Early notes on deploying images to iMac Pro


Here are some early notes on making and restoring a High Sierra deployment image to an iMac Pro.

“Wait, I thought imaging was dead! Especially imaging the iMac Pro with Secure Boot!” you may be thinking. My reply: “We’ll see, won’t we?” It’s early days here: we’re experimenting. Our experiments might lead to dead ends, or they might lead to useful results.

Continue reading “Early notes on deploying images to iMac Pro”

Early notes on deploying images to iMac Pro


A little while ago, I made a new Mac deployment tool available:


Bootstrappr is really nothing more than a Bash script that installs any packages it finds in an adjacent packages directory. There’s no GUI, no bells and whistles.

What is it for? Why would you use it?

You’d use it for installation-based deployment workflows on iMac Pro (and potentially any Mac).

Continue reading “Bootstrappr”


macOS installation-based workflows

Perhaps you are starting to worry about the future of “imaging” as a deployment/initial configuration method for Macs.

(I’ll define “imaging” as block-copying the contents of a disk image file to a disk volume, and resulting in a bootable, fully-functional machine.)

If you are concerned about the future of imaging, you might want to start investigating macOS installation-based workflows for deployment/initial configuration.

The basic idea is this: a workflow that either installs macOS, or starts with the factory os installation. It then installs additional packages that serve to enroll the Mac in whatever your ongoing management system is (Jamf Pro, Filewave, Munki, etc). It then becomes the management system’s job to finish the initial setup of the machine.

Here are a few things you might want to look at:

Continue reading “macOS installation-based workflows”

macOS installation-based workflows

Customized High Sierra Install issues and workarounds

The startosinstall tool in the High Sierra installer supports adding additional packages that will be installed after macOS is installed, via the --installpackage option:

bash-3.2$ /Applications/Install\ macOS\ High\ Sierra.app/Contents/Resources/startosinstall --usage
Usage: startosinstall

--applicationpath, a path to copy of the OS installer application to start the install with.
--license, prints the user license agreement only.
--agreetolicense, agree to license the license you printed with --license.
--rebootdelay, how long to delay the reboot at the end of preparing. This delay is in seconds and has a maximum of 300 (5 minutes).
--pidtosignal, Specify a PID to which to send SIGUSR1 upon completion of the prepare phase. To bypass "rebootdelay" send SIGUSR1 back to startosinstall.
--converttoapfs, specify either YES or NO on if you wish to convert to APFS.
--installpackage, the path of a package to install after the OS installation is complete; this option can be specified multiple times.
--usage, prints this message.

Example: startosinstall --converttoapfs YES

A High Sierra NetInstall image built with System Image Utility has a similar option: you can add additional packages to the install:


Unfortunately, under both 10.13 and 10.13.1, both methods have a similar issue: if you try to install multiple packages, in some/many cases the installer will not properly cache all the intended packages and the install of macOS will fail with the message “The path /System/Installation/Packages/OSInstall.mpkg appears to be missing or damaged.” It tells you to restart and try again (which won’t work…).

Continue reading “Customized High Sierra Install issues and workarounds”

Customized High Sierra Install issues and workarounds

MacTech Conference 2017 Links

Here are some links from my presentation at MacTech Conference 2017, “Imaging is Dead: Now What?”

Der Flounder, “Imaging will be dead soonish”: https://derflounder.wordpress.com/2017/01/10/imaging-will-be-dead-soon-ish/

AutoDMG: https://github.com/MagerValp/AutoDMG

Imagr: https://github.com/grahamgilbert/imagr

DeployStudio: http://www.deploystudio.com

Apple, “Upgrade macOS on a Mac at your institution”: https://support.apple.com/en-us/HT208020

Apple, “APFS and Imaging”: https://help.apple.com/deployment/macos/#/apd545ec8b69

createbootvolfromautonbi.py: https://github.com/munki/macadmin-scripts/blob/master/createbootvolfromautonbi.py

Erik Gomez, Custom DEP series: http://blog.eriknicolasgomez.com/2017/03/08/Custom-DEP-Part-1-An-Introduction/

Victor Vranchan, Munkiing around with DEP: https://groob.io/posts/dep-micromdm-munki/

MacTech Conference 2017 Links

High Sierra FV Conversion Failure

When you upgrade to High Sierra, not only are you getting a new OS, but if your Mac has all-SSD storage, you are getting an all-new filesystem: APFS. This means your startup disk gets converted from HFS+ to APFS during the High Sierra upgrade.

