OS X El Capitan ‘Rootless’ Migration Issues

Mac No Comments »

I migrated to OS X 10.11 the day after it was released and then hadn’t had a chance to play with it until today. A few years ago I made a small script to automate login on one of my machines. I put the script in the /usr/bin/ folder and all had been well. It turns out that Apple made a change to make the OS more secure. No longer does the ‘sudo’ command give you access to everything. Now if you try to put anything in /System/, /bin/, /usr/, or the /sbin/ folders even with sudo, you will be denied. Only an Apple signed file can be put in those directories. With the exception of /usr/local/ that is. You can find many fine articles on why, and how to disable this new feature, like this fine article at Ars Technica.

Knowing why doesn’t much help you should you find yourself in my position. I couldn’t remember exactly what was in the script. So I went looking for my trusty Time Machine backup. However Time Machine doesn’t provide an easy way to locate protected directories like the /usr/bin/ I eventually discovered I had put my script in. I was forced to do some Googling to find out that Apple moved files that were not supposed to be in those protected directories to a special folder. ¬†Apple helpfully moved them to /Library/SystemMigration/History/Migration-{UUID from somewhere only Apple knows}/QuarantineRoot/{Then whatever folder it was under. In my case it was usr/bin/}. ¬†Once I sudo copied my script over to /usr/local/bin I was able to run it again and all was well with the world again….. Until next year when Apple changes our world yet again. But hey, it’s still safer then Windows. At least as long as you don’t have Flash or Java. In that case you might as well just buy a PC.

WP Theme & Icons by N.Design Studio
Entries RSS Comments RSS Log in