Since after two major release, Apple brought rapid evolution to secure there macOS Volumes where it is too much difficult to make any changes on root volume. They have made cryptographical way to access there root volume which is not possible to do if you are newbie. In this article i will show you how we can access and Write Access on Big Sur and newer OS also this guide also works on Catalina.
To Enable Write Access on Big Sur, Primary step is to disable System Integrity Protection (SIP) and Disable cryptographic verification and all this can done in following way. Ideally if you are Legit mac user you can simply boot into Recovery and use following commands which can disable SIP and cryptographic verification.
csrutil disable csrutil authenticated-root disable
If you are Clover user kindly following way.
- Open config.plist in Clover Configurator
- Navigate RT Variables > CsrActivateConfig
- Change CsrActivateConfig to appropriate value
- Disable SIP: 0x67
- Enable SIP: 0x00
- Reboot Hackintosh to apply changes
How to Enable Write Access on Big Sur
For OpenCore Procedure would be liitle diifrent where you need to add entries of csr-active-config in following location and based on your Operating system you can put your values
Our Other Articles
NVRAM -> Add -> 7C436110-AB2A-4BBB-A880-FE41995C9F82 -> csr-active-config)
00000000– SIP completely enabled (0x0).
03000000– Disable kext signing (0x1) and filesystem protections (0x2).
FF030000– Disable all flags in macOS High Sierra (opens new window)(0x3ff).
FF070000– Disable all flags in macOS Mojave (opens new window)and in macOS Catalina (opens new window)(0x7ff) as Apple introduced a value for executable policy.
FF0F0000– Disable all flags in macOS Big Sur (0xfff) which has another new flag for authenticated root (opens new window).
The root volume is now a cryptographically sealed apfs snapshot. Every single bit of the fsroot tree and file contents are verified when they are read from disk. So It is no longer possible to boot a “live” filesystem, that is, one which can be written to. You can instead disable authentication of the root volume by booting to recovery and running following command in Terminal
csrutil authenticated-root disable
Once you’ve done that, you can mount the live version of the root filesystem, make modifications to that, and then make a new snapshot. You can then boot from that snapshot.Synthetic symlinks and directories still work just fine in a Signed System Volume. Mounting the live filesystem after disabling root authentication can be done via follwoing command but before everything make sure create mount point.
$ mkdir /Lucifer $ sudo mount -o nobrowse -t apfs /dev/diskNsM /Lucifer
diskNsM can be obtained by running `mount`, looking for the root mount’s device, and chopping off the last s, e.g. if your root is /dev/disk1s2s3, you’ll mount /dev/disk1s2 The mount point is anything you choose. Once you’ve got the live mount at /path/to/mntpoint, you can modify stuff. After your modifications are complete, run
$ sudo bless --folder /Lucifer/System/Library/CoreServices --bootefi --create-snapshot
Then reboot, and you’ll be booted from the new snapshot you created, with your modifications honoured. Authentication is disabled and source is twitter.