How to delete a system file as an admin
I am an "admin" user on a Mac running Big Sur. I am trying to remove a symlink:
$ ls -al /usr/bin/python
lrwxr-xr-x 1 root wheel 75 Jan 1 2020 /usr/bin/python -> ../../System/Library/Frameworks/Python.framework/Versions/2.7/bin/python2.7
Now, I tried removing it with sudo
but I get permission denied:
$ sudo rm /usr/bin/python
rm: /usr/bin/python: Operation not permitted
How do I assume actual admin power on my mac? Do I need to be added to the "wheel" group?
Please note, I am well aware of workarounds with shell aliases as outlined here:
Unable to upgrade to python 3.6 from python 2.7
But that would only be a work around. I want to know what the root cause is, and what I can do about it.
Solution 1:
The root cause here is that the /usr/bin directory is protected by SIP (System Integrity Protection). Therefore noone, even admin users, can change the contents of the directory while SIP is active.
The system folders on Big Sur are actually contained on a separate, cryptographically signed file system (system volume) that is mounted read-only at boot. Its contents is mixed into your normal read-write mounted file system through the use of so called firmlinks. This means that it looks and feels like it used to do on older versions of macOS - everything is in the right place so to speak - but in actual fact the system files cannot be changed during normal system operation.
In theory, you could disable SIP, mount the system volume as writable, change the python link and re-sign the whole thing. However, I would strong discourage that as you would risk breaking Apple-supplied tools that depend on the specific python version - and you would probably have to fight a never-ending battle where the link is restored during macOS upgrades.
Instead I would advise you to either use a different name for the program (i.e. for example python3 instead of python) - or using an alias in your shell so that "python" really runs a differently named program.