On Nov 16, 2018, at 17:20, Dave Horsfall wrote:
> On Thu, 15 Nov 2018, Ryan Schmidt wrote:
>
>> That's called System Integrity Protection. It's a new macOS feature as of OS
>> X 10.11 El Capitan. You cannot modify files installed by Apple unless you
>> turn SIP off, but you should not do that. It is a protection against malware.
>
> So how do I turn it off? I've been using Unix for 40+ years, and I think I
> know what I'm doing: I want to see how "enscript" is calling "lpr" so that I
> can see what is broken ("lpr" works fine by itself). I suppose that I can
> always futz around with $PATH, but I won't be surprised if it doesn't work
> ("/usr/bin/lpr" could be hard-wired for all I know) and it'll have to wait
> until later.
>
> Let me guess: sign off (losing all my sessions) and sign on again as "root"
> (which I've had to do to restore files outside my home directory with Time
> Machine)? Install my shim, sign on again as myself, see what's wrong, sign
> on again as "root" to undo what I did to debug a problem, then sign on again,
> repeating as necessary? Why not just let me modify the root file system, and
> take the responsibility for it?
>
> Sometimes I think that Apple goes too far in protecting users from
> themselves...
You can of course turn System Integrity Protection off. You can find
instructions by searching online. If you turn it off to run your experiment, I
strongly recommend turning it on again afterward. SIP is intended to prevent
unauthorized modifications to your operating system. This is good protection to
have.
