OS X 10.11 El Capitan and System Integrity Protection (SIP)

This is shamelessly cut and pasted from TwoCanoes:

System Integrity Protection (SIP)

Apple has implemented a new security feature in OS X 10.11, System Integrity Protection, which prevents even super users from altering the contents of files in key System folders. The flags for restricting the folders is applied at the time of installation and cannot be overridden. SIP is designed to protect System files from malware and viruses.

For the specific cases described above, SIP must be disabled to allow writing to the master boot record when restoring a Winclone image. After the restore process is complete, SIP may be enabled again from the Recovery partition.

Disabling SIP requires booting into the recovery partition to run the Terminal command below.  

To boot into the Recovery partition, hold Command-R while restarting the Mac.  

From the Utilities Menu, select Terminal.  On the Terminal command line, enter:

# csrutil disable

which will confirm the change with status message:

Successfully disabled System Integrity Protection. Please restart the machine for the changes to take effect.

Reboot back into the El Capitan system partition.

To re-enable SIP, boot back into the recovery partition, open Terminal from the Utilities menu and set state to enabled:

# csrutil enable
This article was posted by Kai Howells. If you liked this content and have any technical work in the Melbourne area, say hello via my contact form or give me a call on 0419 361 653 - I cover most of the greater Melbourne area and my rates are competitive.

Leave a Reply

Your email address will not be published. Required fields are marked *