- Ventura or newer
- Disable System Integrity Protection.
SIP doesn't allow to
chroot(not needed for building though).
cd "$repo_root"
sudo python3 -m darwinjail "$jail_dir" # prepare chroot dir contents
sudo chroot "$jail_dir" # enter chrootIn order to make DNS work in chroot, run:
sudo mkdir -p "$jail_dir/var/run"
sudo link -f /var/run/mDNSResponder "$jail_dir/var/run/mDNSResponder"brew install crane
# You might first need to authenticate using
# sudo crane auth login "$registry" -u "$username" -p "$password"
sudo bash -c 'crane append --oci-empty-base -t "$image_tag" -f <(tar -f - -c -C "$jail_dir" .)'If you want to run Darwin image using containerd or Docker, see instructions.