Patchstick/Testing
Apparently, there are some copies of patchstick images in the wild. Most likely, these will not work Also, some people report that the patchstick erased their AppleTV, resulting in a non-recoverable AppleTV. This is actually quite credible, since all Patchstick does is run some shell scripts as root. If this happened to you: don't count on us (or Apple) to help you.
This page describes how to make a Patch stick using OSX/Intel binaries, and therefor is not legally distributable. Therefor, no support whatsoever is given to anyone.
However, I think this process is important enough to document, so we can see what steps are needed to build an open, free and 100% legal version of Patchstick. - Mactijn 23:56, 8 April 2007 (CEST)
Contents
Pre-requisites, All versions
- USB flashdrive or disk (USB mass storage compatible) (for PatchStick.1.0.zip, a 512Meg stick is sufficient -- has anyone succeeded with a smaller stick?)
- an Intel machine running at least Mac OS X 10.4.9 (won't work on non-intel machines, kext files not compatible; have a look at Install SSH without an Intel Mac in this case)
- boot.efi from OS.dmg, mount it from the latest software update
Pre-requisites, Manual way
- Semthex's OSX86 kernel
Full Working Version
- Patchstick.zip
- mirror: Patchstick.zip
- mirror: Patchstick.zip (MD5 Checksum: 3d9fdb1eb7adc7615f920d046d8caf11)
- Follow instructions in zip file.
- Step by Step Guide (in English and Italian)
I (HenryLaxen) downloaded this on July 23, 2007, and found that this line in the createPatchstick file was commented out:
cp /usr/sbin/sshd /Volumes/Patchstick/ssh/
which prevents sshd from working on the AppleTV. After uncommenting this line, I was able to log into my AppleTV with ssh -1 -v frontrow@xx.xx.xx.xx Also, I consistantly get a kernel panic when launchd executes /sbin/reboot, however by this time the ssh files have already been installed. Do not worry that the first time you log in via ssh that it takes a long time, as the AppleTV must generate its host keys. HenryLaxen July 25, 2007
Actually, there are three ssh-related lines commented in the createPatchstick script, and it worked well for me to uncomment all three. But the "sed" in the DYLD_FRAMEWORK_PATH mumble isn't found when booting from the stick, which is why I believe only "ssh -1" works so far. Also, I see no reason why the Perian lines are commented out, and restoring them allowed Perian to be installed, which is quite useful of course. clrelay 2007-08-06
I was able to use it free of any changes noted above. After installation, I used the Enable SSH Server item in the AwkwardTV frappliance to gain shell access. postman August 12, 2007
Note (timothyp): If you are seeing errors such as: cp: cannot overwrite directory /Volumes/Patchstick-root/ ......
this probably means the files were copied to a folder named /Volumes/Patchstick-root/ on your primary hard drive and not to the USB stick.
Remove this directory and start over.
rm -R /Volumes/Patchstick-root
Note (DOCa Cola): the patch to "sed" should be "/usr/bin/sed" in the kerberos script - not "/sbin/sed" !
Leopard Compatibility
Building patchstick under 10.5 is currently not compatible see here: Patchstick/Leopard
It is possible to build a Patchstick on 10.5 using a Mac OS X Intel Install disc we all have lying around using the instructions on Patchstick/Leopard.
Manually: Partitioning and formatting the USB disk
based on Turbo's excellent guide here.
Update: Changed to use only one partition!
- hook up the USB drive to your Mac
- Re-partition it using DiskUtility: Format: Mac OS Extended (Journaled), Options: GUID table, Partition Name: Patchstick-root
If you only have one disk, your USB disk will be /dev/disk1, otherwise
- check what disk it is:
hostname:~ user$ df -h /dev/disk0s2 74G 72G 1.9G 97% / devfs 100K 100K 0B 100% /dev fdesc 1.0K 1.0K 0B 100% /dev <volfs> 512K 512K 0B 100% /.vol automount -nsl [205] 0B 0B 0B 100% /Network automount -fstab [219] 0B 0B 0B 100% /automount/Servers automount -static [219] 0B 0B 0B 100% /automount/static /dev/diskX 499M 40K 499M 0% /Volumes/NO NAME
NOTE: if you see something like /dev/disk1s1, /dev/diskX means /dev/disk1, not /dev/disk1s1!
