SIP in 10.12.4 prevents unloading system daemons
| Originator: | kuehn.karl | ||
| Number: | rdar://32281471 | Date Originated: | 5/18/2017 |
| Status: | Open | Resolved: | |
| Product: | macOS + SDK | Product Version: | 10.12.4 |
| Classification: | Reproducible: | Always |
Area: Something not on this list Summary: Starting with 10.12.4 SIP in MacOS prevents unloading of any LaunchD item from `/System`. While this is generally a good idea, for testing systems there are a number of items there that either pop up unexpectedly (sometimes breaking GUI scripting) or cause jitters that mess with performance numbers. A couple of examples would be `com.apple.notificationcenterui` and `com.apple.apsd`. Additionally the `launchctl unload` command has been updated, and gives a descriptive error message, but the `launchctl disable` command does not seem to work for these and does not give any error message. Steps to Reproduce: `sudo launchctl unload -w /System/Library/LaunchAgents/com.apple.notificationcenterui.plist` or `sudo launchctl disable system/com.apple.notificationcenterui` Expected Results: That that process goes away, and does not come back on a reboot (the latter is not strictly required for my purposes). Observed Results: The first version has a descriptive error message, the latter does not. Neither shuts down the service. Version: Starting in 10.12.4. I have confirmed that 10.12.3 does not have this. Notes: I could switch off SIP, but that would make my testing less valid. Configuration: n/a
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!