OSX 10.11 DP5 disables rootless=0 option

Since osx 10.11 dp5 (15A235d) it’s now not possible to disable rootless security by using boot argument rootless=0.

you now have to boot into osx recovery and disable system integrity protection from security settings there.


  1. Omega
    July 28th, 2015 | 10:31 pm

    What’s this mean for hacks? you need rootless for initial boot to load fakesmc as far as I know.

  2. Asgorath
    July 28th, 2015 | 10:50 pm

    Clover r3250 adds support for a config.plist setting called CsrActiveConfig that will set the same NVRAM variable as the utility in the recovery partition OS.

  3. Crazor
    July 29th, 2015 | 11:28 am

    So has anybody had a look at how the tool on the recovery partition disables rootless mode?

  4. Omega
    July 29th, 2015 | 9:16 pm

    Ah good job on that Asgorath. So it basically fakes being a recovery boot so it can set the flag if it’s not set. Does it require additional config to do so or is it automated. you boot with that clover version or later, it detects it’s not set, it sets it, continues boot as normal?

  5. Asgorath
    July 30th, 2015 | 4:43 pm

    Check the CsrActiveConfig key in the RtVariables section of the sample plist:

    If you set that in your config.plist, Clover will set the NVRAM key if needed.

Leave a reply