- Now get the partition information which is required later to change the GUID:
gpt -r show /dev/diskX
results in:
start size index contents
0 1 PMBR
1 1 Pri GPT header
2 32 Pri GPT table
34 6
40 511920 1 GPT part - 48465300-0000-11AA-AA11-00306543ECAC
511960 7
511967 32 Sec GPT table
511999 1 Sec GPT header
Note the start and size of the partition - use this at the bottom of these instructions as the -b -s parameters (in this case -b 40 -s 511920)
Creating the patchstick boot-environment
this part is, for now, based on copying OSX binaries, and needs to be replaced ASAP
After performing the steps in the previous chapter, the USB drive's primary partition should have mounted itself as /Volumes/Patchstick-root. If you named it differently, please substitute all occurences of /Volumes/Patchstick-root with the correct one.
- in a shell, as root, change the current directory to the patchstick root FS:
hostname:~ root# cd /Volumes/Patchstick-root
- create the directory structure:
hostname:/Volumes/Patchstick-root root# mkdir -p sbin usr/lib/system System/Library/Extensions stuff etc dev OSBoot hostname:/Volumes/Patchstick-root root# ln -s sbin bin
- copy semthex's kernel (named mach_kernel) to /Volumes/Patchstick-root/
- create /Volumes/Patchstick-root/com.apple.Boot.plist with your favourite text editor (vi/pico/joe/...) and make it look like this:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Background Color</key> <integer>0</integer> <key>Boot Fail Logo</key> <string></string> <key>Boot Logo</key> <string>BootLogo.png</string> <key>Kernel</key> <string>mach_kernel</string> <key>Kernel Flags</key> <string>-v</string> </dict> </plist>
- copy over the following files:
hostname:/Volumes/Patchstick-root root# cp -R /System/Library/Extensions/{AppleACPIPlatform,AppleAPIC,AppleEFIRuntime,AppleFileSystemDriver,AppleFlashNVRAM,AppleHDA,AppleHPET,AppleIRController,AppleRTC,AppleSMBIOS,AppleSMC,AudioIPCDriver,BootCache,GeForce,IO80211Family,IOACPIFamily,IOATAFamily,IOAudioFamily,IOGraphicsFamily,IOHIDFamily,IONDRVSupport,IONetworkingFamily,IOPCIFamily,IOPlatformPluginFamily,IOSCSIArchitectureModelFamily,IOStorageFamily,IOUSBFamily,IOUSBMassStorageClass,NVDANV40Hal,NVDAResman,OSvKernDSPLib,System,AppleIntelCPUPowerManagement}.kext /Volumes/Patchstick-root/System/Library/Extensions/
hostname:/Volumes/Patchstick-root root# cp /bin/bash /bin/chmod /usr/sbin/chown /bin/cp /sbin/mount /sbin/mount_hfs /sbin/mount_devfs /bin/sleep /sbin/umount /bin/sync /bin/mkdir /usr/bin/sed /usr/sbin/installer /Volumes/Patchstick-root/sbin/
hostname:/Volumes/Patchstick-root root# cp /usr/lib/dyld /usr/lib/libSystem.B.dylib /usr/lib/libncurses.5.4.dylib /usr/lib/libgcc_s.1.dylib /Volumes/Patchstick-root/usr/lib/
hostname:/Volumes/Patchstick-root root# cp /usr/lib/system/libmathCommon.A.dylib /Volumes/Patchstick-root/usr/lib/system/
- Patch the AppleFileSystemDriver by adding the following section to the file
/Volumes/Patchstick-root/System/Library/Extensions/AppleFileSystemDriver.kext/Contents/Info.plist in the IOPropertyMatch array:
<key>media-match</key>
<dict>
<key>IOPropertyMatch</key>
<array>
<dict>
<key>Content Hint</key>
<string>5265636F-7665-11AA-AA11-00306543ECAC</string>
<key>Leaf</key>
<true/>
</dict>
<dict>
<key>Content Hint</key>
<string>Apple_Recovery</string>
<key>Leaf</key>
<true/>
</dict>
<dict>
<key>Content Hint</key>
<string>48465300-0000-11AA-AA11-00306543ECAC</string>
<key>Leaf</key>
<true/>
</dict>
- now, create /Volumes/Patchstick-root/sbin/launchd with your favourite text editor (vi/pico/joe/...) and make it look like this:
#!/sbin/bash
exec 2>/dev/console
exec 1>/dev/console
echo
echo " --- AppleTV Patchstick ---"
echo ' (please ignore the "invalid destination port\" errors)'
# echo " * remounting / r/w"
# /sbin/mount -uw /
echo " * mounting OSBoot partition r/o"
/sbin/mount -t hfs -r /dev/disk0s3 /OSBoot
echo " * re-mounting OSBoot partition r/w"
/sbin/mount -uw /OSBoot
echo " * mounting stuff partition r/o"
/sbin/mount -t hfs -r /dev/disk1s2 /stuff
echo " * keeping the OSBoot partition r/w for plugins"
/sbin/touch /OSBoot/.readwrite
if [ -d /OSBoot/dev/ ]; then
for i in /stuff/installer.d/*; do
echo " --- ${i} ---"
/sbin/bash "${i}"
done
/sbin/sync &>/dev/null
/sbin/umount /OSBoot
echo " all done!"
