Blessed System File is /System/Library/CoreServices/boot.efi
    finderinfo[2]: 0 => Open-folder linked list empty
    finderinfo[3]: 0 => No alternate OS blessed file/folder
    finderinfo[4]: 0 => Unused field unset
    finderinfo[5]: 5289212 => OS X blessed folder is /System/Library/CoreServices
    64-bit VSDB volume id: 0xD24C44C0887861DB

  11. “In this instance the reboot occurred within 30 seconds of the install. of the 12 machines in the scope only 3 were successfull. The other 9 booted to the installer and asked where you want to install the OS to?

    Any ideas?”

    If you then manually selected a destination on one of the troublesome machines, did the install succeed?

    1. MJ says:

      Yes it did. But those machines were tucked away in the deepest darkest corner of the server room with no screen attached. It wasnt easy navigating with an external keyboard and screen. I have a couple more machines that need to be upgraded and I would like to avoid going through that again.

      1. I think you should post your issue somewhere it will get more eyeballs, like the MacEnterprise list or munki-dev. The comments section of a year-and-a-half old post on a obscure blog is not likely to get much attention…

  12. Glenn B says:

    Thanks so much for the work you do on the createOSXInstallPkg script. It has made my life SO much easier! One question I have; I grabbed the updated script for Mavericks and ran it on the installation package I downloaded from the App Store. Unlike the previous packages created for Lion and Mountain Lion, the Install Mavericks package (using DeployStudio) needs to download additional files, and then prompts for an Apple ID and password to install it. Is this now the norm or did I miss something obvious?

    1. I’ve seen no such behavior. I’ve built a Mavericks install package, and can install it while booted from a Deploy Studio NetBoot set, or when booted from the disk to be upgraded. It works exactly as did Lion or Mountain Lion.

      1. Glenn B says:

        Thanks… I’ll try rebuilding it. Not sure what I missed, I cut and pasted the command line, just changing the source path.

  13. Ok i am slightly confused. now if use createOSXinstallpkg to create an OS install package, and I put it onto a blank/erased/unlocked harddrive externally(in a usb enclosure), can I then put the HDD into the machines I want to deploy the installs on and will said HDD boot directly into the pkg? thus making emulating a clean fresh (straight-from-the-factory) initial install? Or am I just an idiot and missing something entirely?
    I need to be able to re/clean/fresh-install OSX on several machines which have for one reason or another been rendered bootable/installable with various flavors of Linux successfully from a dvd, but OSX install blocked in every way. Refit, Refind, and various other bootloaders have been less than succesful.
    The computers that come back to my department are used by students who like to do whatever they want and have been able to since there haven’t been any security options setup by my predecessor to prevent such lock-ups.
    Apple just makes this a pain in the ass to do especially for multiple machines. And since these computers were all brand new out of the box donations by various people, which means we don’t have the purchase receipts and/or AppleCare for any of them (which by now would have expired anyway) obviously contacting apple about them has been fruitless as we don’t have the necessary funding to pay for every machine’s fix.
    But I digress… Will these Volumes boot directly into the Install package, or do I need to do something else? I am either a idiot or just missing something. Please help!!!!

    1. Scott Wilson says:

      This software’s for installing the os upgrade through a remote management tool. This utility converts the OsS installer into a package. This is so that remote package deployment software can deploy the OS install.

      It sounds like you should take all of those systems to the apple store and have them re image them with the Factory OS. If you have access to Mac OS Server you can create a net install of the OS with system image utility. Then net boot each computer and install it. Or your easiest way is to us some of the flash drive utilities. You can turn a flash drive into a bootable installer. But again that is now what this utility is for. If you erase each computer you will need to get iLife installed back on it. You should be able to download ilife through the app store.

      If you need to keep the computers locked down so that no changes can be made look into DeepFreeze. Every reboot will restore it back to the frozen state.

  14. Mike says:

    I did some testings with OS X next release and it seems to work. Will it be added to the supported os’es when released ?

Comments are closed.