I have an instance of OS X El Capitan running on VMWare Workstation 10. I need to make changes to /System
and therefor have to disable System Integrity Protection. How do I access recovery mode on this VM so I can disable SIP?
MacOS – Disable System Integrity Protection on OS X running on VMware
macosSecurityvirtualizationvmware
Related Question
- MacOS – VMWare Tools do not allow changing resolution in El Capitan
- MacOS – El Capitan: will System Integrity Protection defence stop sandbox program from accessing System.log
- MacOS – Os X El Capitan: will System Integrity Protection patch .AppleSetupDone exploit/hack
- MacOS – Is it safe to disable System Integrity Protection
- MacOS – Does disabling “System Integrity Protection” in El Cap cause shutdown/restart/logout issues
- MacOS – unload nfsd – Operation not permitted while System Integrity Protection is engaged
- MacOS – How do system services modify protected directories with system integrity protection
- How to disable SIP when Big Sur is installed in a VMware Fusion Player virtual machine
Best Answer
I know this is an older question but I came across it looking for a solution to this problem so I figured I would submit an answer that contains all of the info I came across in one place.
Background
My environment
Host
Guest
I originally tried adding
macosguest.forceRecoveryModeInstall = "TRUE"
to my.vmx
config. This allowed me to boot into recovery and could disable SIP but then I couldn't get the VM to boot normally, even after removing that line.The solution to this problem I found was to just delete the
.nvram
file. Unfortunately, that's where the flag to disable SIP is stored so when my VM came back up SIP was enabled again.My Solution
From the Terminal, run the following commands (thanks to G5tube for this suggestion)
The second command will reboot your Mac instantly, so better save any unfinished work first.
Once the Mac has rebooted into the Recovery / Installer system (you may have to choose your language first): From the menu bar, click
Utilities
>Terminal
Run
csrutil disable
from the terminal, followed byreboot
Once your VM has rebooted normally you can verify that SIP was disabled by opening a terminal and running
csrutil status
To turn SIP back on, follow the same steps as above but run
csrutil enable
at the recovery terminal instead.