Skip to main content

Disable Security Features to Dual Boot OS X - El Capitan

So, I've recently been working on updating/rebuilding my latest little friend (an 11" MacBook Air) to dual boot the latest OS X, El Capitan, and Kali. I'll go over everything in full detail as soon as I can finish the setup, but I wanted to get this out there for anyone else that may stumble upon any issues with setting up rEFInd on an updated mac.

To start, while on Yosemite, I downloaded El Capitan from the App Store, and copied the install files to a USB. From there I preformed my upgrade. This might not be a good option for some people, as I'm sure your mac might be your primary computer... For me, that's not a problem. I tend to keep my essentials on USB drives / cloud storage as I tend to need access from different devices (phone, computer, tablet, etc.).

After preforming a clean install of El Capitan, I headed over to the rEFInd website, download the program and ran the install.sh script... Now, that appears to work, like it did with pervious versions of OS X. However, on reboot...no joy... So, I started down the path to see what went wrong. I go though the manual steps (I won't detail them here because the folks at rEFInd do a good job with that), and I find that everything appears to be as it should be.

Now, the final step in the manual install says to issue the "bless" command. When I attempted to issue the "bless" command, the terminal promptly responded with "bless failed"... Super....

A quick Google took me over to a thread on GitHub where this same issue was seen on BootChamp (see below for the reference). In that thread, I find this little nugget of information pulled form Apple's website:
Note: To safeguard against disabling System Integrity Protection by modifying security configuration from another OS, the startup disk can no longer be set programmatically, such as by invoking the bless(8) command.
After reading though everything, I had my plan of attack:

  1. Boot to recovery using the USB install disk that I created prior to the upgrade (like I said, I like to start fresh)
  2. Pull open the terminal while in recovery mode
  3. Enter the following command
csrutil disable


Now, for some pics for those that may get lost at this point:

Terminal in recovery with command ready to go


From here, I restarted the machine, then finalized the install of rEFInd using the "bless" command (again, detailed in the Manual Install instructions from their website). After that finishes successfully, I run another restart and viola! I'm in business:



References:

rEFInd:
http://www.rodsbooks.com/refind/

GitHub BootChamp Reference:
https://github.com/kainjow/BootChamp/issues/19

Apple's System Integrity Protection:
https://developer.apple.com/library/prerelease/mac/documentation/Security/Conceptual/System_Integrity_Protection_Guide/ConfiguringSystemIntegrityProtection/ConfiguringSystemIntegrityProtection.html
Labels:

Comments

Post a Comment

Popular posts from this blog

Visio Stencils Pack for Azure and Microsoft Integration (v5.0.0)

First off, I'd like to send a big shout out to Sandro Pereira who's been managing the vision stencils pack. Essentially, I'm re-posting his information here, because I had a really hard time finding the latest Visio pack for Azure, that wasn't a bunch of SVG's. My thought is that if more people re-post, maybe the search engines of the internet will have an easier time propagating the information... Sandero's Blog (the original post around the new stencils): https://blog.sandro-pereira.com/2019/10/18/microsoft-integration-and-azure-stencils-pack-for-visio-new-major-version-available-v5-0-0/ Sandero's GitHub: https://github.com/sandroasp/Microsoft-Integration-and-Azure-Stencils-Pack-for-Visio Microsoft TechNet Download: https://gallery.technet.microsoft.com/Collection-of-Integration-e6a3f4d0 I will say, and maybe it's just because I'm using Visio 2013, each icon has a boarder that needs to be removed when putting it on the page... Likely it...
Post a Comment
Read more

Keto Kickin' Choffle

Alight, first recipe on the blog... If you've had a chance to reach the "About" section, you will have seen that, rather than spinning up multiple blogs, I'm just going to combine my passions for tech, food, health, and music into this one space. If you're not a fan, then too bad. I really just don't want to manage more than one blog.... With that, here goes nothing... So I recently came across the choffle. This is a really great, and fast to make replacement for buns. I'm also a huge fan of spicy foods. Well, I got the great idea to combine the heat with the choffle. And let me tell you, it turned out really good. I like to use this for a bun replacement when I'm in the mood for that extra kick, but not the extra toppings. Why? Because the extra toppings are now combined in the choffle. Thus removing the need for the additional toppings on my burgers. Enjoy. Kickin' choffle The choffle mix with a kick! Author: Larry L. Preparation Time: 3...
Post a Comment
Read more

Replacing rsyslog with syslog-ng on RHEL 6.5

So...I had a piece of monitoring software that didn't play nice with the RHEL default rsyslog for log collection. The software was developed to only work with syslog-ng. I'll be going over the steps that I took, that worked for me, in replacing rsyslog with syslog-ng. I would imagine that these same steps should work for any Linux system similar to RHEL (Fedora, CentOS, etc.). For others (like Debein based distributions), I would need to look into that (coming in a future update to this post). First, remove rsyslog. You will need to keep the dependencies as they will be needed for syslog-ng: sudo rpm -e --nodeps rsyslog Next we will need to add the EPEL repository (more info can be found HERE ): wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm sudo rpm -ivh epel-release-6-8.rpm sudo yum repolist That last command will list all the installed repositories. You are simply verifying that the EPEL package has been installed. Now that we fi...
1 comment
Read more