Skip to main content

How to enable specific part of System Integrity Protection(SIP) while keeping few sections of it disabled.

macOS SIP supports a set of hidden options to disable few sections of SIP by passing hidden options to csrutil tool. 


 Each of these can be selectively disabled by running one of the following commands while booted into Recovery mode:

  • csrutil enable --no-internal
  • csrutil enable --without kext
  • csrutil enable --without fs
  • csrutil enable --without debug
  • csrutil enable --without dtrace
  • csrutil enable --without nvram

You can disable two or more components by structuring the command as follows:
  • csrutil enable --without kext  --without debug


 Note : These options are tested on macOS ElCapitan , on higher version of macOS some or all of them may not work.


Comments

Popular posts from this blog

How to find firmware or boot ROM version in Mac OS X

Firmware and boot ROM version of your mac can be found in two ways.
Way 1 :
1. From "Apple" menu , choose "About This Mac" menu item. 2. Click " More Info " to open "System Profiler" application. 3. Under Contents -> Select Hardware Tree item.
On the right side panel Under hardware overview section, we can see Boot ROM Version and SMC (Firmware) Version.








Way 2 :
Run the below command in terminal to get boot ROM version and SMC(firmware) version :
$ system_profiler SPHardwareDataType | grep -i "Version" | awk -F ':' '{print $1 $2}'

How to decrypt the Filevault encrypted volume using Recovery HD ?

There might be a time where you want decrypt the FileVault encrypted mac, but you are facing issues in logging into Mac to perform decryption using system preferences. In such cases the following steps will help you in decrypting the disk using Recovery HD. Reboot the Mac, Go to recovery HD partition of the system. (To start your computer from Recovery, restart your Mac and hold down the Command and R keys at startup.)Open Terminal application from Utilities -> Application. First will need to identify the Logical Volume UUID of the encrypted drive using the diskutil corestorage list command: diskutil corestorage list

      4.  Once you have the UUID of the logical volume as shown in above picture, you can then either             unlock or decrypt the encrypted volume using the following commands.
      a) Using the password of an authorised account or the recovery key ( Provided by the                                FileVault at the time of enabling it) on the command line            …