In OS X El Capitan Apple has implemented ‘rootless’ security or System Integrity Protection (SIP) .
To simplify this as much as possible, basically Apple will restrict users from modifying the System folder, bin folder, usr folder, and sbin folder. Some of these folders are already hidden by default.
This locks down system folders and files against hacks and root attacks, thus keeping the system safer. As good as this is for security ,and so on isn’t bad at all. In fact, who doesn’t want to use a computer thats really secured?
There is a problem, and that problem is the Hackintosh. How does System Integrity Protection (SIP) affect the Hackintosh?
it has made things much harder for the hackintosh community, requiring workarounds for established methods of installation and maintenance for PCs , It has become necessary to make changes in SIP in order to use unsigned kexts and alter system kexts. These changes are implement with Clover EFI Bootloader and Enoch/Chameleon Legacy Bootloader.
Boot flag kext-dev-mode=1 is no longer required for OS X 10.11 El Capitan to load unsigned kexts.
SIP must be disabled ,when rebuilding kernel cache on a hackintosh, . SIP must be disabled in order to install anything to protected system folders. SIP can also be disabled partially, to allow unsigned kexts in cache and install to protected folders.
We will likely recommend that SIP be disabled from the beginning of the installation through post-installation process. After everything is set, and the user is successfully booting, SIP can be re-enabled.
Today, the only bootloader that will inject kexts into protected cache and adjust SIP settings on is Clover and Enoch , you have to adjust csr-active-config in Config.plist and Org.chameleon.plist .
Available options for SIP are as follows:
CsrConfig (0x67) :
Special to : Piker Alpha and BlackOSX .