-
Electric Light Co. and others point out that 1) SSV snapshots are only made by the OS upon update and deleted afterwards, 2) the user is not able to restore these since Big Sur and later because by the time they would be useful they have been deleted, 3) it is impossible to boot from them because the seal was broken???
-
on update to 14.3 (booted to 14.3 and failed) there remained a previous bless snapshot from a month ago, possibly? original 14.2.1 install Verified it by mounting it and checking Systemversion.plist
-
to boot from it all I had to do was Mount the previous snapshot I wanted e
bless --folder /Volumes/VOLUME@xxxx-xxx/System/Library/CoreServices --snapshot <uuid of snapshot from disk utility> --bootefi
where xxxx-xxx are some numbers
This was on an OCLP laptop with root patches that require a degraded SIP config so this possibly will not work on all computers! However I do know that the os-update snapshots should otherwise be sealed
UPDATE: unified util for declaring a snapshot to be a "system" one, and booting from it is
/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs_systemsnapshot
it can be blessed manually the previous way by mounting snapshot to fodler first and using bless
on the CoreServices path
I wonder if this all only works if authenticated root volume is disabled, because theoretically system snapshots from previous os-update would remain cryptographically sealed