When a third-party installer tries to install a kernel extension, you see the warningĪssuming that you open Security preferences, you will there click on the Allow button to permit the extension to be loaded. High Sierra has a new mechanism for handling third-party kernel extensions (User-Approved Kernel Extension Loading, or UAKL), which requires the user to authorise them. So here is what I have been able to discover. Perhaps not unsurprisingly, even Apple’s developer documentation doesn’t seem to answer any of those questions. So how did this third-party kernel extension end up in this mysterious folder, complete with SIP protection? Surely SIP is there to protect macOS, not third-party app components installed later by the user? Who or what enabled SIP on that extension, and how can it be removed? > ls -lO /Library/StagedExtensions/Applicationsĭrwxr-xr-x 3 root wheel restricted 96 2 Jan 13:03 BlueStacks.app A quick peek inside /Library/StagedExtensions/Applications/BlueStacks.app shows that it is a stub of an app, lacking any main code, but it does contain a kernel extension (KEXT) which is also protected by SIP, by virtue of being inside a SIP-protected folder. There are two relevant pieces of information revealed: the sign shows that directory has extended attributes (xattrs), and the word restricted that it is protected by System Integrity Protection (SIP). Try that in High Sierra, and you’ll 4 root wheel restricted 128 2 Jan 13:03 StagedExtensions
The clue comes from probing around in Terminal, specifically using a command like There’s nothing in Apple’s scant documentation to explain how this strange situation has arisen, and seemingly nothing more that the user can do to discover what is wrong, or to do anything about it. High Sierra leaves the user wondering what has happened. Sudo rm -rf /Library/StagedExtensions/Applications/BlueStacks.appĪlso fails, with the report Operation not permitted. Trying to remove it using a conventional Terminal command Tucked away in a mysterious folder, new to High Sierra, in /Library/StagedExtensions/Applications, its icon is defaced to indicate that the user can’t even run it. Sure enough, after trying that, the app still won’t go and the error message is unchanged.Īnother strange thing about this ‘app’ is that it’s not an app at all. It does, though, leave the slight puzzle as to why the Finder didn’t simply prompt for authentication instead of cussedly refusing. So the next step is to select the offending item in the Finder, press Command-I to bring up the Get Info dialog, and change the permissions. The moment that we see the word permission, all becomes clear: it’s a permissions problem. The Finder kindly informed him that “The operation can’t be completed because you don’t have the necessary permission.”
SECURE EMPTY TRASH MAC SIERRA ANDROID
But when a reader came to uninstall BlueStacks, an Android emulator, from his Mac running High Sierra 10.13.2, he found the way blocked.
Click either System Report or System Info.Click on the Apple logo in the menubar and select About this Mac.To check if your computer has a SSD or spinning hard drive (MacOS 10.11 or earlier): If you are using a Mac that is running macOS version 10.10 or earlier, and it has a spinning hard drive (typically all desktop Macs and most laptops that have a CD/DVD drive), you can either also use File Vault, or continue to follow the directions below to use Secure Delete when emptying the trash.
0 kommentar(er)
