Our thinking


OS X 10.11 El Capitan and System Integrity Protection (SIP)

This is shamelessly cut and pasted from TwoCanoes:

System Integrity Protection (SIP)

Apple has implemented a new security feature in OS X 10.11, System Integrity Protection, which prevents even super users from altering the contents of files in key System folders. The flags for restricting the folders is applied at the time of installation and cannot be overridden. SIP is designed to protect System files from malware and viruses.

For the specific cases described above, SIP must be disabled to allow writing to the master boot record when restoring a Winclone image. After the restore process is complete, SIP may be enabled again from the Recovery partition.

Disabling SIP requires booting into the recovery partition to run the Terminal command below.  

To boot into the Recovery partition, hold Command-R while restarting the Mac.  

From the Utilities Menu, select Terminal.  On the Terminal command line, enter:

# csrutil disable

which will confirm the change with status message:

Successfully disabled System Integrity Protection. Please restart the machine for the changes to take effect.

Reboot back into the El Capitan system partition.

To re-enable SIP, boot back into the recovery partition, open Terminal from the Utilities menu and set state to enabled:

# csrutil enable

Leave a Reply

Your email address will not be published. Required fields are marked *