A latest default security oriented feature known as System Integrity Protection or rootless is enabled by the Apple. This feature is present in OS X 10.11 onward. The main aim of rootless feature is preventing Mac OS X from compromising with malicious code, whether deliberately or by mistake. SIP or system integrity protection lock down precise system level locations in the file system while at the same time blocking certain processes from connecting to system-level processes.
So, it is clear that System Integrity Protection security feature is very effectual so majority of Mac users must leave rootless enabled. But a group of advanced Mac users that want to disable SIP rootless on their OS X installation, below given guide become useful.
System Integrity Protection locks down the below given system level directories in OS X:
/usr (with the exemption of /usr/local subdirectory)
So, rootless may prevent some apps, tools, and scripts to not run at all, still with sudo privelege, root user enabled, or admin access.
Steps to turn Off Rootless System Integrity Protection in OS X El Capitan 10.11 +
Note: Disabling rootless is aimed exclusively at advanced Mac users. Disable SIP at your own risk.
Step 1: Boot your OS X into Recovery mode. Restart the Mac and keep pressing Command + R keys concurrently after you listen to the startup chime
Step 2: Once “OS X Utilities” screen appears, drag down the ‘Utilities’ menu present at the top of the screen in its place, and select “Terminal”
Step 3: After it types or copy paste below given command into the terminal and press return:
csrutil disable; reboot
Step 4: A message will appears that say “that System Integrity Protection has been disabled and the Mac needs to restart for changes to take effect” After it Mac will reboot itself automatically.
You can also issue the command by itself without the automatic restart like so:
After the successful completion of Mac restart process, System Integrity Protection will be disabled completely in OS X.
How to verify the Status of Rootless / System Integrity Protection in OS X
In the manner to know the status of rootless before restarting the Mac into recovery mode, just use the below given command into the Terminal:
You’ll get either one of two messages:
$ csrutil status
System Integrity Protection status: enabled.
$ csrutil status
System Integrity Protection status: disabled
Command to Re-Enable Rootless System Integrity Protection in OS X
Restart the Mac again into Recovery Mode as given above, and use the below given syntax:
After this, a Mac will restart for the changes to take effect.
Conclusion: So with the above given steps you can easily Disable and enable SIP with ease. It is recommended that disable SIP only when it is required.