netkas.org

El Capitan Obvio

Collecting some information in this post:

iMac (Mid 2007 or newer) • MacBook Air (Late 2008 or newer) • MacBook (Late 2008 Aluminum, or Early 2009 or newer) • Mac mini (Early 2009 or newer) • MacBook Pro (Mid/Late 2007 or newer) • Mac Pro (Early 2008 or newer) • Xserve (Early 2009)

kext-dev-mode still works

Nvidia driver is….. still 310.42.05a43 , no love for maxwell

New root-less security is based on sandboxing shell and its commands, so you can’t edit system files even if you a root and file has 755 mode

files are editable if you boot yosemite

To disable rootless mode set boot argument rootless=0

You can still set boot-args with sudo nvram even in rootless mode.

No Metal for pre-Fermi nvidia cards

OpenGL still at level 4.1

Comments

  1. Jared
    June 9th, 2015 | 1:42 am

    Thanks for figuring out the rootless thing, I thought I was going to go insane! Do you know how to disable it on an official Mac? Like what hotkey combination you press?

  2. charles
    June 9th, 2015 | 5:20 am

    What is the Intel 4xxx/5xxx driver version?

    Thx

  3. Graeme
    June 10th, 2015 | 4:27 am

    Hi, is there any support in ElCap for Haswell E and socket 2011 v3 ?
    I installed from Yosemite using the ElCap installer App onto a clean partition on the same HDD. It rebooted and finished the install, then rebooted to stall at a clear white screen, but I haven’t managed to get that far again subsequently. My Clover boot includes the Haswell_E patch that works with Yosemite.

  4. jafd
    June 11th, 2015 | 7:05 am

    > New root-less security is based on sandboxing shell and its
    > commands, so you can’t edit system files even if you a root and
    > file has 755 mode

    Some interesting questions to ponder over while we are here (I think most of the Hackintosh community will routinely run rootless=0).

    How do they get around rootless when they, well, do need to edit the system files (in installers or elsewhere)? Some flags set on the Installer binary, not entirely unlike SELinux contexts? Code signing-based trust?

    And what does constitute a “system file”? Can I mark an arbitrary file in my $HOME as a system file?

    Can I ban root from *reading* a file? A use case being my GPG keys.

    Does rootless work while booting in single-user mode? (while we are at it: Yosemite has single-user thoroughly crippled; for one, I cannot start directory services to manipulate users there anymore. I don’t know if this is at least somewhat remedied in El Cap)

  5. June 13th, 2015 | 4:16 am

    thanks for the usefull information.
    what is rootless=0 mean?!

Leave a reply