How to Enable Write Access on Root Volume on macOS Big Sur and Later

EliteMacx86

Administrator
Staff member
Joined
Jul 22, 2018
Messages
2,827
Motherboard
Supermicro X11SPA-T
CPU
Intel Xeon W-3275 28 Core
Graphics
2xAMD RX 580 8GB
OS X/macOS
11.0.x
Bootloader
  1. OpenCore
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
  2. iOS
...because you asked for it? (Or maybe I disinterpreted your question for SIP status accordingly.)
Let's clear it if you're still confused. You're using an iMac Pro. The question is why do you want to disable SIP? And why do you want to enable write access on the root volume?
 

AllertCron

New member
Joined
Nov 25, 2021
Messages
10
Motherboard
Apple iMac Pro
CPU
3,2 GHz Intel Xeon W
Graphics
Radeon Pro Vega 56 8 GB
OS X/macOS
12.0.x
Bootloader
  1. Clover (UEFI)
Mac
  1. iMac Pro
Mobile Phone
  1. Android
According to my experience so far, there are several reasons to disable SIP (at least temporarily), espc. when "doing things to the system, that Apple does not want you to do" (like e.g. deleting some absolute unneccessary - and unwanted - default Apps like the chess game in your program folder) and getting write access to the root volume seems to be clearly one of those things ;).

The Mac that I want to perform this task is not MY iMac Pro - but still a regular 27" iMac.

And I'd like to get temporary write access to the root volume to simply change the aspect that the root level of my System HD displays to me, when openig it (which can no longer be altered, since Apple introduced us with the blessing of their "sealed system partition" policy).

When this folder looks the way I'd like it to look, the root partition can be locked again.

So if you please can provide some help to the final task of blessing the root volume, altered in the way described by me above, it would be greatly appreciated, since I keep getting the "operation not permitted" error whatever I do – SIP enabled or disabled whatever.
 
Last edited:

EliteMacx86

Administrator
Staff member
Joined
Jul 22, 2018
Messages
2,827
Motherboard
Supermicro X11SPA-T
CPU
Intel Xeon W-3275 28 Core
Graphics
2xAMD RX 580 8GB
OS X/macOS
11.0.x
Bootloader
  1. OpenCore
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
  2. iOS
According to my experience so far, there are several reasons to disable SIP (at least temporarily), espc. when "doing things to the system, that Apple does not want you to do" (like e.g. deleting some absolute unneccessary - and unwanted - default Apps like the chess game in your program folder) and getting write access to the root volume seems to be clearly one of those things ;).
Now, that's good that you mentioned it!
The Mac that I want to perform this task is not MY iMac Pro - but still a regular 27" iMac.
Oh. Still, not an issue :) A dedicated site and forum for a wide range of support is on its way!
And I'd like to get temporary write access to the root volume to simply change the aspect that the root level of my System HD displays to me, when openig it (which can no longer be altered, since Apple introduced us with the blessing of their "sealed system partition" policy).
Indeed!
So if you please can provide some help to the final task of blessing the root volume, altered in the way described by me above, it would be greatly appreciated, since I keep getting the "operation not permitted" error whatever I do – SIP enabled or disabled whatever.
So, the very first thing you need to do is Disable SIP and then attempt to enable Write Access. If you get into any issue, provide error logs and attach screenshots to address the issue.
 

AllertCron

New member
Joined
Nov 25, 2021
Messages
10
Motherboard
Apple iMac Pro
CPU
3,2 GHz Intel Xeon W
Graphics
Radeon Pro Vega 56 8 GB
OS X/macOS
12.0.x
Bootloader
  1. Clover (UEFI)
Mac
  1. iMac Pro
Mobile Phone
  1. Android
OK - will do so, but on Monday (for today I'm off work).
 

EliteMacx86

Administrator
Staff member
Joined
Jul 22, 2018
Messages
2,827
Motherboard
Supermicro X11SPA-T
CPU
Intel Xeon W-3275 28 Core
Graphics
2xAMD RX 580 8GB
OS X/macOS
11.0.x
Bootloader
  1. OpenCore
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
  2. iOS

