System Image Utility: NetInstall accepts unsigned packages
| Originator: | gregneagle | ||
| Number: | rdar://35016826 | Date Originated: | 10/16/2017 |
| Status: | Closed | Resolved: | 10/18/2017 |
| Product: | macOS | Product Version: | 10.3 Build 17A405 |
| Classification: | Reproducible: | Always |
Summary: System Image Utility allows you to add unsigned packages to a NetInstall set. When you later boot from the NetInstall nbi and attempt to install macOS, the installer errors with the message "This copy of the Install macOS High Sierra application is damaged, and can't be used to install macOS." Steps to Reproduce: Launch System Image Utility. Select "Install macOS High Sierra.app" as a source. Choose to make a NetInstall nbi. Add one or more unsigned packages to the install. Expected Results: macOS High Sierra and additional packages are installed. Actual Results: Installer displays the error ""This copy of the Install macOS High Sierra application is damaged, and can't be used to install macOS." and will not proceed. If, instead of adding unsigned packages, you add signed packages instead, the installer launches and runs successfully. (It does not, however, actually successfully install all the extra packages -- that is a different bug.) At a minimum, SIU documentation should be updated to specify that signed packages are required here. Better would be for the Installer to provide a more informative error. Still better would be for SIU to reject unsigned packages and provide guidance at nbi build time. Version/Build: 10.13 Build 17A405 Configuration: MacBookAir6,2, 8GB RAM, 512GB SSD
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
I closed this after doing further testing and not being able to replicate it: I was able to create NetInstall sets that included one or more unsigned packages without issue.