184

When I try to symlink a binary in my /usr/bin folder, I get an Operation not permitted error:

 sudo ln -s /usr/bin/python2.7 /usr/bin/python2
ln: /usr/bin/python2: Operation not permitted

Even as sudo, I get this error.

Braiam
  • 1
  • 11
  • 47
  • 78
egidra
  • 8,537
  • 19
  • 62
  • 89

5 Answers5

274

Why can't I symlink into /usr/bin?

El Capitan's new System Integrity Protection feature prevents changes to several core parts of OS X, including most of /usr/, even by root.

How can I still add executable files to my path?

Local customizations, such as what you're doing, belong in /usr/local instead. The path /usr/local/bin doesn't exist by default, but you can create it and put custom binaries (and symlinks) in it:

sudo mkdir -p /usr/local/bin
sudo ln -s /usr/bin/python2.7 /usr/local/bin/python2

Note that while /usr/local/bin doesn't exist by default, it is in the default PATH, so as soon as you create it, it'll be searched for commands.

Disabling SIP

It's also possible to disable System Integrity Protection, but it's generally best to leave it on and do customization in more appropriate locations. An Apple Stack Exchange question has more details on this: What is the Rootless Feature in El-Captain, really?.

dsapalo
  • 1,819
  • 2
  • 19
  • 37
Gordon Davisson
  • 118,432
  • 16
  • 123
  • 151
  • If I do this and run `python` it calls the file under `/usr/bin/python` instead of the file `/usr/local/bin/python`. – Daniel W. Oct 06 '20 at 12:51
  • 7
    @DanielW. What is your `PATH` set to? Normally, `/usr/local/bin` will be listed before `/usr/bin`, so it'll take precedence. – Gordon Davisson Oct 06 '20 at 17:20
  • I had to restart and mangle with `brew link` then it worked tbh but you are very right with the `PATH` setting. – Daniel W. Oct 07 '20 at 08:09
  • Strange. I have /usr/local/bin prior to /usr/bin in my PATH setting. /usr/bin/python points to v2.7 and /usr/local/bin/python points to v3.9. When I run the command "python --version" it returns "Version 2.7". Precedence... what precedence? – muz the axe Feb 14 '21 at 08:36
  • @muztheaxe Do you have a function or alias overriding `python`? If you're using bash, run `type python` (or `type -a python` for a full list of possible meanings); if you're using zsh, run `whence python` (or `whence -a python`). – Gordon Davisson Feb 14 '21 at 10:01
  • The path was originally set to this: export PATH=/usr/local/opt/php@7.3/bin:$PATH I removed this first directory and then it worked. Made me thing that perhaps something in "php@7.3" may have been a problem. I am lazy and didn't investigate any further. – muz the axe Feb 15 '21 at 17:28
  • +1 to not disabling System Integrity Protection, but symlinking it under /usr/local/bin no longer works, and instead prompts a re-download of xcode command line tools. – RCross Jan 06 '23 at 08:35
28

I created the symbolic link for Sublime Text 3 in Mac OS High Sierra as 

sudo ln -s /Applications/Sublime\ Text.app/Contents/SharedSupport/bin/subl /usr/local/bin/

I was also trying to create the symbolic link in "/usr/bin" and was getting Operation Not Permitted.

Then I created the symbolic link in "/usr/local/bin" and there was not error. The symbolic link works fine. Just ensure that "/usr/local/bin" is in the path.

So, it seems the access to "/usr/bin" is restricted.

Vineet Sharma
  • 444
  • 2
  • 6
  • 8
12

Restart the system -> long press cmd + R.  select a terminal from utilities menu type the following command csrutil disable close terminal and restart system.

kesavan
  • 335
  • 5
  • 12
  • 17
    This disables System Integrity Protection. Probably best to find another, more secure solution instead. – MattSidor Jan 31 '18 at 14:49
  • 17
    Personally, I think this is the right solution. I see no reason for the OS to block me from symlinking things in this directory or any directory as `sudo`. – rjhilgefort Oct 09 '18 at 03:40
  • 4
    Maybe the full solution is to disable it, place the symlink and re-enable csrutil? – Daniel W. Oct 06 '20 at 12:52
  • 2
    Macs with Apple Silicon need to shut down and be started with the power button held down until the boot options appear. – Luke Puplett Nov 16 '21 at 22:18
2
  1. Create a symbolic link to psql in usr/bin (for mac only)
         command: sudo ln -s /Applications/Postgres.app/Contents/Versions/latest/bin/psql /usr/bin/psql

if you are not able to create symnbolic link due to permission issue, it will be due to "csrutil".after disabling csrutil you can create symbollic link. Follow these steps to disable CSRUtill :

Restart your Mac. Before OS X starts up, hold down Command-R and keep it held down until you see an Apple icon and a progress bar. Release. This boots you into Recovery. From the Utilities(on the top bar)menu, select Terminal. At the prompt type exactly the following and then press Return: csrutil disable Terminal should display a message that SIP was disabled. From the  menu, select Restart.

Srima
  • 21
  • 1
-7

Try running sudo su first then running the command w/ root level.

dcampb
  • 329
  • 2
  • 11
  • 4
    This will not resolve the OPs issue. The problem has to do with the system integrity protection on modern MacOS systems. – cgseller Mar 27 '20 at 22:20