More changes means more chances for things to go wrong. A colleague walked into my office today: he’d just upgraded his Mac to High Sierra, and now it was sitting at the Filevault pre-boot authentication screen. But instead of an icon for his account, there was a hard drive icon and the label “Disk Password”. His account password did not work to unlock this disk, and neither did the Personal Recovery Key.

Looked like the APFS conversion didn’t do everything it needed…

Fortunately Nick McSpadden had seen this before and let me in on a fix:

  1. Boot into Recovery HD
  2. Open Terminal.app
  3. Run diskutil apfs list to get the ‘regular’ boot drive (disk2s1 in this case)
  4. Run diskutil apfs unlockvolume disk2s1 to unlock the drive. The user’s normal password worked here.
  5. Run diskutil apfs updatePreboot disk2s1

This last command sprayed a ton of text to the screen. After this, we rebooted, and the expected disk unlock screen came up, with an icon for the user’s account. He was able to successfully authenticate and the Mac proceeded to boot. Crisis adverted!

High Sierra FV Conversion Failure

Stupid Install macOS High Sierra Tricks

While working on solving the problem of not getting a “stub” Install macOS High Sierra application, I stumbled across another way to get a full installer.

I present this merely as an oddity and a point of interest. I make no claims as to whether or not you should use this information in any way for ill or for good.

If you run a local Apple software update server, you may have noticed a new product: product ID 091-34298 — “Install macOS High Sierra”.  I use Reposado to run a local softwareupdate server:

# ./repoutil --info 091-34298
Product:       091-34298
Title:         Install macOS High Sierra
Version:       10.13
Size:          5.8 GB
Post Date:     2017-09-25 16:56:37
RestartNeeded: No
Status:        Downloaded
Location:      /disk1/swupd/html/content/downloads/04/61/091-34298
HTML Description:
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

We can use the location printed above to find the actual files on disk:

# ls /disk1/swupd/html/content/downloads/04/61/091-34298/almpfkbhyxnsgbxxqhoqo7sb40w3uip0wk/
091-34298.ar.dist        091-34298.ru.dist
091-34298.ca.dist        091-34298.sk.dist
091-34298.cs.dist        091-34298.Spanish.dist
091-34298.da.dist        091-34298.sv.dist
091-34298.Dutch.dist     091-34298.th.dist
091-34298.el.dist        091-34298.tr.dist
091-34298.English.dist   091-34298.uk.dist
091-34298.es_419.dist    091-34298.vi.dist
091-34298.fi.dist        091-34298.zh_CN.dist
091-34298.French.dist    091-34298.zh_TW.dist
091-34298.German.dist    AppleDiagnostics.chunklist
091-34298.he.dist        AppleDiagnostics.dmg
091-34298.hi.dist        BaseSystem.chunklist
091-34298.hr.dist        BaseSystem.dmg
091-34298.hu.dist        InstallAssistantAuto.pkg
091-34298.id.dist        InstallAssistantAuto.pkm
091-34298.Italian.dist   InstallAssistantAuto.smd
091-34298.Japanese.dist  InstallESDDmg.chunklist
091-34298.ko.dist        InstallESDDmg.pkg
091-34298.ms.dist        InstallESDDmg.pkm
091-34298.no.dist        InstallInfo.plist
091-34298.pl.dist        OSInstall.mpkg
091-34298.pt.dist        RecoveryHDMetaDmg.pkg
091-34298.pt_PT.dist     RecoveryHDMetaDmg.pkm

The contents of a softwareupdate product directory are very much like an exploded/expanded distribution package. Not very well-known is that we can sometimes trick Apple’s installer to install these. If we can get this directory copied to (or mounted via afp, smb or nfs on) a Mac (my Reposado server is on a Linux box), we can do this:

sudo installer -pkg /path/to/091-34298.English.dist -target /


open /path/to/091-34298.English.dist -a Installer.app

If you do the latter, you’ll need to click through the Installer like you would with any other package.

The result? A functional “Install macOS High Sierra.app” in /Applications.

Stupid Install macOS High Sierra Tricks