AllertCron

New member
Joined
Nov 25, 2021
Messages
10
Motherboard
Apple iMac Pro
CPU
3,2 GHz Intel Xeon W
Graphics
Radeon Pro Vega 56 8 GB
OS X/macOS
12.0.x
Bootloader
  1. Clover (UEFI)
Mac
  1. iMac Pro
Mobile Phone
  1. Android
Okay, here is my terminal output (self explanatory):

allertcron@iMac-AllertCron ~ % csrutil status System Integrity Protection status: disabled. allertcron@iMac-AllertCron ~ %

allertcron@iMac-AllertCron ~ % mkdir ~/livemount

allertcron@iMac-AllertCron ~ % diskutil list /dev/disk0 (internal, physical): #: TYPE NAME SIZE IDENTIFIER 0: GUID_partition_scheme *500.3 GB disk0 1: EFI ⁨EFI⁩ 314.6 MB disk0s1 2: Apple_APFS ⁨Container disk1⁩ 500.0 GB disk0s2 /dev/disk1 (synthesized): #: TYPE NAME SIZE IDENTIFIER 0: APFS Container Scheme - +500.0 GB disk1 Physical Store disk0s2 1: APFS Volume ⁨Macintosh HD⁩ 15.7 GB disk1s1 2: APFS Snapshot ⁨com.apple.os.update-...⁩ 15.7 GB disk1s1s1 3: APFS Volume ⁨Preboot⁩ 271.7 MB disk1s2 4: APFS Volume ⁨Recovery⁩ 1.1 GB disk1s3 5: APFS Volume ⁨VM⁩ 3.2 GB disk1s4 6: APFS Volume ⁨Macintosh HD - Daten⁩ 5.2 GB disk1s5

allertcron@iMac-AllertCron ~ % sudo mount -o nobrowse -t apfs /dev/disk1s1 ~/livemount Password: XXXXXXX allertcron@iMac-AllertCron ~ %

< performed several task on system HD like altering the default preview for root folder, system folder, system library folder etc. >

allertcron@iMac-AllertCron ~ % sudo kmutil install --volume-root ~/livemount --update-all checking collections... Warning: com.apple.driver.KextExcludeList was not found! updated extension 'com.apple.driver.AppleMobileDevice' found on disk at '/Library/Apple/System/Library/Extensions/AppleMobileDevice.kext' (Info.plist changed) updated extension 'com.apple.driver.usb.AppleUSBVHCICommonRSM' found on disk at '/Users/allertcron/livemount/System/Library/Extensions/AppleUSBCommon.kext/Contents/PlugIns/AppleUSBVHCICommonRSM.kext' (mach-o UUID changed from <unknown> to 4DA8930B-6C41-3E17-8D1C-5525EA5981B7) rebuilding release collections: boot, system rebuilding release collections: boot kernel collection system kext collection rebuilding local auxiliary collection kmutil done

allertcron@iMac-AllertCron ~ % sudo bless --folder ~/livemount/System/Library/CoreServices --bootefi --create-snapshot Couldn't create snapshot on volume /Users/allertcron/livemount: Operation not permitted

¯\_( 😳 )_/¯
 

EliteMacx86

Administrator
Staff member
Joined
Jul 22, 2018
Messages
2,827
Motherboard
Supermicro X11SPA-T
CPU
Intel Xeon W-3275 28 Core
Graphics
2xAMD RX 580 8GB
OS X/macOS
11.0.x
Bootloader
  1. OpenCore
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
  2. iOS
Okay, here is my terminal output (self explanatory):

allertcron@iMac-AllertCron ~ % csrutil status System Integrity Protection status: disabled. allertcron@iMac-AllertCron ~ %

allertcron@iMac-AllertCron ~ % mkdir ~/livemount

allertcron@iMac-AllertCron ~ % diskutil list /dev/disk0 (internal, physical): #: TYPE NAME SIZE IDENTIFIER 0: GUID_partition_scheme *500.3 GB disk0 1: EFI ⁨EFI⁩ 314.6 MB disk0s1 2: Apple_APFS ⁨Container disk1⁩ 500.0 GB disk0s2 /dev/disk1 (synthesized): #: TYPE NAME SIZE IDENTIFIER 0: APFS Container Scheme - +500.0 GB disk1 Physical Store disk0s2 1: APFS Volume ⁨Macintosh HD⁩ 15.7 GB disk1s1 2: APFS Snapshot ⁨com.apple.os.update-...⁩ 15.7 GB disk1s1s1 3: APFS Volume ⁨Preboot⁩ 271.7 MB disk1s2 4: APFS Volume ⁨Recovery⁩ 1.1 GB disk1s3 5: APFS Volume ⁨VM⁩ 3.2 GB disk1s4 6: APFS Volume ⁨Macintosh HD - Daten⁩ 5.2 GB disk1s5

allertcron@iMac-AllertCron ~ % sudo mount -o nobrowse -t apfs /dev/disk1s1 ~/livemount Password: XXXXXXX allertcron@iMac-AllertCron ~ %

