Closed Oujiii closed 4 years ago
@Oujiii can you say how did you enroll? Can you look at #133 and say which data you had to gave to roll into DEP on VM?
@vol24pl Yes. I got all the data that I could in order to enroll. SN, Model Name, Identifier, HW UUID, Boot Rom Version, Board ID, Board Serial, ROM and System UUID. I was able to sucessfully enroll using the company's network, but the VM fails booting after it, so I guess it may be related to the Filevault's encryption.
What version of VirtualBox and macOS guest are you using Oujiii? I'll try to reproduce the issue.
@myspaghetti VBox 6.1 and MacOS Mojave 10.14.6
The script is not compatible with FileVault, but VirtualBox is reported to work with FileVault. I'll see if I can find the required settings and implement them in the script.
Let me know if you do find out! Thank you!
Here's a minimal config.plist that works with OpenCore on VirtualBox 6.1.
Install it by picking a storage medium that's accessible from the EFI Internal Shell and copying /EFI/BOOT/BOOTx64.efi
, /EFI/OC/OpenCore.efi
and /EFI/OC/config.plist
onto it. Boot it with fsN:\EFI\BOOT\BOOTx64.efi
or load fsN:\EFI\OC\OpenCore.efi
. The configuration has an entry for a Mojave base system and a Catalina base system, but it can be configured to boot anything that VirtualBox boots.
Unfortunately I couldn't get it to boot Catalina 10.15.2 or 10.15.3 or show the FileVault password prompt or store a FileVault key in the virtualized SMC.
Pardon me for the lack of knowledge, should I just install my VM, enroll into the DEP and after the Filevault I run those commands?
Thanks!
I worded that poorly... The config I posted doesn't work for FileVault. It boots, but it doesn't show the FileVault password prompt and it doesn't store the key in the emulated SMC. There's no reason to do try it unless you want to fiddle with OpenCore yourself and find the right drivers/settings that enable FileVault on VirtualBox.
OpenCore should be able to at least store the FileVault key in the emulated SMC, but I gave up on trying to do it. It should also be able to load the FileVault boot password prompt, but I wasn't able to get that either.
Okay. Well, for now I will put that on hold. Someone more knowledgeable than me might find a solution in the future. Thanks for trying, though.
Progress: OpenCore 0.5.6 loads (or attempts to load) the FileVault password prompt but displays a blank screen. This is a minimal config.plist for OpenCore 0.5.6 that works on VirtualBox.
Upon a clean boot of the VM, OpenCore 0.5.6 boots the FileVault password prompt.
@myspaghetti im in the same situation as you 🏴☠️ 😂 i know that with opencore it works but... do i have to perform a clean install in order to use opencore? or i can side load it ? im running this virtual machine in a mac.
additionally, if you can give me info about how to send the Model Name, Identifier, HW UUID, Boot Rom Version, Board ID, Board Serial, ROM and System UUID values... that would be great
You can "dump" the OpenCore executable and config in their proper folder on the EFI System Partition. You can mount the ESP from the macOS guest Terminal like so:
mkdir ESP
sudo su # this will prompt for a password
diskutil mount -mountPoint ESP disk0s1
Then copy the OpenCore.efi
file and the properly formatted config.plist
file to ./ESP/EFI/OC/
and you can manually run them from the VirtualBox EFI Internal Shell that can be accessed by pressing Esc when the VM powers up.
You can add a bunch of other OpenCore files if you wish but they are not necessary for FileVault 2.
For the EFI and NVRAM parameters, assuming you're running on a genuine Mac, I recommend following the directions in the script documentation:
These parameters may be manually set in the
set_variables()
function when the "get_parameters_from_macOS_host
" is set to "no
", which is the default setting. When the script is executed on macOS and the variable "get_parameters_from_macOS_host
" is set to "yes
", the script copies the parameters from the host.Changing the EFI and NVRAM parameters after installation
The variables mentioned above may be edited and applied to an existing macOS virtual machine by deleting the .nvram file from the directory where the virtual machine .vbox file is stored, then executing the following command and copying the generated files to the macOS EFI System Partition:
./macos-guest-virtualbox.sh configure_vm create_nvram_files create_macos_installation_files_viso
After executing the command, attach the resulting VISO file to the virtual machine's storage through VirtualBox Manager or VBoxManage. Power up the VM and boot macOS, then start Terminal and execute the following commands, making sure to replace "[VISO_mountpoint]" with the correct path:
mkdir ESP
sudo su # this will prompt for a password
diskutil mount -mountPoint ESP disk0s1
cp -r /Volumes/[VISO_mountpoint]/ESP/* ESP/
After copying the files, boot into the EFI Internal Shell as described in the section "Applying the EFI and NVRAM parameters".
