New with 10.12.4, Apple has decided to protect the locationd LaunchDaemon with System Integrity Protection (SIP).
If you are not aware the locationd daemon is used for Location Services. This is the process that drives: FindMyMac, “Set time zone automatically using current location”, it allows applications to locate your computer, and more.
Some points to take away from this change:
- this modification happened during a point release
- this restricts the ability to load and unload the daemon in any automated fashion
- this breaks many of the bash scripts floating around that are used to enable the auto time zone feature
With 10.12.4 Apple has removed the locationd service from the
RemovableServices dictionary in
/System/Library/Sandbox/com.apple.xpc.launchd.rootless.plist. You can see the full diff here. Over 400 other services have also been removed from this list. However, a handful of services have been added to this list.
This means you are no longer able to unload the daemon with:
sudo launchctl unload /System/Library/LaunchDaemons/com.apple.locationd.plist
If you try you will receive the following error:
/System/Library/LaunchDaemons/com.apple.locationd.plist: Operation not permitted while System Integrity Protection is engaged
As a bonus the above unload will result in an exit 0 if you check via:
You can also verify that the service is indeed running with:
sudo launchctl list | grep locationd
Seeing as how you might want to make changes to location services you work around this restriction with a
killall -9 locationd. At least for now…
Hat tap to Michael Pinto (@pintom) and Balmes Pavlov (@bp) for the ping that lead to this discovery in the MacAdmins Slack.