The package "veewee-config.pkg" is not signed. Build fails. MacOS 10.12.5

[ncs-minapuck]

Building for MacOS 10.12.5

Steps to reproduce:

1. $ sudo prepare_iso/prepare_iso.sh "/Applications/Install macOS Sierra.app"/ dmg Password: ************ -- Attaching input OS X installer image with shadow file.. expected CRC32 $6E0A52CC /dev/disk6 GUID_partition_scheme /dev/disk6s1 EFI /dev/disk6s2 Apple_HFS /private/tmp/veewee-osx-esd.1UAH -- Mounting BaseSystem.. Checksumming Protective Master Boot Record (MBR : 0)… Protective Master Boot Record (MBR :: verified CRC32 $C16DE7A2 Checksumming GPT Header (Primary GPT Header : 1)… GPT Header (Primary GPT Header : 1): verified CRC32 $B9CE6ABE Checksumming GPT Partition Data (Primary GPT Table : 2)… GPT Partition Data (Primary GPT Tabl: verified CRC32 $6F7721F8 Checksumming (Apple_Free : 3)… (Apple_Free : 3): verified CRC32 $00000000 Checksumming disk image (Apple_HFS : 4)… .................................................................................................................................................................................. disk image (Apple_HFS : 4): verified CRC32 $D74AAD7A Checksumming (Apple_Free : 5)… .............................................................................................................................................................................................. (Apple_Free : 5): verified CRC32 $00000000 Checksumming GPT Partition Data (Backup GPT Table : 6)… GPT Partition Data (Backup GPT Table: verified CRC32 $6F7721F8 Checksumming GPT Header (Backup GPT Header : 7)… GPT Header (Backup GPT Header : 7): verified CRC32 $A76F9B83 verified CRC32 $BAD1A53D /dev/disk7 GUID_partition_scheme /dev/disk7s1 Apple_HFS /private/tmp/veewee-osx-basesystem.re1a -- OS X version detected: 10.12.5, build 16F73 -- Making firstboot installer pkg.. productbuild: Wrote product to /Users/minapuck/macos/prepare_iso/support/tmp/veewee-config.pkg "disk7" unmounted. "disk7" ejected. -- Creating empty read-write DMG located at /tmp/veewee-osx-basesystem-rw.pg2C.dmg.. ............................................................................................................................................................................................... created: /tmp/veewee-osx-basesystem-rw.pg2C.dmg /dev/disk7 Apple_partition_scheme /dev/disk7s1 Apple_partition_map /dev/disk7s2 Apple_HFS /private/tmp/veewee-osx-basesystem.re1a -- Restoring ('asr restore') the BaseSystem to the read-write DMG.. Validating target...done Validating source...done Retrieving scan information...done Validating sizes...done Restoring ....10....20....30....40....50....60....70....80....90....100 Remounting target volume...done -- Moving 'Packages' directory from the ESD to BaseSystem.. /tmp/veewee-osx-esd.1UAH/Packages -> /Volumes/OS X Base System/System/Installation/Packages /tmp/veewee-osx-esd.1UAH/Packages/BaseSystemResources.pkg -> /Volumes/OS X Base System/System/Installation/Packages/BaseSystemResources.pkg /tmp/veewee-osx-esd.1UAH/Packages/EmbeddedOSFirmware.pkg -> /Volumes/OS X Base System/System/Installation/Packages/EmbeddedOSFirmware.pkg /tmp/veewee-osx-esd.1UAH/Packages/Essentials.pkg -> /Volumes/OS X Base System/System/Installation/Packages/Essentials.pkg /tmp/veewee-osx-esd.1UAH/Packages/FirmwareUpdate.pkg -> /Volumes/OS X Base System/System/Installation/Packages/FirmwareUpdate.pkg /tmp/veewee-osx-esd.1UAH/Packages/OSInstall.mpkg -> /Volumes/OS X Base System/System/Installation/Packages/OSInstall.mpkg /tmp/veewee-osx-esd.1UAH/Packages/OSInstall.pkg -> /Volumes/OS X Base System/System/Installation/Packages/OSInstall.pkg -- Copying in original BaseSystem dmg and chunklist.. -- Adding automated components.. -- Unmounting BaseSystem.. "disk7" unmounted. "disk7" ejected. -- Unmounting ESD.. "disk6" unmounted. "disk6" ejected. -- On Mavericks and later, the entire modified BaseSystem is our output dmg. Preparing imaging engine… Reading Driver Descriptor Map (DDM : 0)… (CRC32 $651204F3: Driver Descriptor Map (DDM : 0)) Reading Apple (Apple_partition_map : 1)… (CRC32 $D01936FD: Apple (Apple_partition_map : 1)) Reading disk image (Apple_HFS : 2)… ............................................................................................................................................................................................... (CRC32 $AF8C3C74: disk image (Apple_HFS : 2)) Adding resources… ............................................................................................................................................................................................... Elapsed Time: 34.876s File size: 5455390200 bytes, Checksum: CRC32 $D44E0768 Sectors processed: 20971520, 12724369 compressed Speed: 178.1Mbytes/sec Savings: 49.2% created: /Users/minapuck/macos/dmg/OSX_InstallESD_10.12.5_16F73.dmg -- Fixing permissions.. -- Checksumming output image.. -- MD5: 7142bf8bab9ca70313d6591fd9ab484c -- Done. Built image is located at dmg/OSX_InstallESD_10.12.5_16F73.dmg. Add this iso and its checksum to your template.
2. `$ packer build -only=vmware-iso -var 'file=macos1012.json' macos.json vmware-iso output will be in this color.

Warnings for build \'vmware-iso\':

• A checksum type of 'none' was specified. Since ISO files are so big, a checksum is highly recommended.

==> vmware-iso: Downloading or copying ISO vmware-iso: Downloading or copying: file:///Users/minapuck/macos/dmg/OSX_InstallESD_10.12.5_16F73.dmg ==> vmware-iso: Creating virtual machine disk ==> vmware-iso: Building and writing VMX file ==> vmware-iso: Starting virtual machine... ==> vmware-iso: Waiting 2s for boot... ==> vmware-iso: Connecting to VM via VNC ==> vmware-iso: Typing the boot command over VNC... ==> vmware-iso: Waiting for SSH to become available...`

See Screenshot

[dhekimian]

From: https://github.com/rtrouton/create_os_x_vm_install_dmg

macOS 10.12.4 introduced a change that prevents the addition of third-party packages to the OS installer. This script uses the addition of a third-party installer package, so unfortunately this script cannot be used to generate 10.12.4 or later OS installers.

If you need to build a macOS 10.12.x VM, my recommendation at this point is to use the macOS 10.12.3 installer. Once the OS is installed, update to later versions of macOS Sierra as a post-installation task.

More info:

• https://derflounder.wordpress.com/2017/03/30/creating-macos-installer-disk-images-for-vmware-fusion-and-esxi-with-create_macos_vm_install_dmg/
• https://github.com/timsutton/osx-vm-templates/issues/81
• https://github.com/munki/createOSXinstallPkg

Note that macOS 10.13 (which is in beta) has a completely different install process then previous versions. Work has started on trying to figure it out: https://github.com/geerlingguy/macos-virtualbox-vm/issues/28

[darkn3rd]

Is there anyway to shut off such protection, as you can with the fully installed OS?

[ideologysec]

No. The only way around would be via creating a NetRestore image + signed package.

Or, use the 10.12.3 installer and let the packer update.sh script update to 10.12.6 during provisioning.