If you're not using a genuine Mac you'll have to get genuine-like parameters somewhere else. No support is offered for non-genuine parameters.
@myspaghetti thanks. i got it booting up just by setting ProvideConsoleGop
to true
as indicated in https://www.virtualbox.org/ticket/19386
however, my keyboard and mouse do not work. any hints?
my keyboard and mouse do not work
If you mean in the EFI shell, that needs to be configured in OpenCore and various keyboard/mouse EFIs are included in the release. If you mean on macOS, please start a separate issue, although very simply you have to set the VM mouse to usbtablet
and keyboard to usb
which is the default when using the script.
@myspaghetti maybe is out of the scope of your script but probably you can give me a hand on this. so after my company policy enabled filevault into the macosx VM i have on virtualbox i couldn't make it to the login screen. then mounted opencore in a USB stick and (yay!) im able to boot to get to the password prompt however I cannot move mouse or keyboard. virtualbox settings are set to usbtablet, for keyboard i honestly dont know where i can configure it. any hints? opencore configs look like this:
FILES
.
└── EFI
├── BOOT
│ └── BOOTx64.efi
└── OC
├── ACPI
├── Drivers
│ ├── HfsPlus.efi
│ └── OpenRuntime.efi
├── Kexts
│ └── USBInjectAll.kext
│ └── Contents
│ ├── Info.plist
│ └── MacOS
│ └── USBInjectAll
├── OpenCore.efi
├── Resources
│ ├── Audio
│ ├── Font
│ ├── Image
│ └── Label
├── Tools
└── config.plist
CONFIG.PLIST
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Misc</key>
<dict>
<key>Security</key>
<dict>
<key>RequireVault</key>
<false/>
<key>RequireSignature</key>
<false/>
<key>Vault</key>
<string>Optional</string>
</dict>
</dict>
<key>UEFI</key>
<dict>
<key>Output</key>
<dict>
<key>ProvideConsoleGop</key>
<true/>
</dict>
</dict>
<key>ACPI</key>
<dict>
<key>Add</key>
<array/>
</dict>
<key>Kernel</key>
<dict>
<key>Add</key>
<array/>
</dict>
</dict>
</plist>
From the OpenCore documentation:
On non-Apple firmware
KeySupport
,OpenUsbKbDxe
, or similar drivers are required for key handling.
Enable either KeySupport
or OpenUsbKbDxe
(but not both, they conflict). If I recall correctly, OpenUsbKbDxe
worked fine when I tried FileVault 2 on VirtualBox last year.
no luck. here is my plist now:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Misc</key>
<dict>
<key>Security</key>
<dict>
<key>RequireVault</key>
<false/>
<key>RequireSignature</key>
<false/>
<key>Vault</key>
<string>Optional</string>
</dict>
<key>Tools</key>
<array/>
</dict>
<key>UEFI</key>
<dict>
<key>Output</key>
<dict>
<key>ProvideConsoleGop</key>
<true/>
</dict>
<key>Drivers</key>
<array>
<string>HfsPlus.efi</string>
<string>OpenRuntime.efi</string>
<string>OpenUsbKbDxe.efi</string>
</array>
</dict>
<key>ACPI</key>
<dict>
<key>Add</key>
<array/>
</dict>
<key>Kernel</key>
<dict>
<key>Add</key>
<array/>
</dict>
</dict>
</plist>
the VM boots up to the login window (and very fast) but there is no way of getting keyboard or mouse to work 😡
I recalled incorrectly, it was the first one that works, KeySupport
. Here's a minimal config.plist
that works with FileVault 2 on VirtualBox:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Misc</key>
<dict>
<key>Security</key>
<dict>
<key>RequireVault</key>
<false/>
<key>RequireSignature</key>
<false/>
<key>Vault</key>
<string>Optional</string>
</dict>
</dict>
<key>UEFI</key>
<dict>
<key>Output</key>
<dict>
<key>ProvideConsoleGop</key>
<true/>
</dict>
<key>Input</key>
<dict>
<key>KeySupport</key>
<true/>
<key>KeySupportMode</key>
<string>V2</string>
</dict>
</dict>
<key>ACPI</key>
<dict>
<key>Add</key>
<array/>
</dict>
<key>Kernel</key>
<dict>
<key>Add</key>
<array/>
</dict>
</dict>
</plist>
no luck. i forgot to say that im on big sur and seeing https://github.com/myspaghetti/macos-virtualbox/issues/479 the issue might be other...
Just enrolled the VM in my company's DEP and by their policy, Filevault needs to be enabled. After finishing the DEP enrollment and restarting, the machine does not boot up anymore.
Is there any known issue with encryption?
Thanks!