Last Week on My Mac: Maintaining macOS has changed

One of the most common questions Mac users ask is how to maintain macOS. It might be how to fix a problem with the system, or how to reinstall it. Most of these users are experienced, with years of tackling problems behind them. These days, most end up in a long exchange of messages before they realise how this has changed over the last year or so.

Looking back twenty years, repairing the System was far simpler when you knew what you were doing. Mac OS 8 and 9 were straightforward to patch from the Mac OS Installer, as that consisted of a whole series of Tomes for each sub-system, which the free utility TomeViewer could install individually.


If it was OpenGL that was in trouble, you could just select and install the 4 MB containing the OpenGL components in Mac OS.


OS X wasn’t so easy, and some users took to reinstalling it completely, to which I responded that it isn’t Windows. But the arrival of Pacifist from CharlesSoft allowed you to install single applications and components. For apps like Mail with complex dependencies, this often didn’t work, and the trend towards reinstalling the whole of OS X gathered momentum.

Pacifist lets you browse the contents of Installer packages, extract and install portions of them, and more.

One advanced technique which became popular was to install the latest Combo updater, as that often contained sufficient for whatever trick was needed to fix most problems. By macOS 10.12, this had become a panacea for many system ills, and five years ago it was an excellent choice.

Reinstalling the system continued to grow ever more popular. In macOS 10.12.4, Apple made Recovery more complex, and depending on which combination of startup keys you used, you could end up installing a different version, as I explained here. This had also been made more complicated with the introduction of SIP in El Capitan, which came to envelop almost all the system including its bundled apps.

In theory, SIP should have seen an end to any need to keep reinstalling macOS, because of the way that it prevented protected files from being altered. Whatever the reason, it didn’t seem to help much when it came to fixing all those problems which seemed to be solved by reinstalling macOS. Pacifist had now been joined by Suspicious Package, but neither could really do much to help as the system had become so sprawling and interdependent.


Just over a year ago, with the release of Big Sur, this all changed. The entire contents of the System volume became frozen in a snapshot, whose integrity is verified by a tree of cryptographic hashes, signed and sealed so not a bit can be altered. At the same time, because Apple had changed the way that macOS is updated and installed, standalone updaters became a thing of the past. So installing a Combo update was no longer an option: from now on, you either leave your System volume well alone, or install the whole of macOS.

Signing and sealing of the System volume is now checked before your Mac will boot into macOS, at least on Macs with T2 and M1 chips. According to Apple’s Platform Security Guide:
“During macOS installation and update, the seal is recomputed from the file system on device and that measurement is verified against the measurement that Apple signed. On a Mac with Apple silicon, the bootloader verifies the seal before transferring control to the kernel. On an Intel-based Mac with an Apple T2 Security Chip, the bootloader forwards the measurement and signature to the kernel, which then verifies the seal directly before mounting the root file system. In either case, if the verification fails, the startup process halts and the user is prompted to reinstall macOS.
This procedure is repeated at every boot unless the user has elected to enter a lower security mode and has separately chosen to disable the signed system volume.”

Sadly, Apple doesn’t explain whether or how the signed system volume (SSV) is checked in Intel Macs without a T2 chip.

On an M1 or T2 Mac, to check the integrity of everything installed on its System volume, all you have to do is restart that Mac. So long as Secure Boot is enabled, the fact that it boots into macOS is confirmation that every last bit is intact.

This doesn’t, of course, cover the entirety of macOS. The most significant part which is installed on the Data volume, therefore falls outside the scope of the SSV, is Safari. So there is a cogent argument, if you suspect a problem lies in Safari, that reinstalling macOS could be a useful solution, and worth the time and effort. However, that means a 13 GB download and protracted installation for the sake of one app a thousandth of that size. Perhaps we should be asking Apple not for standalone updaters, but an installer which only refreshes parts of macOS which are now stored on the Data volume, and remain at risk of damage or corruption.

The SSV has transformed the maintenance of macOS. Instead of viewing the system as hundreds of thousands of files which are all susceptible to damage or corruption, it’s better to look at it as an extension of the firmware. Although there are rare circumstances in which you might wish you could reinstall your Mac’s firmware – something now supported for T2 and M1 Macs, using Configurator 2 – it’s hardly an everyday procedure for use whenever the system seems a bit wonky or burps a bit.

It has been a long journey from the days of patching the system using TomeViewer, but I think we’ve finally reached the point where we can concentrate our efforts on diagnosing problems rather than relying on the universal snake-oil of reinstalling macOS.