Disabling System Integrity Protection from guest El Capitan under VirtualBox 5
written on Thu 22 October 2015
One well known issue of running a guest MacOS X under VirtualBox is that it's
not possible to enter Recovery OS by pressing the
Command+R key combination on
VM startup. In fact after reading some bug reports on VirtualBox bugtracker it
seems that it's not possible to enter Recovery OS at all.
Fortunately, we don't even need Recovery OS to disable System Integrity
Protection. We can use the Installer environment to run
csrutil tool. SIP's
configuration is stored inside NVRAM, so it actually doesn't matter what
approach we will take, as long as we will put some magic values into magic
variables inside NVRAM. Please be advised that while this method works, it will
work until the shutdown of your VM. You can do soft restarts, but if you'll shut
down the VM and boot it up again, you will need to disable SIP again.
In order to access Installation environment under VirtualBox, you will need to enter the VirtualBox EFI BIOS by pressing F12 few times, at very early stage of guest VM boot up.
You will be greeted with an old school text mode BIOS interface, in which you
should choose the
Boot Manager option.
EFI Internal Shell to enter EFI commandline mode.
After getting the command prompt, switch to the
2.0 Shell> FS2: 2.0 FS2:>
Of course, your drive number can be different, depending on the partition table structure you've chosen to have.
FS2: drive, in
com.apple.recovery.boot directory, there is a EFI
program inside the
boot.efi file. We need to launch it.
2.0 FS2:\> cd com.apple.recovery.boot 2.0 FS2:\com.apple.recovery.boot\> boot.efi
Any errors that start with
ERROR!!! can be safely ignored! :)
The Installation Environment should now start booting up, this can take several minutes to complete.
When it will load, you need to launch the terminal, from which you will be able
to use the
$ csrutil disable
I've uploaded a video that walks through these steps, so if you'll have any problems in understanding anything, you can watch it, maybe it'll help.