I know about SIP, so when I could not delete a file as root from a Mac running El Capitan, I checked for a restricted
flag using ls -lOd
and saw that the file had no flags. So why is it that I still cannot delete it? The ls
command also ruled out the uchg
and schg
flags and I'm doing this as root so I don't need to worry about chown
.
MacOS – get “Operation Not Permitted” when I try (as root) to delete a file that does not have the `restricted` flag set
macossip
Best Answer
Turns out that in addition to the
restricted
flag, SIP protection can be invoked on a file by giving it thecom.apple.rootless
attribute. Attributes are not shown byls -lOd
, you needls -l@d
to see them. (Strictly speaking, thed
option is not necessary, it is there so that when you dols
on a directory, you only get information about the directory itself without also getting info on everything in the directory.)Much more information on this is available here.