else
echo " ! OSBoot not mounted, not installing or modifying anything"
fi
echo
echo " Now, you can reboot your AppleTV by unplugging/replugging the power supply."
/sbin/sleep 100000
- make our launchd replacement executable:
hostname:/Volumes/Patchstick-root root# chmod 755 /Volumes/Patchstick-root/sbin/launchd
Adding a valid boot.efi
You need to add a valid boot.efi to the root of the Patchstick, to make it boot on Apple TV. Such a boot.efi has to be signed by Apple, which makes it difficult to create an own boot.efi.
Today there are two ways to get a valid boot.efi:
1. If you have opened you Apple TV already, you can find the boot.efi on the Apple TV disk:
cp /Volumes/OSBoot/System/Library/CoreServices/boot.efi /Volumes/Patchstick-root/
2. or if you don't want to open your Apple TV, you can download the first Apple TV update (1.1): http://mesu.apple.com/data/OS/061-2988.20070620.bHy75/2Z694-5248-45.dmg if you open the .dmg file you can copy the boot.efi:
cp /Volumes/OSBoot/usr/standalone/i386/boot.efi /Volumes/Patchstick-root/
Both boot.efi are exactly the same files, with same md5 checksums.
Adding patches
Patching just got a bit more modular. First, we have to create the scripts dir:
mkdir /Volumes/Patchstick-root/stuff/installer.d/
SSHD
To add SSH, do the following:
- make the SSH directory:
mkdir /Volumes/Patchstick-root/stuff/ssh
- create /Volumes/Patchstick-root/stuff/ssh/ssh.plist, make it look like this:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Disabled</key> <false/> <key>Label</key> <string>com.openssh.sshd</string> <key>Program</key> <string>/usr/libexec/sshd-keygen-wrapper</string> <key>ProgramArguments</key> <array> <string>/usr/sbin/sshd</string> <string>-i</string> </array> <key>SessionCreate</key> <true/> <key>Sockets</key> <dict> <key>Listeners</key> <dict> <key>Bonjour</key> <array> <string>ssh</string> <string>sftp-ssh</string> </array> <key>SockServiceName</key> <string>ssh</string> </dict> </dict> <key>StandardErrorPath</key> <string>/dev/null</string> <key>inetdCompatibility</key> <dict> <key>Wait</key> <false/> </dict> </dict> </plist>
- copy the sshd binary to the patchstick:
cp /usr/sbin/sshd /Volumes/Patchstick-root/stuff/ssh/sshd
- add an installer script to /Volumes/Patchstick-root/stuff/installer.d/, name it 'ssh':
#!/sbin/bash # install ssh # (c) 2007 macTijn at awkwardtv dot org if [ -f /stuff/ssh/sshd ] && [ -f /stuff/ssh/ssh.plist ]; then echo -n " * installing SSH daemon... " cp /stuff/ssh/sshd /OSBoot/usr/sbin/sshd cp /stuff/ssh/ssh.plist /OSBoot/System/Library/LaunchDaemons/ssh.plist echo "done." else echo " Needed SSH files not found, not installing" fi
- Don't forget to make it executable:
chmod 755 /Volumes/Patchstick-root/stuff/installer.d/ssh
Note: You have to install the Kerberos Framework, if you want to use SSH v2. If you don't, keep in mind to use SSH v1 only, or your sshd will crash. Of course you can install the Kerberos Framework later too.
- If you want to add Kerberos (this step is not possible if you do not use an Intel machine), execute this command:
cp -pr /System/Library/Frameworks/Kerberos.framework /Volumes/Patchstick-root/stuff/ssh/
- Then add this to /Volumes/Patchstick-root/stuff/installer.d/ssh:
if [ -d /stuff/ssh/Kerberos.framework ]; then echo -n " * installing Kerberos for ssh... " /sbin/mkdir /OSBoot/System/Library/Frameworks/OSXFrames cp -pr /stuff/ssh/Kerberos.framework /OSBoot/System/Library/Frameworks/OSXFrames/. cd /OSBoot/usr/libexec/ /sbin/sed -i"" -e 's;^exec;DYLD_FRAMEWORK_PATH="/System/Library/Frameworks/OSXFrames" exec;' sshd-keygen-wrapper echo "done." else echo " Needed Kerberos files not found, not installing" fi
Adding Perian
- download and mount the current Perian .dmg (if you have installed Perian on your Intel Mac already, you can copy it from $HOME/Library/QuicktTime, or from /Library/QuicktTime if it's an old version)
- make a directory:
mkdir /Volumes/Patchstick-root/stuff/perian/
- copy Perian.component from the .dmg to /Volumes/Patchstick-root/stuff/perian:
cp -R Perian.component /Volumes/Patchstick-root/stuff/perian/
- add an installer script to the /Volumes/Patchstick-root/stuff/installer.d directory, name it 'perian':
#!/sbin/bash # Perian installer script # (c) 2007 macTijn at awkwardtv dot org if [ -d /stuff/perian/Perian.component/ ]; then echo -n " * installing Perian Quicktime codec set... " cp -R /stuff/perian/Perian.component /OSBoot/Library/Quicktime/ echo "done." else echo " Perian files not found." fi
- Don't foget to make it executable:
chmod 755 /Volumes/Patchstick-root/stuff/installer.d/perian
Adding ATV Loader plugin
WARNING: The / partition must be mounted read/write in order to install plugins !!!
- download [1] and unzip the zipped plugin
- make a directory:
mkdir /Volumes/Patchstick-root/stuff/atvloader
- copy AwkwardTV.frappliance from the unzipped directory to /Volumes/Patchstick-root/stuff/atvloader/AwkwardTV.frappliance:
cp -R AwkwardTV.frappliance /Volumes/Patchstick-root/stuff/atvloader/AwkwardTV.frappliance
- add an installer script to the /Volumes/Patchstick-root/stuff/installer.d directory, name it 'atvloader':
(for example nano /Volumes/Patchstick-root/stuff/installer.d/atvloader )
#!/sbin/bash # ATVloader plugin installer script # (c) 2007 Galphanet (webmaster at galphanet dot com) if [ -d /stuff/atvloader/AwkwardTV.frappliance/ ]; then echo -n " * installing ATVloader plugin... " cp -R /stuff/atvloader/AwkwardTV.frappliance /OSBoot/System/Library/CoreServices/Finder.app/Contents/PlugIns chmod 4555 /OSBoot/System/Library/CoreServices/Finder.app/Contents/PlugIns/AwkwardTV.frappliance/Contents/Resources/SetupHelper echo "done." else echo " ATVloader plugin files not found." fi
- Don't foget to make it executable:
chmod 755 /Volumes/Patchstick-root/stuff/installer.d/atvloader
All done! your patchstick fully loaded now. The next section completes the process by changing the UUID.
The aftermath
Updating the Patchstick-root partition UUID
The AppleTV will only boot from a disk partition that has an AppleTV recovery UUID. There's no way to modify the UUID of a partition so you'll need to delete the boot partition (just the partition definition, not the partition data) and create another with the correct UUID in the same location. When you create the new partition, pass gpt the same -b and -s parameters that you used to create the patition you're replacing.
- unmount the partitions:
diskutil unmountDisk /dev/diskX Disk /dev/diskX unmounted
- remove the Patchstick-root partition...
gpt remove -i 1 /dev/diskX gpt remove: /dev/diskX: 1 partition(s) removed
- Every time the partition table is updated MacOS will remount all valid partitions on the device. You'll need to unmount them before gpt will allow you to modify the partition table again.
- unmount all partitions:
diskutil unmountDisk /dev/diskX Disk /dev/diskX unmounted
- Change the Patchstick-root partition to an AppleTV recovery partition (using the -b and -s numbers recorded in the first steps on this page)
gpt add -b 34 -s 163840 -i 1 -t "5265636F-7665-11AA-AA11-00306543ECAC" /dev/diskX
- unmount the partitions again.
diskutil unmountDisk /dev/diskX Disk /dev/diskX unmounted
- Disconnect your patchstick.
Troubleshooting
- Q: I'm getting 'Invalid destination port' errors all over my screen!
- A: Yeah, I know. Ignore them. But only those!
- Q: I'm getting "master.passwd: file not found" errors!
- A: please re-mount your Patchstick-root volume to /Volumes/Patchstick-root, and type:
grep '^root:' /etc/master.passwd > /Volumes/Patchstick-root/etc/master.passwd
- Q: Could someone please explain in more detail how this is accomplished?
- A: You need to use the gpt command to delete and recreate your Patchstick-root partition as HFS+ so that you can mount it again. The complete set of commands are:
diskutil unmountDisk /dev/diskX gpt remove -i 1 /dev/diskX diskutil unmountDisk /dev/diskX gpt add -b 34 -s 163840 -i 1 -t "48465300-0000-11AA-AA11-00306543ECAC" /dev/diskX grep '^root:' /etc/master.passwd > /Volumes/Patchstick-root/etc/master.passwd diskutil unmountDisk /dev/diskX gpt remove -i 1 /dev/diskX diskutil unmountDisk /dev/diskX gpt add -b 34 -s 163840 -i 1 -t "5265636F-7665-11AA-AA11-00306543ECAC" /dev/diskX
- Q: My patchstick keeps telling me it's "Waiting for root device". What did I do wrong?
- A: You probably forgot the step where you have to alter the plist file in the AppleFileSystemDriver kext. Please try again.
- A: If the above is not it, try using a different USB stick.
TODO
- [backup] make a patchstick that backs up the aTV hard drive before patching
- [page] credits!
- [page] add links to various items (semthex's kernel, Perian, ATVFiles)
- [page] add more FAQ's (and their answers)
- [procedure] kill off unneeded kext stuff, takes too much space like this
- [script] add more optional hacks
- [script] hide patch messages, instead make animated (a la factory restore animation)
- [procedure] make 10.5 Leopard compatible
- [procedure] make win/linux/etc compatible
NOTES
- The installer gives a lot of "bootstrap_look_up() failed (ipc/send) invalid destination port" errors. Ignoring them is safe. This is something launchd/mach_init specific which we cannot implement in a bash script.
- Sometimes the mounts go wrong. This means the journal on the filesystem it is trying to mount is dirty. Just reboot to the regular ATV OS, and retry.
- after booting to safe mode once, you don't need to do the menu & - trick again. Just plug in the USB drive, reboot by unplugging/replugging the power. Works fine here. - Mactijn 11:36, 14 April 2007 (CEST)
- so far, this list of .kext stuff is needed (based on Kextstat_output):
AppleACPIPlatform.kext AppleAPIC.kext AppleEFIRuntime.kext AppleFileSystemDriver.kext AppleFlashNVRAM.kext AppleHDA.kext AppleHPET.kext AppleIRController.kext AppleRTC.kext AppleSMBIOS.kext AppleSMC.kext AudioIPCDriver.kext BootCache.kext GeForce.kext IO80211Family.kext IOACPIFamily.kext IOATAFamily.kext IOAudioFamily.kext IOGraphicsFamily.kext IOHIDFamily.kext IONDRVSupport.kext IONetworkingFamily.kext IOPCIFamily.kext IOPlatformPluginFamily.kext IOSCSIArchitectureModelFamily.kext IOStorageFamily.kext IOUSBFamily.kext IOUSBMassStorageClass.kext NVDANV40Hal.kext NVDAResman.kext OSvKernDSPLib.kext System.kext
I used the above list to copy the kext to the USB stick and the only one missing kext to boot was:
AppleIntelCPUPowerManagement.kext
Still a few error messages but it worked.
To copy all these including AppleIntelCPUPowerManagement.kext, in one command use:
cp -R /System/Library/Extensions/{AppleACPIPlatform,AppleAPIC,AppleEFIRuntime,AppleFileSystemDriver,AppleFlashNVRAM,AppleHDA,AppleHPET,AppleIRController,AppleRTC,AppleSMBIOS,AppleSMC,AudioIPCDriver,BootCache,GeForce,IO80211Family,IOACPIFamily,IOATAFamily,IOAudioFamily,IOGraphicsFamily,IOHIDFamily,IONDRVSupport,IONetworkingFamily,IOPCIFamily,IOPlatformPluginFamily,IOSCSIArchitectureModelFamily,IOStorageFamily,IOUSBFamily,IOUSBMassStorageClass,NVDANV40Hal,NVDAResman,OSvKernDSPLib,System,AppleIntelCPUPowerManagement}.kext /Volumes/Patchstick-root/System/Library/Extensions/
