Python Script for removing sensitive data from OpenCore's config.plist. Useful if you plan to share your Config/EFI online.
The script comes in two flavors: "full" and "lite" which provide different feature-sets (listed below).
Changes the following Settings/Parameters in the config.plist:
- Removes MLB, ROM, Serials from PlatformInfo/Generic:
PlatformInfo/Generic/MLBPlatformInfo/Generic/ROMPlatformInfo/Generic/SystemSerialNumberPlatformInfo/Generic/SystemUUID
- Security Settings:
Misc/Security/ApECID=0→ ApECID has to be generated in the target system itself!Misc/Security/ScanPolicy=0→ So the system checks for all supported device types and file systems.Misc/Security/SecureBootModel=Disabled→⚠️ Disables Apple Secure Boot hardware model to avoid issues during Installation. Re-enable it in Post-Install so System Updates work when using an SMBIOS of a Mac model with a T2 Security Chip!Misc/Security/Vault=Optional→ Has to be created on the target system itself!
- Other Settings:
- Changes
Boter/Quirks/ResizeAppleGpuBarsto-1→ Disables Resizable BAR in macOS. Just in case the next user's GPU doesn't support it or it is disabled in BIOS. - Changes
UEFI/Quirks/ResizeGpuBarsto-1→ Disables Resizable BAR in UEFI for the same reason. - Changes
Misc/Boot/LauncherOptiontoDisabled→ To avoid changing boot menu entries on the target system's Firmware/BIOS. - Removes custom entries from
Misc/BlessOverride→ These overrides have to be created on the target system. - Removes custom boot loader entries from
Misc/Entries - Changes
Misc/Debug/Targetto3(Default) UEFI/APFS: ChangesMinDateandMinVersionto-1to maximize macOS compatibility. Otherwise the APFS driver isn't loaded in macOS 10.15 or older so you won't see any entries of APFS drives in OpenCore's Boot Menu.
- Changes
The lite version of this script will only anonymize SMBIOS and change 2 other settings:
- Anonymizes entries in PlatformInfo/Generic:
PlatformInfo/Generic/MLBPlatformInfo/Generic/ROMPlatformInfo/Generic/SystemSerialNumberPlatformInfo/Generic/SystemUUID
- Other Settings:
Misc/Security/ScanPolicy=0→ So the system checks for all supported device types and file systems.UEFI/APFS: ChangesMinDateandMinVersionto-1to maximize macOS compatibility. Otherwise the APFS driver isn't loaded in macOS 10.15 or older so you won't see any entries of APFS drives in OpenCore's Boot Menu.
- Install Python if you haven't already
- Click on "Code" > "Download ZIP" and unpack it.
- Run Terminal
- Enter:
cd ~/Downloads/OC-Anonymizer-master - Next, enter
python3 oc_anonymizer_full.py PATH_TO_CONFIG.plist(or drag and drop your config into the terminal window after ".py") - For running the Lite Version, enter
python3 oc_anonymizer_lite.py PATH_TO_CONFIG.plist - Hit
ENTER
This will create a censored_config.plist in the oc_anonymizer folder without sensitive data and changed settings as described. Rename the file to config.plist and place it in the EFI folder you want to share with the world.
If you encounter any issue, please file a bug report here
- Acidanthera for OpenCorePkg
- 1alessandro1 for the initial idea
- Dreamwhite for the original Python script
- Guide for removing sensitive data manually