< performed several task on system HD like altering the default preview for root folder, system folder, system library folder etc. >

allertcron@iMac-AllertCron ~ % sudo kmutil install --volume-root ~/livemount --update-all checking collections... Warning: com.apple.driver.KextExcludeList was not found! updated extension 'com.apple.driver.AppleMobileDevice' found on disk at '/Library/Apple/System/Library/Extensions/AppleMobileDevice.kext' (Info.plist changed) updated extension 'com.apple.driver.usb.AppleUSBVHCICommonRSM' found on disk at '/Users/allertcron/livemount/System/Library/Extensions/AppleUSBCommon.kext/Contents/PlugIns/AppleUSBVHCICommonRSM.kext' (mach-o UUID changed from <unknown> to 4DA8930B-6C41-3E17-8D1C-5525EA5981B7) rebuilding release collections: boot, system rebuilding release collections: boot kernel collection system kext collection rebuilding local auxiliary collection kmutil done

allertcron@iMac-AllertCron ~ % sudo bless --folder ~/livemount/System/Library/CoreServices --bootefi --create-snapshot Couldn't create snapshot on volume /Users/allertcron/livemount: Operation not permitted

¯\_( 😳 )_/¯
Are you performing all these tasks via Recovery?
 

AllertCron

New member
Joined
Nov 25, 2021
Messages
10
Motherboard
Apple iMac Pro
CPU
3,2 GHz Intel Xeon W
Graphics
Radeon Pro Vega 56 8 GB
OS X/macOS
12.0.x
Bootloader
  1. Clover (UEFI)
Mac
  1. iMac Pro
Mobile Phone
  1. Android
Are you performing all these tasks via Recovery?

Hi & sorry for the delay in response - I've been struck by the 'rona. o_O

Took me some time to get back on my feet, but I think that now I've overcome this shite... :cautious:

Still, I'm undergoing quarantine until 17.12. and won't be able to access the iMac I want to perform my tasks until the christmas week...

In reply to your question: No, of course not. On recovery HD, you have no Finder - so I couldn't probably perform tasks like "changing the default preview for root folder, system folder, system library folder" etc., right? ;)

So - are there any parts of the workthrough that MUST be performed from recovery HD?

What about the two warnings / error messages like
Code:
com.apple.driver.KextExcludeList was not found!
and
Code:
Couldn't create snapshot on volume /Users/allertcron/livemount: Operation not permitted - ?
?
 

AllertCron

New member
Joined
Nov 25, 2021
Messages
10
Motherboard
Apple iMac Pro
CPU
3,2 GHz Intel Xeon W
Graphics
Radeon Pro Vega 56 8 GB
OS X/macOS
12.0.x
Bootloader
  1. Clover (UEFI)
Mac
  1. iMac Pro
Mobile Phone
  1. Android
@EliteMacx86 : Today I'm back @ work, having again full access to the machine that I'd like to perform the alterations onto.

I'd really appreciate any help from you to get rid of those two error messages mentioned in my last post.
 

EliteMacx86

Administrator
Staff member
Joined
Jul 22, 2018
Messages
2,827
Motherboard
Supermicro X11SPA-T
CPU
Intel Xeon W-3275 28 Core
Graphics
2xAMD RX 580 8GB
OS X/macOS
11.0.x
Bootloader
  1. OpenCore
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
  2. iOS
Hi & sorry for the delay in response - I've been struck by the 'rona. o_O

Took me some time to get back on my feet, but I think that now I've overcome this shite... :cautious:

Still, I'm undergoing quarantine until 17.12. and won't be able to access the iMac I want to perform my tasks until the christmas week...

In reply to your question: No, of course not. On recovery HD, you have no Finder - so I couldn't probably perform tasks like "changing the default preview for root folder, system folder, system library folder" etc., right? ;)

So - are there any parts of the workthrough that MUST be performed from recovery HD?

What about the two warnings / error messages like
Code:
com.apple.driver.KextExcludeList was not found!
and
Code:
Couldn't create snapshot on volume /Users/allertcron/livemount: Operation not permitted - ?
?
@EliteMacx86 : Today I'm back @ work, having again full access to the machine that I'd like to perform the alterations onto.

I'd really appreciate any help from you to get rid of those two error messages mentioned in my last post.
I have been busy with work, but available today. I checked with one of my spare Mac mini and I had the same issue as yours. Unfortunately, I have not got much time since then to check further. But at the time of this guide, I used BS 11.2.3 and it worked.
 

Forum statistics

Threads
574
Messages
5,841
Members
5,089
Latest member
OmegaRed1723