SIP is only the beginning of your boot disk headaches.
Starting with Catalina, and continuing into Big Sur, Apple made it
increasingly difficult to make any modifications to anything in the system
volume. In Catalina, the root volume was split into two: the System volume
and Data volume, and the System volume is mounted read-only. Starting in
Big Sur, the System volume is not just read-only, but the entire volume is
now also cryptographically signed, and is referred to as a Signed System
Volume (SSV).
https://eclecticlight.co/2020/06/25/big-surs-signed-system-volume-added-security-protection/
I remember reading online somewhere that an SSV which has been unsealed can
never be fully re-sealed, even if you bless a new snapshot, but I can't
seem to find where it was that I saw that anymore.
See also:
https://apple.stackexchange.com/questions/395508/can-i-mount-the-root-system-filesystem-as-writable-in-big-sur
--
Jason Liu
On Tue, Feb 22, 2022 at 6:17 PM Gerben Wierda via macports-dev <
macports-dev@lists.macports.org> wrote:
> > For a test I was planning to adapt the migration approach. Save the
> ‘requested’ list. Uninstall all ports. Temporary mv /usr/bin/python out of
> the way. Build the requested list.
> >
> > I can do this on a secondary system.
> >
> > This would tell me at least that the ports I have installed all install
> without /usr/bin/python, which takes care of any build dependencies.
>
> I did try, but failed. I was able to turn off system integrity protection,
> but that still leaves me with a boot disk that is read-only, so temporarily
> moving /usr/bin/python out of the way did not work. I haven’t investigated
> going beyond simply disabling SIP.
>
> So far, then, no success at trying to emulate the 12.3 macOS situation
> regarding python on macOS 12.2.1.
>
> G
