System Integrity Protection (SIP)
Apple has implemented a new security feature, System Integrity Protection (SIP), starting with OS X 10.11. SIP prevents anyone from altering the contents of files in key System folders and is designed to protect System files from malware and viruses. SIPP also affects third-party apps like Winclone that need to write to files now under protection of SIP.
Disabling SIP is a quick and easy process that can be easily re-enabled again after restoring the Winclone image.
Note: Saving/creating a Winclone image does not require disabling SIP.
How to Disable SIP
Disabling SIP requires booting into the recovery partition to run the Terminal command below.
To boot into the Recovery partition, hold Command-R while restarting the Mac.
From the Utilities Menu, select Terminal. On the Terminal command line, enter:
which will confirm the change with status message:
Successfully disabled System Integrity Protection. Please restart the machine for the changes to take effect.
Reboot back into the El Capitan system partition.
To re-enable SIP, boot back into the recovery partition, open Terminal from the Utilities menu and set state to enabled:
Note: As of MacOS Sierra 10.12.2, it is possible to re-enable SIP from the Mac system rather than reboot into the Recovery HD. To re-enable SIP, run this command as root in Terminal:
Entering your system password and hit enter and the output should be:
Successfully cleared System Integrity Protection. Please restart the machine for the changes to take effect.
What if the "csrutil" command is not found?
For additional help, please contact firstname.lastname@example.org.