APFS Image Slimming Critical Task #146

New Issue

Open

opened 2025-12-29 05:23:12 +01:00 by adam · 6 comments

adam commented 2025-12-29 05:23:12 +01:00

Owner

Copy Link

Originally created by @sickcodes on GitHub (Mar 18, 2021).

Big Sur is using APFS only...

Failed (read only)

APFS mountable in Linux but READ ONLY

Therefore it must be done inside OSX.

Secondly, Big Sur must be used to mount Big Sur

How to mount Big Sur writable:

Boot into recovery mode with two disks https://github.com/sickcodes/Docker-OSX#mount-a-disk-inside-osx-from-the-host

Disable SIP

# inside Recovery Disk shell
csrutil authenticated-root disable
csrutil disable
reboot

Log into Big Sur good one

Unmount the only other disk that you can unmount in disk utility.

Sometimes it's disk3 disk4 or disk5

Remount as writable, as shown below thanks to https://mobile.twitter.com/ebadtweet/status/1275454103900971012

The partition to remount is always s2

sudo mount -o nobrowse -t apfs /dev/diskNsM /path/to/mntpoint

cd your mountpoint

ncdu is handy for finding large files today delete

After finishing, create a snapshot and reboot
sudo bless --folder /path/to/mntpoint/System/Library/CoreServices --bootefi --create-snapshot

However this image will not shrink when using https://github.com/sickcodes/Docker-OSX#how-to-reduce-the-size-of-the-image

This is crucial for development as we need much smaller images, 40GB is unwieldy for security research and takes even a few minutes on a good SSD to copy it.

Originally created by @sickcodes on GitHub (Mar 18, 2021). Big Sur is using APFS only... Failed (read only)  APFS mountable in Linux but READ ONLY Therefore it must be done inside OSX. Secondly, Big Sur must be used to mount Big Sur ### How to mount Big Sur writable: Boot into recovery mode with two disks https://github.com/sickcodes/Docker-OSX#mount-a-disk-inside-osx-from-the-host Disable SIP ```bash # inside Recovery Disk shell csrutil authenticated-root disable csrutil disable reboot ``` Log into Big Sur good one Unmount the only other disk that you can unmount in disk utility. Sometimes it's disk3 disk4 or disk5 Remount as writable, as shown below thanks to https://mobile.twitter.com/ebadtweet/status/1275454103900971012 The partition to remount is always s2 `sudo mount -o nobrowse -t apfs /dev/diskNsM /path/to/mntpoint` cd your mountpoint `ncdu` is handy for finding large files today delete After finishing, create a snapshot and reboot `sudo bless --folder /path/to/mntpoint/System/Library/CoreServices --bootefi --create-snapshot`  However this image will not shrink when using https://github.com/sickcodes/Docker-OSX#how-to-reduce-the-size-of-the-image This is crucial for development as we need much smaller images, 40GB is unwieldy for security research and takes even a few minutes on a good SSD to copy it.

adam added the enhancement label 2025-12-29 05:23:12 +01:00

adam commented 2025-12-29 05:23:13 +01:00

Author

Owner

Copy Link

@sickcodes commented on GitHub (Mar 18, 2021):

Ultimate

rm -rf mnt/usr/share/man/*
rm -rf mnt/System/Library/Desktop\ Pictures/*

Okay

rm -rf mnt/System/Applications/Music.app/*
rm -rf mnt/System/Applications/Books.app/*
rm -rf mnt/System/Applications/TV.app/*
rm -rf mnt/System/Applications/Maps.app/*
rm -rf mnt/System/Applications/Podcasts.app/*
rm -rf mnt/System/Applications/Music.app/*

Fail

rm -rf mnt/usr/share/tokenizer/*
rm -rf mnt/System/iOSSupport/System/Library/PrivateFrameworks/*
rm -rf mnt/System/iOSSupport/System/Library/Frameworks/*
rm -rf mnt/System/iOSSupport/System/Library/AccessibilityBundles/*
rm -rf mnt/System/Library/Templates/*

Not sure

rm -rf mnt/System/Library/SpeechBase/*
rm -rf mnt/System/Library/Audio/*
rm -rf mnt/System/Library/Frameworks/Vision.Framework/Versions/A/Resources/*

