Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Rootless kernel level protection
- Thread starter tarf
- Start date
- Sort by reaction score
It was just a rumor, that's it.
It is possible it might have be the system integrity protection, this was mentioned today in the Platform State of the Union session.
It is possible it might have be the system integrity protection, this was mentioned today in the Platform State of the Union session.
During the Platform State of the Union, it was referred to as "System Integrity Protection". But they didn't go into too terribly much detail than what we already knew (no overwriting system files).
To disable the rootless protection, use something like
And better check your current boot args via
and then just add/modify the rootless argument.
Code:
sudo nvram boot-args="rootless=0"
Code:
nvram -p
Last edited:
To add to the helpful reply by mag01...
I just tried to change the .kext' extension for a file in /System/Library/Extensions to '.disable'. By default, Rootless prevents me from doing this - either from Finder or from Terminal using sudo mv.
I turned off Rootless using sudo nvram boot-args="rootless=0" in Terminal and rebooted. I was now able to change the file extension from within Get Info in Finder.
Once I'd renamed it, I turned rootless back on with sudo nvram -d boot-args
I wonder what will happen once you update your system. Since repair permissions is now part of the update procedure, among other things, it is possible that OS X either overwrites your changes or refuses to load.
Most likely nothing out of the ordinary. Worst case scenario you would just have to re-enable rootless from the recovery partition.
You can also still repair permissions with
Code:
diskutil repairPermissions /I read elsewhere that this diskutil command was gone, so it's still there? The next beta will probably reveal some more information about this new feature.
Just tried to disable rootless through the recovery partition and got this:
I've never loathed Apple like I do now.
That did the trick for me, after adding the boot arg and restarting system files can be modified.
The command for it is still there, but it's gone from the GUI.
What did you modify in order to test it? I'm still unable to modify system files.
How do you get rootless back after you've disabled it with
sudo nvram boot-args="kext-dev-mode=1 rootless=0"
Thanks!
sudo nvram boot-args="kext-dev-mode=1 rootless=0"
Thanks!
didnt seem to resolve my VPN client issues I was having by re-enabling rootless with that command.
Thanks anyways
Thanks anyways
Question: with Rootless, can TRIM enabler still function, as well as programs such as SMC Fan Control and f.lux?
My understanding is yes at least for Trim. Turn off rootless and put system in Dev mode. Enable Trim, then turn rootless on again (leaving in Dev mode though).
After inputing
sudo nvram boot-args="rootless=0", disk utility still shows rootless enabled. Is it going to show enabled regardless?
sudo nvram boot-args="rootless=0", disk utility still shows rootless enabled. Is it going to show enabled regardless?
As far as we know, it's designed to protect system files and folders from being deleted or modified even as root through Terminal. It can be disabled with a boot argument.
It seems to, at least on the first beta.
