Contribute
Register

Solved> Disable system file protection in Big Sur!

Status
Not open for further replies.
OMG... I need this in order to put some files that I need on the system, then we can create a new snapshot, where is the problem?!.., before writing all the time about the "dangers" of deleting a snapshots, it would be better to suggest how to do it.:)
Ok so you're prepared to go through this ritual each time! In that case try google and see what you can come up with. Good luck.
 
OMG... I need this in order to put some files that I need on the system, then we can create a new snapshot, where is the problem?!.., before writing all the time about the "dangers" of deleting a snapshots, it would be better to suggest how to do it.:)
What are you going to put into? Deleting and re-creating a snapshot by yourself may damage your system or even make it unable to boot.
 
What are you going to put into? Deleting and re-creating a snapshot by yourself may damage your system or even make it unable to boot.
it doesn't matter what I want to put there, this is my business!
deleting and recreating the snapshot can damage the system ?! you made me laugh, I've been doing this from the first Big Sur to the previous ver. (20C61b) and only with latest ver. (20C69) I have a problem deleting a snapshot.
 
it doesn't matter what I want to put there, this is my business!
deleting and recreating the snapshot can damage the system ?! you made me laugh, I've been doing this from the first Big Sur to the previous ver. (20C61b) and only with latest ver. (20C69) I have a problem deleting a snapshot.
Fine.
 
Without any malice, I think it is best we leave the OP to continue his search and hopefully find the answer to his query. I maybe wrong in my assumption but I feel there is a little heat in his replies so as they say 'let sleeping......... etc, etc.
 
it doesn't matter what I want to put there, this is my business!
deleting and recreating the snapshot can damage the system ?! you made me laugh, I've been doing this from the first Big Sur to the previous ver. (20C61b) and only with latest ver. (20C69) I have a problem deleting a snapshot.
Then maybe you should figure it out your self Mr it is my business. Do not ask for help with that kind of attitude. Second of all yes it def can damage the system just because you got lucky with your business does not mean it can not damage the system. Apple only releases full installs rather than point-release patches for this very reason I am sure their RND is far more extensive than yours. Once again do not ask for help if you are going to be a jackass!
 
Then maybe you should figure it out your self Mr it is my business. Do not ask for help with that kind of attitude. Second of all yes it def can damage the system just because you got lucky with your business does not mean it can not damage the system.
to be honest, I didn't want to delete the a snapshot, I was just looking for an opportunity to do this without removing it and since for a very long time no one here answered I thought that there was only one option left is the temporary removal of the snapshot, but as it turned out later, there is a great solution without snapshot removing.:)
Now the topic is closed!
 
Out of interest, for anyone who comes here after reading the title of the thread...

I was lead through the process by an Apple Tech Support person, for my real Mac, and they just use the new Security menu option in Recovery mode.

Generally no need to get bogged-down with Terminal, though obviously if you are confident using it then it's way more powerful and useful.
 
Out of interest, for anyone who comes here after reading the title of the thread...

I was lead through the process by an Apple Tech Support person, for my real Mac, and they just use the new Security menu option in Recovery mode.

Generally no need to get bogged-down with Terminal, though obviously if you are confident using it then it's way more powerful and useful.
I think that more cases have common cause now - its the BigSure / filesystem protection. Seems to that without next macos fix the csrutil/recovery console is not working for Silicon platform in order to mount rw the /. Unfortunately it is not always working on Intel Macs and Hacks too. Here is what I have learned trying to narrow some privacy issues of the BigSur, whre you have to alter some files on the system partition to fix that.

Doing some research on "trustd" issue in order to delete the 50 services going fully out of the scope of LULU/LittleSnitch which are specified in the /System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist.

This one need disabled authenticated-root in order to remove the nasty list compromising you privacy when on VPN. According to my research it is not always working on Intel MacOS by the recovery console.
1. It does not matter you have switched off the Security in the Recovery menu
2. and then in the Terminal changed the SIP by csrutil disable; csrutil authenticated-root disable.
You may not have success on Intel Mac, but definitely it is not working on my new MacBook Air M1 (ok not subj of this forum).
Unfortunately Im not the successful one on the Intels hack. Some are reporting they have success. I had to mount the disk from the other boot disk and then do the change.
Anyways for those who mind it should go like this:

1.Recovery console
2. Terminal: csrutil disable; csrutil authenticated-root disable.
3. (may work) mount -uw /
3b reboot in the MAcOS; (may work) mount -uw /
4. vim /System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist
5. bless --folder /System/Library/CoreServices --bootefi --create-snapshot
6. potential recovery console with csrutil auth-root back

What has worked for me was the following
1. Boot to other system disk installation
2. Terminal; sudo -i
3. mount -uw /Volumes/MAC - the other system disk where the file shoud be changed
4. vim /Volumes/MAC/System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist
5. bless --folder /Volumes/MAC/System/Library/CoreServices --bootefi --create-snapshot
6. Reboot to primary system and change firewall rules to block unwanted Apple home calling
 
Last edited:
Doing some research on "trustd" issue in order to delete the 50 services going fully out of the scope of LULU/LittleSnitch which are specified in the /System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist.
This ones need disabled authenticated-root in order to remove the nasty list compromising you privacy when on VPN. According to my research it is not always working on Intel MacOS by the recovery console.
1. It does not matter you have switched off the Security in the Recovery menu
2. and then in the Terminal changed the SIP by csrutil disable; csrutil authenticated-root disable.
You may not have succes on Intel Mac, but definitely it is not working on my new MacBook Air M1 (ok not subj of this forum).
Unfortunately Im not the succesfull one on the Intels hack. Some are reporting they are. I had to mount the disk from the other boot disk and then do the change.
Anyways for those who mind it should go like this:

1.Recovery console
2. Terminal: csrutil disable; csrutil authenticated-root disable.
3. (may work) mount -uw /
3b reboot in the MAcOS; (may work) mount -uw /
4. vim /System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist
5. bless --folder /System/Library/CoreServices --bootefi --create-snapshot
6. potential recovery console with csrutil auth-root back

What has worked for me was the following
1. Boot to other system disk installation
2. Terminal; sudo -i
3. mount -uw /Volumes/MAC
4. vim /Volumes/MAC/System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist
5. bless --folder /Volumes/MAC/System/Library/CoreServices --bootefi --create-snapshot
6. Reboot to primary system and change firewall rules to block unwanted Apple home calling

Thank you for the research you have done, and the workaround you have devised. That will be very useful. :thumbup:

I think that the network snooping issue is slightly different to system file protection and access that the OP was trying to overcome though.

:)
 
Status
Not open for further replies.
Back
Top