@sickcodes commented on GitHub (Mar 18, 2021):  Ultimate ``` rm -rf mnt/usr/share/man/* rm -rf mnt/System/Library/Desktop\ Pictures/* ``` Okay ``` rm -rf mnt/System/Applications/Music.app/* rm -rf mnt/System/Applications/Books.app/* rm -rf mnt/System/Applications/TV.app/* rm -rf mnt/System/Applications/Maps.app/* rm -rf mnt/System/Applications/Podcasts.app/* rm -rf mnt/System/Applications/Music.app/* ``` Fail ``` rm -rf mnt/usr/share/tokenizer/* rm -rf mnt/System/iOSSupport/System/Library/PrivateFrameworks/* rm -rf mnt/System/iOSSupport/System/Library/Frameworks/* rm -rf mnt/System/iOSSupport/System/Library/AccessibilityBundles/* rm -rf mnt/System/Library/Templates/* ``` Not sure ``` rm -rf mnt/System/Library/SpeechBase/* rm -rf mnt/System/Library/Audio/* rm -rf mnt/System/Library/Frameworks/Vision.Framework/Versions/A/Resources/* ```

adam commented 2025-12-29 05:23:13 +01:00

Author

Owner

Copy Link

@Diassico commented on GitHub (Mar 18, 2021):

Big Sur is using

Failed (read only)

APFS mountable in Linux but READ ONLY

Therefore it must be done inside OSX.

Secondly, Big Sur must be used to mount Big Sur

How to mount Big Sur writable:

Boot into recovery mode with two disks https://github.com/sickcodes/Docker-OSX#mount-a-disk-inside-osx-from-the-host

Disable SIP

# inside Recovery Disk shell
csrutil authenticated-root disable
csrutil disable
reboot

Log into Big Sur good one

Unmount the only other disk that you can unmount in disk utility.

Sometimes it's disk3 disk4 or disk5

Remount as writable, as shown below thanks to https://mobile.twitter.com/ebadtweet/status/1275454103900971012

The partition to remount is always s2

sudo mount -o nobrowse -t apfs /dev/diskNsM /path/to/mntpoint

cd your mountpoint

ncdu is handy for finding large files today delete

After finishing, create a snapshot and reboot
sudo bless --folder /path/to/mntpoint/System/Library/CoreServices --bootefi --create-snapshot

However this image will not shrink when using https://github.com/sickcodes/Docker-OSX#how-to-reduce-the-size-of-the-image

This is crucial for development as we need much smaller images, 40GB is unwieldy for security research and takes even a few minutes on a good SSD to copy it.

@Diassico commented on GitHub (Mar 18, 2021): > Big Sur is using > > Failed (read only) >  > > APFS mountable in Linux but READ ONLY > > Therefore it must be done inside OSX. > > Secondly, Big Sur must be used to mount Big Sur > > ### How to mount Big Sur writable: > > Boot into recovery mode with two disks https://github.com/sickcodes/Docker-OSX#mount-a-disk-inside-osx-from-the-host > > Disable SIP > > ```bash > # inside Recovery Disk shell > csrutil authenticated-root disable > csrutil disable > reboot > ``` > > Log into Big Sur good one > > Unmount the only other disk that you can unmount in disk utility. > > Sometimes it's disk3 disk4 or disk5 > > Remount as writable, as shown below thanks to https://mobile.twitter.com/ebadtweet/status/1275454103900971012 > > The partition to remount is always s2 > > `sudo mount -o nobrowse -t apfs /dev/diskNsM /path/to/mntpoint` > > cd your mountpoint > > `ncdu` is handy for finding large files today delete > > After finishing, create a snapshot and reboot > `sudo bless --folder /path/to/mntpoint/System/Library/CoreServices --bootefi --create-snapshot` > >  > > However this image will not shrink when using https://github.com/sickcodes/Docker-OSX#how-to-reduce-the-size-of-the-image > > This is crucial for development as we need much smaller images, 40GB is unwieldy for security research and takes even a few minutes on a good SSD to copy it.

adam commented 2025-12-29 05:23:14 +01:00

Author

Owner

Copy Link

@sickcodes commented on GitHub (Mar 19, 2021):

Reasonable explanation for 40GB image lol!

@sickcodes commented on GitHub (Mar 19, 2021): Reasonable explanation for 40GB image lol! 

adam commented 2025-12-29 05:23:14 +01:00

Author

Owner

Copy Link

@sickcodes commented on GitHub (Mar 19, 2021):

Testing non-qcow images currently!

EDIT: useless code below do not use!

FAIL READ ONLY

touch "${APFS_NAME}"
fallocate --zero-range --length 50G "${APFS_NAME}" 
mkfs.apfs "${APFS_NAME}"

mkdir -p ./mnt
sudo losetup -f 
sudo losetup /dev/loop0 "${APFS_NAME}"
sudo apfs-fuse -o uid=0,gid=0,allow_other -p 1 /dev/loop0 ./mnt

# mount the disk
ls ./mnt
# private-dir  root
sudo umount ./mnt
sleep 1
sudo losetup -d /dev/loop0

Boot two disks

IMAGE_NAME=${PWD}/mac_hdd_ng_big_sur.img"
DISK_TWO="${PWD}/mac_hdd_ng_nonqcow.img"
docker run -it \
    --device /dev/kvm \
    -e "DISPLAY=${DISPLAY:-:0.0}" \
    -v /tmp/.X11-unix:/tmp/.X11-unix \
    -e RAM=10 \
    -p 50922:10022 \
    -e GENERATE_SPECIFIC=true \
    -e DEVICE_MODEL="${DEVICE_MODEL}" \
    -e SERIAL="${SERIAL}" \
    -e BOARD_SERIAL="${BOARD_SERIAL}" \
    -e UUID="${UUID}" \
    -e MAC_ADDRESS="${MAC_ADDRESS}" \
    -e NETWORKING=vmxnet3 \
    -v "${IMAGE_NAME}":/image \
    -e WIDTH=1600 \
    -e HEIGHT=900 \
    -v "${DISK_TWO}:/disktwo" \
    -e EXTRA='-device ide-hd,bus=sata.5,drive=DISKTWO -drive id=DISKTWO,if=none,file=/disktwo,format=raw' \
    -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \
    sickcodes/docker-osx:naked

Installing now...

@sickcodes commented on GitHub (Mar 19, 2021): Testing non-qcow images currently! EDIT: useless code below do not use! FAIL READ ONLY ~~~APFS_NAME=mac_hdd_ng_nonqcow.img touch "${APFS_NAME}" fallocate --zero-range --length 50G "${APFS_NAME}" mkfs.apfs "${APFS_NAME}" mkdir -p ./mnt sudo losetup -f sudo losetup /dev/loop0 "${APFS_NAME}" sudo apfs-fuse -o uid=0,gid=0,allow_other -p 1 /dev/loop0 ./mnt ~~~ ```bash # mount the disk ls ./mnt # private-dir root sudo umount ./mnt sleep 1 sudo losetup -d /dev/loop0 ``` Boot two disks ```bash IMAGE_NAME=${PWD}/mac_hdd_ng_big_sur.img" DISK_TWO="${PWD}/mac_hdd_ng_nonqcow.img" docker run -it \ --device /dev/kvm \ -e "DISPLAY=${DISPLAY:-:0.0}" \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -e RAM=10 \ -p 50922:10022 \ -e GENERATE_SPECIFIC=true \ -e DEVICE_MODEL="${DEVICE_MODEL}" \ -e SERIAL="${SERIAL}" \ -e BOARD_SERIAL="${BOARD_SERIAL}" \ -e UUID="${UUID}" \ -e MAC_ADDRESS="${MAC_ADDRESS}" \ -e NETWORKING=vmxnet3 \ -v "${IMAGE_NAME}":/image \ -e WIDTH=1600 \ -e HEIGHT=900 \ -v "${DISK_TWO}:/disktwo" \ -e EXTRA='-device ide-hd,bus=sata.5,drive=DISKTWO -drive id=DISKTWO,if=none,file=/disktwo,format=raw' \ -e MASTER_PLIST_URL='https://raw.githubusercontent.com/sickcodes/osx-serial-generator/master/config-custom.plist' \ sickcodes/docker-osx:naked ``` Installing now...

adam commented 2025-12-29 05:23:14 +01:00

Author

Owner

Copy Link

@sickcodes commented on GitHub (Mar 20, 2021):

Image can be shrunk later, using a second disk's Big Sur image.

Must be done on another Big Sur.

And must be done on a separate disk as above code because you can't resize while you're booted off recovery EFI disk.

@sickcodes commented on GitHub (Mar 20, 2021): Image can be shrunk later, using a second disk's Big Sur image. Must be done on another Big Sur. And must be done on a separate disk as above code because you can't resize while you're booted off recovery EFI disk. 

adam commented 2025-12-29 05:23:14 +01:00

Author

Owner

Copy Link

@sickcodes commented on GitHub (Mar 20, 2021):

Got it down to 17GB, will be adding :big-sur-auto or :auto-big-sur shortly, or just name it both lol

@sickcodes commented on GitHub (Mar 20, 2021): Got it down to 17GB, will be adding `:big-sur-auto` or `:auto-big-sur` shortly, or just name it both lol

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

tahoe

sequoia

runtime-download

mouse-fix

sonoma

ventura

naked-vnc-legacy-patch

persistent

rollback-naked

shrink-naked

mojave-high-sierra

libguestfs-linux-hold

netdev

stock-images-in-dockerfile

monterey

naked-auto

cpu-max-features

glibc-revert-wip

file-downgrade-all-images

osx-serial-update

custom-plist-always

custom-identity

No results found.

Labels

Clear labels

bug

documentation

enhancement

following upstream developments

good first issue

help wanted

invalid

pull-request

Mirrored from GitHub Pull Request

question

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/Docker-OSX-sickcodes#146