Custom Serial Injection #59
Comments
|
I did some investigation and it seems the only places we can configure something hardware related is via binary representation of Data stored there is stored in Apple's binary plist format and can be decoded: pbpaste | base64 --decode > ecid.plist
plutil -convert xml1 ecid.plistHere are the contents of the files for our <plist version="1.0">
<dict>
<key>ECID</key>
<integer>10796302860778061261</integer>
</dict>
</plist>It seems at the moment it's not quite possible to configure it. Maybe it's possible with some secret key which we don't know yet. WWDC is just 4 weeks away and hopefully there will be more news about |
|
Seems it will be possible going forward with macOS Ventura. There is this new VZGenericMachineIdentifier which will be available starring macOS 13.0. |
|
I understand there is currently not the possibility of setting a specific Serial Number, but is there any method to randomly generate a new one? I'm attempting to setup a workflow which creates VM Templates, but for obvious reasons, There needs to be a new serial on the VMs deployed from the template. |
Unfortunately it's not currently possible to change the Serial Number (aka machine identifier or ECID) once the macOS installation is complete. You can try this yourself by copying the I've initially thought that this is due to "Full Security policy" setting (see Apple Platform Security document), but booting a generic macOS VM with
The other likely explanation is that VM's NVRAM contents ( |
|
has there been any progress on getting this to work? |
|
Serial injection would be beneficial. Following closely. |
Doesn't seem to be the case anymore with macOS Ventura, see @fkorotkov's You can also generate a specific ECID value by calling <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ECID</key>
<integer>42</integer>
</dict>
</plist> |
|
Good news that there are now private APIs to set a serial number (shout out to @khronokernel for finding it out)but unfortunately it requires disabling AMFI at the moment so we can't ship it with Tart. Here is a patch I applied to this location: let result = VZMacPlatformConfiguration()
et serialNumber = Dynamic._VZMacSerialNumber(string: "ZAAAAAAAAA")
let identifier: VZMacMachineIdentifier? = Dynamic.VZMacMachineIdentifier._machineIdentifierWithSerialNumber(serialNumber)
result.machineIdentifier = identifier ?? VZMacMachineIdentifier()Having the APIs appear in private is a good sign that we are getting the functionality eventually. So 🤞 to get it sooner than later. |
|
BTW did anyone submitted feedback through the Feedback Assistant that describes your current workflow and how customization of serial number will help to simplify it/do something new? We might have a lead to escalate this feature request but we need more datapoints preferably that submitted via the Feedback Assistant. |
|
Sorry, where is the Feedback Assistant? (is it a link inside of Tart? somewhere in Github?) ... the use case for custom serial number is that we are testing MDM workflows and if we use a serial number that is registered with Apple Business Manager then it will automatically kick off MDM processes if we set it to a "known" serial. |
|
Got a response on my Feedback Assistant about making
|
There are some times when it is beneficial to be able to control the VM's presented serial number.
This is a feature request to allow for custom serial injection on a Tart VM.
The text was updated successfully, but these errors were encountered: