High Sierra Recovery Partition creator

maiksanftenberg
Contributor II

Same procedure as every year.
I do search for a method to create a Recovery Partition on 10.13.

"Create Recovery Partition Installer" from https://github.com/MagerValp/Create-Recovery-Partition-Installer is not working on 10.13. as the installer process tells that no system found.

Anybody came up already with a way to create Recovery Partitions on 10.13.?

29 REPLIES 29

bpavlov
Honored Contributor

I'm curious, what's the need for this tool? Are you deploying Macs in such a way that they don't have a Recovery Partition and need this tool to be run afterward?

howie_isaacks
Valued Contributor

When you run a normal installation of macOS High Sierra, the recovery partition is created automatically. How are you installing High Sierra? I have used Carbon Copy Cloner to create recovery partitions on Macs that don't have them for some reason or other.

Look
Valued Contributor III

For 10.13 the recovery partition is going to be a fair bit more complex to create manually as it's contained within the APFS container along with some other bits and pieces.
None of the existing methods are likely to see it or create it, someone is going to have to invent something new for this.

donmontalvo
Esteemed Contributor II

On computers upgraded from Sierra to High Sierra, it doesn't appear that the Recovery HD partition is upgraded to High Sierra.

We opened a ticket with Apple to see if this is a bug in their installer.

--
https://donmontalvo.com

maiksanftenberg
Contributor II

We do use Thin Imaging so we expect a running and working OS.
But in the past we have seen some machines missing the Recovery Partition for whatever reason. This machines also do miss FileVault encryption therefor.

@bpavlov We have used the tool until 10.12 to ensure that all machines have a Recovery Partition and can enable FileVault.

@Look I expected something like this but was hoping somebody already did it or had the same kind of need.

jriv
New Contributor III

@donmontalvo @maik.sanftenberg Have you found a solution for this? Thanks!

chriscollins
Valued Contributor

If the need for this is for machines eBay are missing the recovery partition just reinstalling the OS with the app store installer will recreate it.

jriv
New Contributor III

Well, this is embarrassing. I've always held down Option on boot to enter the EFI password. Then I hold Cmd-R to go to the Recovery partition. Someone just pointed out that I just need to hold down Cmd-R on boot and it prompts for EFI password then goes straight to Recovery Partition. [https://support.apple.com/en-us/HT204904](link URL)

dlondon
Valued Contributor

Hi,

Yes I'm struggling to find an answer to getting a recovery partition that I can install. In the past (pre High Sierra) I could use "Create Recovery Partition Installer" but no more

My use case situation is for when lab machines or even staff machine are wiped and rebuilt using our netboot system.

If anyone has ideas on how to get this automated it would be great to hear how

haggan
New Contributor II

You talking HFS or APFS?

I'm trying to move away form imaging the old way, but I still couldn't help myself from playing around with it. I was successful in imaging 10.13.2 both APFS and HFS booting via AutoCasperNBI.

In short, the first thing i did was to capture the data from Recovery HD, both on APFS and HFS. I then wrapped that into a pkg that will install this data in a folder in tmp.

Then i set up a workflow in JAMF admin that will first run a preinstall script that wipe the drive, and in the HFS case create a Recovery HD partition.

Then i do the regular stuff, push the image to the drive, after that it installs my package that place the Recovery HD data into tmp.

I finish it off by running a postinstall script that will copy the data from tmp to the correct location depending if you running HFS or APFS.

It work just fine. But I chime in with many others, we are moving away from imaging

Cheers

Matt

FoxSports
New Contributor

hi haggan
how did you capture the recovery HD?
do you have the postinstall script? mind sharing that please?

CSHGreenwich
New Contributor III

We do no longer use imaging but have just found out that when you upgrade to High Sierra it does not create a recovery portion or at least not one that is recognized by Jamf. We are reviewing the requirements for Firevault 2 and most of our machines have reported to JAMF that they do not have a recovery patriots so they are all failing the eligibility requirements. Has anyone found an answer for the?

haggan
New Contributor II

@FoxSports

Yes, postinstall. Script are made for my environment without finesse, so it counts on HD name being Macintosh HD and one partition only. Adjust it to your needs as you see fit

I captured HFS Recovery OS and made package via Composer. APFS Recovery was made by mounting Recovery and just copy data. diskutil mount /dev/disk1s3

The tricky part with APFS, as you see in my script, is that the files reside in a folder named after UUID, so it's unique for each machine. My script solves that.

HFS+

Restore the Recovery HD image located in the tmp folder via ASR

/usr/sbin/asr restore -source /Volumes/Macintosh HD/private/tmp/Recovery HD.dmg -target /Volumes/Recovery HD/ -erase -noprompt -noverify

Unmount the "Recovery HD" partition

/usr/sbin/diskutil unmount /dev/disk0s3

Make the "Recovery HD" an Apple_Boot partition

/usr/sbin/asr adjust -target /dev/disk0s3 -settype Apple_Boot

exit 0

APFS:

fs_uuid="$(diskutil info /dev/disk1s1 | awk '/Volume UUID/ { print $3; }')"
jamf="/usr/local/bin/jamf"
diskutil="/usr/sbin/diskutil"

Mount APFS Volume Recovery

diskutil mount /dev/disk1s3

echo “Volume Recovery mounted”

Wipe APFS Volume Recovery

rm -rfv /Volumes/Recovery/*

echo “Recovery wiped”

Lock boot.efi

/usr/bin/chflags uchg /Volumes/Macintosh HD/private/tmp/recoveryos/boot.efi

echo “Permissions boot.efi corrected”

Copy Recovery OS to APFS Volume Recovery

cp -prv /Volumes/Macintosh HD/private/tmp/recoveryos /Volumes/Recovery/

echo “Recovery OS copied”

mv /Volumes/Recovery/recoveryos /Volumes/Recovery/"$fs_uuid"

echo “Recovery HD now restored”

Set permissions

chown -R root:wheel /Volumes/Recovery

echo “Permissions adjusted on APFS Volume Recovery”

Unmount APFS Volume Recovery

diskutil unmount /Volumes/Recovery

echo “Volume Recovery unmounted”

Delete temp files

rm -rfv /Volumes/Macintosh HD/private/tmp/recoveryos

echo “Temp files deleted”

echo “All done, enjoy booting into Recovery”

exit 0

sdagley
Honored Contributor II

@haggan That could be a useful script, but your post didn't include the script tag so the forum software garbles the display. Please edit your post to put the script begin/end tag, which is three consecutive backpacks (```), immediately before and after your script so it'll display properly.

haggan
New Contributor II

Thanks for the advice, trying again with your tip.

APFS:

#!/bin/sh
#
# Haggan Jan 2018
# This script will image Recovery OS on APFS volume (OS need to be captured and place into /tmp)
# Script only tested with one volume named Macintosh HD, adjust accordingly.

# Variables to determine paths and more. Do not edit.

fs_uuid="$(diskutil info /dev/disk1s1  | awk '/Volume UUID/ { print $3; }')"
jamf="/usr/local/bin/jamf"
diskutil="/usr/sbin/diskutil"

# Mount APFS Volume Recovery

diskutil mount /dev/disk1s3

echo “Volume Recovery mounted”

# Wipe APFS Volume Recovery

rm -rfv /Volumes/Recovery/*

echo “Recovery wiped”

# Lock boot.efi

/usr/bin/chflags uchg /Volumes/Macintosh HD/private/tmp/recoveryos/boot.efi

echo “Permissions boot.efi corrected”

# Copy Recovery OS to APFS Volume Recovery

cp -prv /Volumes/Macintosh HD/private/tmp/recoveryos /Volumes/Recovery/

echo “Recovery OS copied”

mv /Volumes/Recovery/recoveryos /Volumes/Recovery/"$fs_uuid"

echo “Recovery HD now restored”

# Set permissions

chown -R root:wheel /Volumes/Recovery

echo “Permissions adjusted on APFS Volume Recovery”

# Unmount APFS Volume Recovery

diskutil unmount /Volumes/Recovery

echo “Volume Recovery unmounted”

# Delete temp files

rm -rfv /Volumes/Macintosh HD/private/tmp/recoveryos

echo “Temp files deleted”

echo “All done, enjoy booting into Recovery”

exit 0

haggan
New Contributor II

Thanks @sdagley

HFS+

#!/bin/sh
#
# Haggan Jan 2018
# This script will image Recovery OS on HFS volume (OS need to be captured and place into /tmp)


# Restore the Recovery HD image located in the tmp folder via ASR

echo “Restoring the image”

/usr/sbin/asr restore -source /Volumes/Macintosh HD/private/tmp/Recovery HD.dmg -target /Volumes/Recovery HD/ -erase -noprompt -noverify

# Unmount the "Recovery HD" partition

/usr/sbin/diskutil unmount /dev/disk0s3

echo “Unmounting volume”

# Make the "Recovery HD" an Apple_Boot partition

/usr/sbin/asr adjust -target /dev/disk0s3 -settype Apple_Boot

echo “Recovery HD made Apple_Boot”

sleep 2

echo “All done”

exit 0

sdagley
Honored Contributor II

@haggan Thanks for the scripts

rob_c28
New Contributor

@haggen

Thanks for the script. One problem i am finding. When i get to the erasing of the Recovery Volume, it states operation is not permitted when trying to rm the files on the Partition. Am I missing something? Do i have to have Root access to run the script?

This will be a huge help on the 70 or so machines that do not have a Recovery Partition in our environment.

haggan
New Contributor II

@rob_c28

Hmm. That sound odd. Could it be SIPS that have to be disabled?

You could try disabling it as test, you need to boot into Recovery (USB-stick in your case?), start terminal, execute command csrutil disable

Scripts run via JAMF is always run as root as far as I know.

Cheers

jthurwood
New Contributor III

Hello

Did anyone get to the bottom of the "operation is not permitted" issue?

Thanks

haggan
New Contributor II

I never had that problem.

I've seen "operation is not permitted" in scripts though, usually when scripts contain info that shouldn't be there.

Open the script in BBedit, copy and past into new BBedit document and save it. Run it manually, confirm that it's working, then upload it to JSS again.

Cheers

jameson
Contributor II

I have some high sierra that have not any recovery partition - and jamf enrollment need that to enable filevault, and of course not interesting in wiping the machine
Can @haggan be used for this ?

mhasman
Valued Contributor

I tested, was not able to get 10.13.6 Recovery Partition installation image... Integrity Protection is off (csrutil disable). Any suggestions, please? Or... Can anybody just share Recovery Partition installer, please?

anverhousseini
Contributor II
Contributor II

The Create Recovery Partition Installer.app is working with macOS High Sierra. Clone the repository like this

cd "/private/tmp/" && git clone "https://github.com/MagerValp/Create-Recovery-Partition-Installer.git"

Move the app bundle to the applications folder.

mv "/private/tmp/Create-Recovery-Partition-Installer/Create Recovery Partition Installer.app/" "/Applications/"

Then put a copy of the CocoaDialog.app to

/Applications/Create Recovery Partition Installer.app/Contents/Resources/cocoaDialog.app

mhasman
Valued Contributor

@anverhousseini Thank you Anver!

luckysoul777
New Contributor

I used to SEE "Recovery HD" as a boot option when I pressed the Option key during power on. After I upgraded from Sierra to High Sierra, I do NOT SEE this "Recovery HD" anymore! I thought the upgrade had a hiccup and destroyed the recovery partition.

It turns out even though I do NOT SEE "Recovery HD", it IS STILL there!

Just now I pressed Command + R during power on, and it boot into recovery as before.

So seeing can sometimes be misleading! haha

daidnik
New Contributor

I am trying to create recovery partition on macbook pro 5.5 (mid 2009->2010).

I currently have multi boot setup with Snow Leopard; El Capitan & High Sierra working.

I had to do modified install of High Sierra due to Apple's non-intended support of this version of macbook pro, but High Sierra works well w/ 8GB RAM & new SSD.

Using Anver's method I get stuck at with error of "bad CPU" that I think has something to do with cross-correlation of existing H/W with 'sanctioned' H/W list accessible to the installer.

I tried using the modified High Sierra installer pkg, but got other error citing it as a "non-Apple" installer.

I don't have the El Capitan installer pkg as I did that as an 'upgrade' from Snow Leopard.

Any suggestions on how to proceed to create a working recovery partition?

Thanks,

David

JJ72
New Contributor

I have the exactly the problem as daidnik above only on an Early 2008 Mac Pro with High Sierra, any solution to this been found yet?
Thanks

JJ72
New Contributor

I have just solved this, boot from the modified High Sierra installer, run the macOS post install again, tick the box Recovery Partition Patch, job done you can now boot the recovery partition.