Archive for May, 2019

Using bootstrappr to build testing VMs with VMware Fusion

May 31, 2019 Leave a comment

As part of my preparation for next week’s WWDC conference, I’ve been working on ways to build virtual machines using VMware Fusion for testing. In previous years, I have used NetBoot-based solutions to help me with this process. With NetBoot going away though, I’ve started using bootstrappr as my replacement deployment tool.

Bootstrappr is designed to install packages and scripts, but in my case I’m having it install only one package: a firstboot package created by First Boot Package Install The firstboot package in turn installs a set of installer packages to configure the VM and install the software I want. For more details, please see below the jump.

Read more…

Using AutoPkg 1.1’s recipe template creation option

May 29, 2019 Leave a comment

As part of the release of AutoPkg 1.1, a new-recipe feature was added to help with recipe creation.

Screen Shot 2019 05 29 at 10 51 43 AM

It will create a generic recipe file with the following keys added:

  • Description
  • Identifier
  • Input
  • MinimumVersion (by default, MinimumVersion will be set for AutoPkg 1.0)
  • Process

Under the Process keys, there are additional keys created by default:

  • Arguments
  • Processor

As an example, here’s the recipe file which is created when the following command is run:

autopkg new-recipe ~/Desktop/

Screen Shot 2019 05 29 at 10 48 25 AM

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" ""&gt;
<plist version="1.0">
<string>Recipe description</string>

For more details, please see below the jump.

Read more…

Categories: AutoPkg, macOS

macOS, hyperthreading and Microarchitectural Data Sampling vulnerabilities

May 16, 2019 Leave a comment

In 2018, vulnerabilities were publicly disclosed in computer processor architecture which affected the vast majority of desktops, laptops, mobile devices and servers. These vulnerabilities are referred to as Meltdown and Spectre. There is a lot of information available online about these vulnerabilities, but the cartoon below provides a decent summary of the issue:

Meltdown and spectre

On May 14th, 2019, additional Spectre vulnerabilities were disclosed using the name Microarchitectural Data Sampling (MDS). These vulnerabilities apply to desktop and laptop computers which use Intel processors. These processors are used by all modern Macs, but not by iOS or Apple Watch devices. These devices do not use Intel processors and instead use Apple’s own processors. For an excellent round-up of information on this developing issue, please see @zoocoup‘s post available via the link below:

How to remediate this problem? For the details, please see below the jump.

Read more…

Creating, managing and using Apple File System snapshots for startup drive backups

May 8, 2019 5 comments

Starting with macOS High Sierra, Time Machine on Apple File System-formatted (APFS) startup drives gained the ability to create APFS snapshots. These snapshots capture the state of the startup volume at a particular point in time and can be used by Time Machine to restore files, folders or the whole startup volume. These snapshots are stored on the startup volume, but are not the same as the previous local backups that Time Machine used on Hierarchical File System Plus (HFS+) formatted drives.

On HFS+ formatted drives, Time Machine local backups are stored in an invisible directory named .MobileBackups on the root level of the startup drive.

Figure 1 Location of the MobileBackups directory on an HFS+ formatted boot drive

This .MobileBackups directory is mountable as /Volumes/MobileBackups and you can access the backed-up files stored inside by navigating via the command line or Finder window.

Figure 2 Navigating the mounted MobileBackups volume

On APFS formatted drives, the /.MobileBackups directory and /Volumes/MobileBackups are no longer available. Instead, Time Machine is now using APFS snapshots to store a read-only copy of the state of your Mac’s startup drive at the time when that snapshot was taken. These snapshots are invisible to the file system, so unlike HFS+, there isn’t a directory or file location which you can access to get access to the snapshot-stored backups.

Snapshots include all files and directories stored on the startup drive at the time that the individual snapshot was made. When available, these snapshots can be used to restore the following:

  • Individual files
  • Individual directories
  • Multiple files at once
  • Multiple directories at once
  • All files and directories at once

If the startup drive was encrypted at the time the snapshot was made, the snapshot will itself be encrypted. This allows the restoration of an encrypted startup drive without needing to decrypt or re-encrypt the relevant startup drive. For more details, please see below the jump.

Read more…

%d bloggers like this: