S 4.380 Use of Apple Software Restore under Mac OS X

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator

Mac OS X enables the user to duplicate and clone file systems by means of the application Apple Software Restore (ASR). ASR not only offers the possibility to clone partitions, but also to make a disk image available in the network and to distribute it to the clients over the network.

If a client has been installed under Mac OS X in accordance with the company's or the government agency's requirements and corresponds to the security policies, then this system can be cloned and used for a network installation of additional clients. This makes it possible that all clients under Mac OS X receive an identical basic configuration which complies with the security policies specified by the institution.

To achieve this, it is necessary, first, that a disk image is created by the default system. The following steps must be taken for this purpose:

• Insert the installation DVD.
• After selecting the menu language, start the hard drive utility program.
• Now select the partition to be cloned and deactivate it by clicking on it with the right mouse button.
• Subsequently, create a disk image of the partition to be cloned to additional client computers using the menu item "File | New | Image of DiskXYZ". Depending on the size of the drive to be copied, this process may take several minutes.
• Once the process has been completed, check the disk image created for errors. For this purpose, the computer needs to be restarted and the following command has to be executed in the terminal:

sudo asr --source /path_to/Image.dmg --imagescan

If the disk image passes the check, a property list (Plist) has to be created. The content of this Plist is the variable "Data Rate" of type "Number". According to the existing network and the required streaming bandwidth, a value in the unit "bytes per second", without decimal points or commas for separation, has to be entered in this variable. "1000000", for example, would mean that a throughput of 1 Megabit per second (Mbit/s) is required. The address of the server to provide the disk image is entered in the variable with the name "Multicast Address" defined by Apple. The variable is of type "String", a possible content is, for example "239.255.0.1".

For the purpose of creating a Plist the program "Property List Editor" is available in the directory /Developer/Applications/Utilities. This program is available once the Developer Tools have been installed from the installation DVD.

In order to make the disk image available in the network, ASR has to be started as server by means of the following command:

sudo asr server --source /path_to/Image.dmg --config /path/to/server.plist

The last step is to start the copy process via the network. For this purpose, insert the installation DVD at the client and call the terminal in the utility programs. The following command starts the copy process:

asr restore --source asr://IP address of the server --target /volume/target volume --erase

For this purpose it must be ensured that the client is able to establish a functioning network connection.

Review questions:

• Does the Mac OS X image created comply with the security policies specified by the institution?
• Was the Mac OS X image checked for errors after completion?