2

As Apple locked user access further with 10.15 Catalina, after 20 years using Apple systems I held off on updating as my work requires access beyond what Privacy settings allows in System Preferences. I've disabled SIP and Gatekeeper since their introduction (warning: only do this if you know what you are doing and have experience in OS X, this is not an endorsement), yet as a developer I gave up on Catalina after my efforts in finding a way to enable User access turned into an exercise in futility.

I finally came across a post with a solution that seems to work but only if the system is not rebooted/restarted

link: "MacOS switched root Mongodb data folder to system ownership and it cannot be changed back anymore" https://superuser.com/a/1459064/1091567 .

This solves the matter and while I rarely reboot my systems, I'd prefer a permanent solution. I could always make a simple script on reboot and login, yet there has to be a more elegant and automatic method especially as developers will need to resolve access for some of their apps to work.

Anyone know of a permanent method in allowing user access to root/system? Thanks!

EDIT: Please keep the responses on topic and civil as per site regulations.

As for macOS 10.15, it seems a lot of people have not read up on the changes and should as Apple released 10.15 GM today. There are now two Applications folders, a second location in the System volume which is now read only. You cannot overwrite/modify/link/etc files even with SIP disabled using your password. Everything in System is completely locked down. Some have found temporary work arounds such as the one I linked in this post yet that work around resets every time the system restarts. For applications that require root access such as TotalSpaces, there is no way to automatically bypass Apple's new level of security without a simple terminal command altering disabling SIP in Recovery and a few other steps. My question was merely finding a way to execute said terminal command when the system restarts to create a seamless experience.

Here's a start I referenced in the replies:

macOS Catalina Protects the OS in its Own Read-only Volume

https://www.macobserver.com/analysis/macos-catalina-protects-os-read-only-volume/

"In spite of these security improvements, ways have been found to bypass SIP. The next step Apple is taking involves putting macOS in its own volume, making it read-only, and according to the article above, required “the development of a new type of bi-directional symbolic link named a firmlink, which enables the two boot volumes to integrate and function as one."

Improve this question
6
  • This feels like an XY Problem. What are you trying to accomplish by allowing user write access to the root directory and /System?
    – Spiff
    Commented Sep 18, 2019 at 22:27
  • "As Apple locked user access further with 10.15 Catalina" can you add a reference about this?
    – 174140
    Commented Sep 19, 2019 at 6:10
  • 1
    It's literally in the post above and on Apple's site. There are now TWO volumes, with system/root being locked - you can read but you cannot write. Let's keep this civil and on point. If you have a solution to the problem many are experiencing any help would be appreciated. If not, it is against site rules to comment off-topic.
    – CJD
    Commented Oct 8, 2019 at 2:02
  • 1
    "This feels like an XY Problem. What are you trying to accomplish by allowing user write access to the root directory and /System?" Many apps such as TotalSpaces require root access. SIP has been easy to disable along with GateKeeper however this locks system down completely in addition to having to Applications folders - one in the usual location and another in System/Applications. Anything in System is locked down and cannot be changed with permissions modifications or simply entering your password. There is a work around I linked about but it resets with restarts.
    – CJD
    Commented Oct 8, 2019 at 2:06
  • 1
    "As Apple locked user access further with 10.15 Catalina" can you add a reference about this?" "macOS Catalina Protects the OS in its Own Read-only Volume" macobserver.com/analysis/… Seems a lot of people are not up on macOS 10.15 which has been in development since June. As a developer, we have been watching keenly for a resolution. Apple just released the GM build today. You should read up as it seems a lot of people do not know the changes.
    – CJD
    Commented Oct 8, 2019 at 2:09

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .