Google Chrome Keystone is Removing /var symlink on non SIP Macs Causing Boot Issues

MrMacintosh.com - Google Chrome Keystone Updater is removing the /var symlink causing account and boot issues.
Google Chrome Keystone Updater is removing the /var symlink causing account and boot issues.

UPDATE: 10/03/19

Google has posted an update that they found the issue in the Keystone Update and fixed it. They are are pushing the updated version now. The push started last night and the new version should be 1.2.13.79 or 1.2.13.80.

Google has been able to reproduce the bug. Chromium bug – bugs.chromium.org/p/chromium/issues/detail?id=1007358

Google now is recommending that you reinstall macOS to fix the issue. support.google.com/chrome/thread/15235262

Statement From AVID 9/25- avid.com/92419issue

See Index #7 for the Updated Fix from Google Support

#Varsectomy FAQ- Index

  • 1. What is going on here? – #Varsectomy
  • 2. Which macOS Versions are affected ?
  • 3. Specific Mac Hardware ?
  • 4. SIP – System Integrity Protection
  • 5. AVID or Google Chrome Keystone Update causing this issue ?
  • 6. How can I check my /var symlink?
  • 7. How can I fix the issue = 2 ways to fix.
  • 8. What about Hackintosh users? A fix for you!
  • 9. Should I disable Chrome Auto Updates
  • 10. Jamf Pro Extension Atribute
  • 11. Links
  • 12. Credit – Investigation by #MacAdmins & Apple

1. What is going on here ? – #Varsectomy

The purpose of this article is to gather all known information and data around the current issues some AVID and NON SIP protected Macs are experiencing. The issue first started on Monday 9/23/19.

Late Yesterday some #MacAdmins started to report that a few of their systems would not boot properly. They would have the following issues.

  • 1. After rebooting the affected system it would Kernel Panic. The system will reboot only to KP again
  • 2. User Logs out and the system shows the Setup Assistant.
  • 3. The System Kernel Panics into a boot Loop.

AVID users were some of the first to report the issue. AVID.com says

Avid empowers media creators with innovative technology and collaborative tools to entertain, inform, educate and enlighten the world.

Sometimes AVID Media Creators use 3rd Party Graphics cards connected to their Mac Pro. When the issue hit yesterday, it was thought that AVID was the main cause of the problems since all the users experiencing the issue had AVID software.

Only later after a MacAdmins deep dive investigation was it found that AVID was NOT the cause of the problem. It was Google Chrome Keystone Updater!

Join the #Varsectomy channel in MacAdmins Chat for the latest info!

2. Which macOS Versions are affected ?

MacOS 10.9 – 10.14 Mojave

NOTE: macOS 10.9 & 10.10 so not have SIP. System Integrity Protection was introduced in macOS 10.11 El Capitan.

3. Specific Mac Hardware ?

At first it was first reported that the 2013 Mac Pro was affected, this is not true.

Now it seems the issue affects all Macs that have SIP (System Integrity Protection) Disabled or turned OFF

Check if SIP is enabled by running csrutil status

  • System Integrity Protection status: enabled.
  • System Integrity Protection status: disabled

4. SIP – System Integrity Protection

All Reports so far look to be from Macs that have SIP Disabled!

Please do not disable SIP, it was created to protect macOS from this very issue.

5. AVID or Google Chrome Keystone Update causing this issue ?

At first the issue seemed to be caused by Avid Media Composer. After further investigation it was found that AVID was not the problem! Some AVID users may need to DISABLE SIP for 3rd party Video Card support.

After investigation from some of the top minds in the MacAmins Slack Chat #varsectomy channel it was found that the Google Keystone Updater was at the heart of the issue.

The Google Chrome Keystone updater lives here (if set to only update for the user who installed Chrome) – ~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/

If set to install for ALL users. (This also prompts for admin access for install) Thanks Jeff Johnson /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/

You can run the Google Chrome Keystone Updater Manually to kick off an update check. (NOTE: Google has disabled the updater for now!) see bugs.chromium.org/p/chromium/issues/detail?id=1007358

~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent -runmode oneshot

Thank you eholtam for the VM investigation and Screenshots!

Google Chrome Keystone Update Policy Running.

After kicking off the update you can see the problem below.

“Found and deleted symlink at path /var”

Found and deleted symlink at path /var

6. How do I check my /var symlink?

Check to see if your /var symlink was modified by running the following command.

ls -ldO /var

You should get one of the following outputs. The first one below means that your /var volder is SIP protected (notice the restricted flag) and the proper sym link /var -> private/var

lrwxr-xr-x@ 1 root wheel restricted,hidden 11 Apr 1 2018 /var -> private/var

The next one means that your symlink is broken and the folder is NOT SIP Protected.

drwxr-xr-x 5 503 wheel - 170 Sep 24 14:37 /var

If you find /var in this condition you are affected! If you LOGOUT, SHUTDOWN OR RESTART your Mac will NOT Boot! You will need to boot into recovery, repair the /var symlink and reset the restricted flags. Fix below.

7. How can I fix the issue? 2 ways to fix.

UPDATE: 9/25 – Rich Trouton posted a great article showing you step by step how to fix both 10.9-10.10 & 10.11-10.14 systems – derflounder.wordpress.com/2019/09/25/google-keystone-update-breaks-macs-ability-to-boot-if-system-integrity-protection-is-disabled/

1st Fix from MacAdmins User Juest 

First you have to fix the /var symlink so it shows /var -> private/var

Then you can remove the affected LaunchAgents

Boot to macOS Recovery by holding down Command R

Steps for 10.11 -10.14 SIP Supported Systems

1. Boot into Recovery
2. Launch Terminal
(only if you're on 10.11+ with SIP)
# chroot /Volumes/[affected install]
# mv var vv
# ln -s private/var var
# chflags -h restricted /var
# chflags -h hidden /var
# xattr -sw com.apple.rootless "" /var

Steps for 10.9-10.10 NON SIP Systems

10.10 or older:
only do symblink and the hidden chflag and
remove launch agents from
/Users/[affected user]/Library/LaunchAgents/
OR
/Library/LaunchAgents/
- com.google.keystone.agent.plist
- com.google.keystone.xpcservice.plist
# exit
(recommended) # csrutil enable (10.11+)
8. Reboot

UPDATE: 9/282nd Fix is from Google Support

Google is now recommending that you reinstall macOS if you had this issue.
https://support.google.com/chrome/thread/15235262

NOTE: The information below is from Google. Link Below.

chroot /Volumes/Macintosh\ HD          #(Macintosh HD is the default)
rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
  mv var var_back               #(Var may not exist, but this is fine)      
  ln -sh private/var /var
  chflags -h restricted /var
  chflags -h hidden /var
  xattr -sw com.apple.rootless "" /var

NOTE: Commenter stockmind has noted that the GoogleSoftwareUpdate.Bundle could reside in the USERS folder. In that case you need to run this string instead. Change USERNAME to your Username. Thanks for the tip!

rm -rf /Users/USERNAME/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle

Official Fix from Google support.google.com/chrome/thread/15235262

news.ycombinator.com/item?id=21066472 & 9to5google.com/2019/09/24/avid-mac-crashing-google/

8. What about Hackintosh users? A fix for you!

I had a few Hackintosh users reach out for a fix. Good News! u/Fargo_Newb on Reddit has a fix for you. – reddit.com/r/hackintosh/comments/d8tm8z/psa_google_chrome_updaterkeystone_rendering/

9. Should I disable Chrome Auto Updates ?

You shouldn’t need to disable Chrome Auto updates at this time. From the Chromium bug report – bugs.chromium.org/p/chromium/issues/detail?id=1007358 Google has disabled Keystone updates for now until the issue is found and resolved.

If you would like to disable Google Chrome Keystone automatic updates, the article below will show you. applehelpwriter.com/2014/07/13/how-to-remove-googles-secret-update-software-from-your-mac/

10. Jamf Pro Extension Attribute

This will help you find machines that are in a state where the /var sys link is broken. Thanks @neilmartin83 & @rmanly

#!/bin/bash

if [[ -h /var ]]; then
    echo "<result>symlink</result>"
elif [[ -d /var ]]; then
    echo "<result>directory</result>"
fi

exit 0
symlink = System OK!

11. Links

Below are a few of of the reports. It first started out as “AVID Hollywood Mac Pro boot problem“.

Jeff Rosica AVID CEO statement early on 9/24.

Chromium Bug Report 9/25 – https://bugs.chromium.org/p/chromium/issues/detail?id=1007358

Google Official Response 9/25 & 9/27 – support.google.com/chrome/thread/15235262

Official AVID Statement 9/25 – avid.com/92419issue

Rich Trouton step by step fix guide 9/25 –derflounder.wordpress.com/2019/09/25/google-keystone-update-breaks-macs-ability-to-boot-if-system-integrity-protection-is-disabled/

Scott Simmons 9/24 – provideocoalition.com/avid-editors-editors-in-general-be-on-alert-about-this-potential-rebooting-issue/

SlashDot Report 9/26 – https://it.slashdot.org/story/19/09/25/2152236/mysterious-mac-pro-shutdowns-likely-caused-by-chrome-update

Ars Technica Report 9/26 – arstechnica.com/information-technology/2019/09/no-it-wasnt-a-virus-it-was-chrome-that-stopped-macs-from-booting/

Daring FireBall by John Gruber 9/26 – daringfireball.net/linked/2019/09/25/mr-macintosh-chrome-updater

Forbes Report 9/26 – forbes.com/sites/kateoflahertyuk/2019/09/26/google-confirms-buggy-chrome-update-is-breaking-apple-macs/#5aad7747391c

Hacker News Discussion Thread 9/25- news.ycombinator.com/item?id=21064663

Gizmodo.com Report 9/25 – gizmodo.com/whoops-google-says-mysterious-wave-of-unbootable-macs-1838430057

Hackintosh Fix 9/25 – reddit.com/r/hackintosh/comments/d8tm8z/psa_google_chrome_updaterkeystone_rendering/

Updated Report from 9to5google.com 9/25 – 9to5google.com/2019/09/24/avid-mac-crashing-google/

Variety Updated Report 9/25 – variety.com/2019/digital/news/mac-pro-avid-shutdowns-chrome-update-keystone-1203348549/

Variety Report 9/24- variety.com/2019/digital/news/avid-mac-pro-corrupted-hollywood-1203347033/

MacRumors Report 9/24 – macrumors.com/2019/09/24/hollywood-mac-pros-hit-by-avid-issue/

Bleeping Computer Report 9/24 –bleepingcomputer.com/news/software/avid-users-are-suddenly-finding-that-their-macs-won-t-boot/

Some of the first reports on the AVID FaceBook Group 9/24 – https://www.facebook.com/photo.php?fbid=10156759822188022&set=p.10156759822188022&type=3&theater

Disable Google Chrome Keystone Automatic Updates – applehelpwriter.com/2014/07/13/how-to-remove-googles-secret-update-software-from-your-mac/

12. Credit! – Further investigation by #MacAdmins & Apple

It needs to be stated that many MacAdmins and Apple Engineers worked together and after investigating with users who had the issue. Great work guys!!!

  • @rtrouton for the cool /var Logo!
  • @bradtchapman for #Varsectomy
  • @eholtam for investigation and screen shots.
  • @Juest for investigation and fix commands
  • All active users in MacAdmins Chat #varsectomy
xosotin chelseathông tin chuyển nhượngcâu lạc bộ bóng đá arsenalbóng đá atalantabundesligacầu thủ haalandUEFAevertonxosokeonhacaiketquabongdalichthidau7m.newskqbdtysokeobongdabongdalufutebol ao vivofutemaxmulticanaisonbethttps://bsport.fithttps://onbet88.ooohttps://i9bet.bizhttps://hi88.ooohttps://okvip.athttps://f8bet.athttps://fb88.cashhttps://vn88.cashhttps://shbet.atbóng đá world cupbóng đá inter milantin juventusbenzemala ligaclb leicester cityMUman citymessi lionelsalahnapolineymarpsgronaldoserie atottenhamvalenciaAS ROMALeverkusenac milanmbappenapolinewcastleaston villaliverpoolfa cupreal madridpremier leagueAjaxbao bong da247EPLbarcelonabournemouthaff cupasean footballbên lề sân cỏbáo bóng đá mớibóng đá cúp thế giớitin bóng đá ViệtUEFAbáo bóng đá việt namHuyền thoại bóng đágiải ngoại hạng anhSeagametap chi bong da the gioitin bong da lutrận đấu hôm nayviệt nam bóng đátin nong bong daBóng đá nữthể thao 7m24h bóng đábóng đá hôm naythe thao ngoai hang anhtin nhanh bóng đáphòng thay đồ bóng đábóng đá phủikèo nhà cái onbetbóng đá lu 2thông tin phòng thay đồthe thao vuaapp đánh lô đềdudoanxosoxổ số giải đặc biệthôm nay xổ sốkèo đẹp hôm nayketquaxosokq xskqxsmnsoi cầu ba miềnsoi cau thong kesxkt hôm naythế giới xổ sốxổ số 24hxo.soxoso3mienxo so ba mienxoso dac bietxosodientoanxổ số dự đoánvé số chiều xổxoso ket quaxosokienthietxoso kq hôm nayxoso ktxổ số megaxổ số mới nhất hôm nayxoso truc tiepxoso ViệtSX3MIENxs dự đoánxs mien bac hom nayxs miên namxsmientrungxsmn thu 7con số may mắn hôm nayKQXS 3 miền Bắc Trung Nam Nhanhdự đoán xổ số 3 miềndò vé sốdu doan xo so hom nayket qua xo xoket qua xo so.vntrúng thưởng xo sokq xoso trực tiếpket qua xskqxs 247số miền nams0x0 mienbacxosobamien hôm naysố đẹp hôm naysố đẹp trực tuyếnnuôi số đẹpxo so hom quaxoso ketquaxstruc tiep hom nayxổ số kiến thiết trực tiếpxổ số kq hôm nayso xo kq trực tuyenkết quả xổ số miền bắc trực tiếpxo so miền namxổ số miền nam trực tiếptrực tiếp xổ số hôm nayket wa xsKQ XOSOxoso onlinexo so truc tiep hom nayxsttso mien bac trong ngàyKQXS3Msố so mien bacdu doan xo so onlinedu doan cau loxổ số kenokqxs vnKQXOSOKQXS hôm naytrực tiếp kết quả xổ số ba miềncap lo dep nhat hom naysoi cầu chuẩn hôm nayso ket qua xo soXem kết quả xổ số nhanh nhấtSX3MIENXSMB chủ nhậtKQXSMNkết quả mở giải trực tuyếnGiờ vàng chốt số OnlineĐánh Đề Con Gìdò số miền namdò vé số hôm nayso mo so debach thủ lô đẹp nhất hôm naycầu đề hôm naykết quả xổ số kiến thiết toàn quốccau dep 88xsmb rong bach kimket qua xs 2023dự đoán xổ số hàng ngàyBạch thủ đề miền BắcSoi Cầu MB thần tàisoi cau vip 247soi cầu tốtsoi cầu miễn phísoi cau mb vipxsmb hom nayxs vietlottxsmn hôm naycầu lô đẹpthống kê lô kép xổ số miền Bắcquay thử xsmnxổ số thần tàiQuay thử XSMTxổ số chiều nayxo so mien nam hom nayweb đánh lô đề trực tuyến uy tínKQXS hôm nayxsmb ngày hôm nayXSMT chủ nhậtxổ số Power 6/55KQXS A trúng roycao thủ chốt sốbảng xổ số đặc biệtsoi cầu 247 vipsoi cầu wap 666Soi cầu miễn phí 888 VIPSoi Cau Chuan MBđộc thủ desố miền bắcthần tài cho sốKết quả xổ số thần tàiXem trực tiếp xổ sốXIN SỐ THẦN TÀI THỔ ĐỊACầu lô số đẹplô đẹp vip 24hsoi cầu miễn phí 888xổ số kiến thiết chiều nayXSMN thứ 7 hàng tuầnKết quả Xổ số Hồ Chí Minhnhà cái xổ số Việt NamXổ Số Đại PhátXổ số mới nhất Hôm Nayso xo mb hom nayxxmb88quay thu mbXo so Minh ChinhXS Minh Ngọc trực tiếp hôm nayXSMN 88XSTDxs than taixổ số UY TIN NHẤTxs vietlott 88SOI CẦU SIÊU CHUẨNSoiCauVietlô đẹp hôm nay vipket qua so xo hom naykqxsmb 30 ngàydự đoán xổ số 3 miềnSoi cầu 3 càng chuẩn xácbạch thủ lônuoi lo chuanbắt lô chuẩn theo ngàykq xo-solô 3 càngnuôi lô đề siêu vipcầu Lô Xiên XSMBđề về bao nhiêuSoi cầu x3xổ số kiến thiết ngày hôm nayquay thử xsmttruc tiep kết quả sxmntrực tiếp miền bắckết quả xổ số chấm vnbảng xs đặc biệt năm 2023soi cau xsmbxổ số hà nội hôm naysxmtxsmt hôm nayxs truc tiep mbketqua xo so onlinekqxs onlinexo số hôm nayXS3MTin xs hôm nayxsmn thu2XSMN hom nayxổ số miền bắc trực tiếp hôm naySO XOxsmbsxmn hôm nay188betlink188 xo sosoi cầu vip 88lô tô việtsoi lô việtXS247xs ba miềnchốt lô đẹp nhất hôm naychốt số xsmbCHƠI LÔ TÔsoi cau mn hom naychốt lô chuẩndu doan sxmtdự đoán xổ số onlinerồng bạch kim chốt 3 càng miễn phí hôm naythống kê lô gan miền bắcdàn đề lôCầu Kèo Đặc Biệtchốt cầu may mắnkết quả xổ số miền bắc hômSoi cầu vàng 777thẻ bài onlinedu doan mn 888soi cầu miền nam vipsoi cầu mt vipdàn de hôm nay7 cao thủ chốt sốsoi cau mien phi 7777 cao thủ chốt số nức tiếng3 càng miền bắcrồng bạch kim 777dàn de bất bạion newsddxsmn188betw88w88789bettf88sin88suvipsunwintf88five8812betsv88vn88Top 10 nhà cái uy tínsky88iwinlucky88nhacaisin88oxbetm88vn88w88789betiwinf8betrio66rio66lucky88oxbetvn88188bet789betMay-88five88one88sin88bk88xbetoxbetMU88188BETSV88RIO66ONBET88188betM88M88SV88Jun-68Jun-88one88iwinv9betw388OXBETw388w388onbetonbetonbetonbet88onbet88onbet88onbet88onbetonbetonbetonbetqh88mu88Nhà cái uy tínpog79vp777vp777vipbetvipbetuk88uk88typhu88typhu88tk88tk88sm66sm66me88me888live8live8livesm66me88win798livesm66me88win79pog79pog79vp777vp777uk88uk88tk88tk88luck8luck8kingbet86kingbet86k188k188hr99hr99123b8xbetvnvipbetsv66zbettaisunwin-vntyphu88vn138vwinvwinvi68ee881xbetrio66zbetvn138i9betvipfi88clubcf68onbet88ee88typhu88onbetonbetkhuyenmai12bet-moblie12betmoblietaimienphi247vi68clupcf68clupvipbeti9betqh88onb123onbefsoi cầunổ hũbắn cáđá gàđá gàgame bàicasinosoi cầuxóc đĩagame bàigiải mã giấc mơbầu cuaslot gamecasinonổ hủdàn đềBắn cácasinodàn đềnổ hũtài xỉuslot gamecasinobắn cáđá gàgame bàithể thaogame bàisoi cầukqsssoi cầucờ tướngbắn cágame bàixóc đĩa开云体育开云体育开云体育乐鱼体育乐鱼体育乐鱼体育亚新体育亚新体育亚新体育爱游戏爱游戏爱游戏华体会华体会华体会IM体育IM体育沙巴体育沙巴体育PM体育PM体育AG尊龙AG尊龙AG尊龙AG百家乐AG百家乐AG百家乐AG真人AG真人<AG真人<皇冠体育皇冠体育PG电子PG电子万博体育万博体育KOK体育KOK体育欧宝体育江南体育江南体育江南体育半岛体育半岛体育半岛体育凯发娱乐凯发娱乐杏彩体育杏彩体育杏彩体育FB体育PM真人PM真人<米乐娱乐米乐娱乐天博体育天博体育开元棋牌开元棋牌j9九游会j9九游会开云体育AG百家乐AG百家乐AG真人AG真人爱游戏华体会华体会im体育kok体育开云体育开云体育开云体育乐鱼体育乐鱼体育欧宝体育ob体育亚博体育亚博体育亚博体育亚博体育亚博体育亚博体育开云体育开云体育棋牌棋牌沙巴体育买球平台新葡京娱乐开云体育mu88qh88
xosotin chelseathông tin chuyển nhượngcâu lạc bộ bóng đá arsenalbóng đá atalantabundesligacầu thủ haalandUEFAevertonxosokeonhacaiketquabongdalichthidau7m.newskqbdtysokeobongdabongdalufutebol ao vivofutemaxmulticanaisonbethttps://bsport.fithttps://onbet88.ooohttps://i9bet.bizhttps://hi88.ooohttps://okvip.athttps://f8bet.athttps://fb88.cashhttps://vn88.cashhttps://shbet.atbóng đá world cupbóng đá inter milantin juventusbenzemala ligaclb leicester cityMUman citymessi lionelsalahnapolineymarpsgronaldoserie atottenhamvalenciaAS ROMALeverkusenac milanmbappenapolinewcastleaston villaliverpoolfa cupreal madridpremier leagueAjaxbao bong da247EPLbarcelonabournemouthaff cupasean footballbên lề sân cỏbáo bóng đá mớibóng đá cúp thế giớitin bóng đá ViệtUEFAbáo bóng đá việt namHuyền thoại bóng đágiải ngoại hạng anhSeagametap chi bong da the gioitin bong da lutrận đấu hôm nayviệt nam bóng đátin nong bong daBóng đá nữthể thao 7m24h bóng đábóng đá hôm naythe thao ngoai hang anhtin nhanh bóng đáphòng thay đồ bóng đábóng đá phủikèo nhà cái onbetbóng đá lu 2thông tin phòng thay đồthe thao vuaapp đánh lô đềdudoanxosoxổ số giải đặc biệthôm nay xổ sốkèo đẹp hôm nayketquaxosokq xskqxsmnsoi cầu ba miềnsoi cau thong kesxkt hôm naythế giới xổ sốxổ số 24hxo.soxoso3mienxo so ba mienxoso dac bietxosodientoanxổ số dự đoánvé số chiều xổxoso ket quaxosokienthietxoso kq hôm nayxoso ktxổ số megaxổ số mới nhất hôm nayxoso truc tiepxoso ViệtSX3MIENxs dự đoánxs mien bac hom nayxs miên namxsmientrungxsmn thu 7con số may mắn hôm nayKQXS 3 miền Bắc Trung Nam Nhanhdự đoán xổ số 3 miềndò vé sốdu doan xo so hom nayket qua xo xoket qua xo so.vntrúng thưởng xo sokq xoso trực tiếpket qua xskqxs 247số miền nams0x0 mienbacxosobamien hôm naysố đẹp hôm naysố đẹp trực tuyếnnuôi số đẹpxo so hom quaxoso ketquaxstruc tiep hom nayxổ số kiến thiết trực tiếpxổ số kq hôm nayso xo kq trực tuyenkết quả xổ số miền bắc trực tiếpxo so miền namxổ số miền nam trực tiếptrực tiếp xổ số hôm nayket wa xsKQ XOSOxoso onlinexo so truc tiep hom nayxsttso mien bac trong ngàyKQXS3Msố so mien bacdu doan xo so onlinedu doan cau loxổ số kenokqxs vnKQXOSOKQXS hôm naytrực tiếp kết quả xổ số ba miềncap lo dep nhat hom naysoi cầu chuẩn hôm nayso ket qua xo soXem kết quả xổ số nhanh nhấtSX3MIENXSMB chủ nhậtKQXSMNkết quả mở giải trực tuyếnGiờ vàng chốt số OnlineĐánh Đề Con Gìdò số miền namdò vé số hôm nayso mo so debach thủ lô đẹp nhất hôm naycầu đề hôm naykết quả xổ số kiến thiết toàn quốccau dep 88xsmb rong bach kimket qua xs 2023dự đoán xổ số hàng ngàyBạch thủ đề miền BắcSoi Cầu MB thần tàisoi cau vip 247soi cầu tốtsoi cầu miễn phísoi cau mb vipxsmb hom nayxs vietlottxsmn hôm naycầu lô đẹpthống kê lô kép xổ số miền Bắcquay thử xsmnxổ số thần tàiQuay thử XSMTxổ số chiều nayxo so mien nam hom nayweb đánh lô đề trực tuyến uy tínKQXS hôm nayxsmb ngày hôm nayXSMT chủ nhậtxổ số Power 6/55KQXS A trúng roycao thủ chốt sốbảng xổ số đặc biệtsoi cầu 247 vipsoi cầu wap 666Soi cầu miễn phí 888 VIPSoi Cau Chuan MBđộc thủ desố miền bắcthần tài cho sốKết quả xổ số thần tàiXem trực tiếp xổ sốXIN SỐ THẦN TÀI THỔ ĐỊACầu lô số đẹplô đẹp vip 24hsoi cầu miễn phí 888xổ số kiến thiết chiều nayXSMN thứ 7 hàng tuầnKết quả Xổ số Hồ Chí Minhnhà cái xổ số Việt NamXổ Số Đại PhátXổ số mới nhất Hôm Nayso xo mb hom nayxxmb88quay thu mbXo so Minh ChinhXS Minh Ngọc trực tiếp hôm nayXSMN 88XSTDxs than taixổ số UY TIN NHẤTxs vietlott 88SOI CẦU SIÊU CHUẨNSoiCauVietlô đẹp hôm nay vipket qua so xo hom naykqxsmb 30 ngàydự đoán xổ số 3 miềnSoi cầu 3 càng chuẩn xácbạch thủ lônuoi lo chuanbắt lô chuẩn theo ngàykq xo-solô 3 càngnuôi lô đề siêu vipcầu Lô Xiên XSMBđề về bao nhiêuSoi cầu x3xổ số kiến thiết ngày hôm nayquay thử xsmttruc tiep kết quả sxmntrực tiếp miền bắckết quả xổ số chấm vnbảng xs đặc biệt năm 2023soi cau xsmbxổ số hà nội hôm naysxmtxsmt hôm nayxs truc tiep mbketqua xo so onlinekqxs onlinexo số hôm nayXS3MTin xs hôm nayxsmn thu2XSMN hom nayxổ số miền bắc trực tiếp hôm naySO XOxsmbsxmn hôm nay188betlink188 xo sosoi cầu vip 88lô tô việtsoi lô việtXS247xs ba miềnchốt lô đẹp nhất hôm naychốt số xsmbCHƠI LÔ TÔsoi cau mn hom naychốt lô chuẩndu doan sxmtdự đoán xổ số onlinerồng bạch kim chốt 3 càng miễn phí hôm naythống kê lô gan miền bắcdàn đề lôCầu Kèo Đặc Biệtchốt cầu may mắnkết quả xổ số miền bắc hômSoi cầu vàng 777thẻ bài onlinedu doan mn 888soi cầu miền nam vipsoi cầu mt vipdàn de hôm nay7 cao thủ chốt sốsoi cau mien phi 7777 cao thủ chốt số nức tiếng3 càng miền bắcrồng bạch kim 777dàn de bất bạion newsddxsmn188betw88w88789bettf88sin88suvipsunwintf88five8812betsv88vn88Top 10 nhà cái uy tínsky88iwinlucky88nhacaisin88oxbetm88vn88w88789betiwinf8betrio66rio66lucky88oxbetvn88188bet789betMay-88five88one88sin88bk88xbetoxbetMU88188BETSV88RIO66ONBET88188betM88M88SV88Jun-68Jun-88one88iwinv9betw388OXBETw388w388onbetonbetonbetonbet88onbet88onbet88onbet88onbetonbetonbetonbetqh88mu88Nhà cái uy tínpog79vp777vp777vipbetvipbetuk88uk88typhu88typhu88tk88tk88sm66sm66me88me888live8live8livesm66me88win798livesm66me88win79pog79pog79vp777vp777uk88uk88tk88tk88luck8luck8kingbet86kingbet86k188k188hr99hr99123b8xbetvnvipbetsv66zbettaisunwin-vntyphu88vn138vwinvwinvi68ee881xbetrio66zbetvn138i9betvipfi88clubcf68onbet88ee88typhu88onbetonbetkhuyenmai12bet-moblie12betmoblietaimienphi247vi68clupcf68clupvipbeti9betqh88onb123onbefsoi cầunổ hũbắn cáđá gàđá gàgame bàicasinosoi cầuxóc đĩagame bàigiải mã giấc mơbầu cuaslot gamecasinonổ hủdàn đềBắn cácasinodàn đềnổ hũtài xỉuslot gamecasinobắn cáđá gàgame bàithể thaogame bàisoi cầukqsssoi cầucờ tướngbắn cágame bàixóc đĩa开云体育开云体育开云体育乐鱼体育乐鱼体育乐鱼体育亚新体育亚新体育亚新体育爱游戏爱游戏爱游戏华体会华体会华体会IM体育IM体育沙巴体育沙巴体育PM体育PM体育AG尊龙AG尊龙AG尊龙AG百家乐AG百家乐AG百家乐AG真人AG真人<AG真人<皇冠体育皇冠体育PG电子PG电子万博体育万博体育KOK体育KOK体育欧宝体育江南体育江南体育江南体育半岛体育半岛体育半岛体育凯发娱乐凯发娱乐杏彩体育杏彩体育杏彩体育FB体育PM真人PM真人<米乐娱乐米乐娱乐天博体育天博体育开元棋牌开元棋牌j9九游会j9九游会开云体育AG百家乐AG百家乐AG真人AG真人爱游戏华体会华体会im体育kok体育开云体育开云体育开云体育乐鱼体育乐鱼体育欧宝体育ob体育亚博体育亚博体育亚博体育亚博体育亚博体育亚博体育开云体育开云体育棋牌棋牌沙巴体育买球平台新葡京娱乐开云体育mu88qh88
Liked it? Take a second to support admin on Patreon!
Become a patron at Patreon!

72 thoughts on “Google Chrome Keystone is Removing /var symlink on non SIP Macs Causing Boot Issues”

  1. Just an update, I really didn’t have too much to sweat as I did have a very recent bootable backup, so I just restored that without having to reinstall. Another reminder that we should all religiously maintain bootable backups of our internal drive with life-saving utilities such as CarbonCopyCloner.

    I can’t even imagine how long it would have taken me to get two machines back by reinstalling the OS.

  2. Hi guys,

    I have a MacBook 12″ that died during my vacation …it gave me a Google Chrome crash after Chrome update this Tuesday, then I had few moments unstable system and then MacOS crash, the one with press any key to restart. After the restart I saw apple logo then the forbidden logo …it barely boot twice, one boot Tuesday and one boot Wednesday but the MacBook crashed after few minutes of usage …now no sign of boot or startup at all. The MacBook has the latest MacOS update.

    Any ideas? Thanks!

    1. Hello Valif,

      It is recommended that you reinstall macOS over the top of your old OS. This will preserve the data yet repair the /var symlink that is causing problems.

      Thanks

  3. Hello,

    I did the step by step instruction on a 10.10.5 machine. But here what happen.
    -It rebooted fine but if you restart the Mac the issue comes back.
    -All the admin account is gone from the Users and Group. But the standard user account are still there.
    -The Mac cannot access the internet or any network resource. Looking at the network the IP, gateway and DNS is correct, but it needed an admin username and password to make some changes. The problem is there are no admin account listed.

    Any further help would be greatly appreciated.

    https://derflounder.wordpress.com/2019/09/25/google-keystone-update-breaks-macs-ability-to-boot-if-system-integrity-protection-is-disabled/#more-10541

  4. Hello all,

    10.10 or older:
    only do symblink and the hidden chflag and
    remove launch agents from
    /Users/[affected user]/Library/LaunchAgents/
    OR
    /Library/LaunchAgents/
    – com.google.keystone.agent.plist
    – com.google.keystone.xpcservice.plist
    # exit
    (recommended) # csrutil enable (10.11+)
    8. Reboot

    Could someone please help translate this into what command are need. Like the fix for 10.11 and later
    Thank you in advance!!!

  5. Two of my Macs were affected by this, a 5,1 Mac Pro running High Sierra and a Mac Mini running El Capitan and Server.app. Strangely enough, while the Mac Pro had that issue, it wasn’t even showing all my boot disks. Thank God, I had plenty of different date backups, the one from September 21 saved my posterior.

  6. This didn’t work on my infected machines.
    `/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle` doesn’t exists because is in `~/Library/Google/` (under the home/user directory, not disk root)
    so `/Users//Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle`

    Because of that, what worked instead was:

    “`
    chroot /Volumes/Macintosh\ HD # “Macintosh HD” is the default
    rm -rf /Users//Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
    mv var var_back # var may not exist, but this is fine
    ln -sh private/var var
    chflags -h restricted /var
    chflags -h hidden /var
    xattr -sw com.apple.rootless “” /var
    “`

    Where username is the user with the Google services installed

    1. /Users/USERNAME/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle

      “`
      chroot /Volumes/Macintosh\ HD # “Macintosh HD” is the default
      rm -rf /Users/USERNAME/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
      mv var var_back # var may not exist, but this is fine
      ln -sh private/var var
      chflags -h restricted /var
      chflags -h hidden /var
      xattr -sw com.apple.rootless “” /var
      “`

      The text validator has stripped “USERNAME” tags from the pathss

        1. @admin —

          I suggest that anywhere `/Users/USERNAME/` is in the path, it be changed to `/Users/*/` because this really should be done for all users on all affected Macs.

          I also add my voice to the wish that the instructions for 10.9 and 10.10 were an explicit action sequence with explicit commands, just like the instructions for 10.11+.

  7. Hi guys can you please help me to fix this problem in my mac os 10.10.5
    I’ve already try this one but nothing work for me

    1. Boot into Recovery
    2. Launch Terminal
    (only if you’re on 10.11+ with SIP)
    # chroot /Volumes/[affected install]
    # mv var vv
    # ln -s private/var var
    # chflags -h restricted /var
    # chflags -h hidden /var
    # xattr -sw com.apple.rootless “” /var

    1. Hello Sam,

      You are on 10.10 The instructions you tried are for 10.11 and above Macs. I have a section at the bottom of #7 For 10.9 and 10.10 systems. Thanks!

      1. Hi admin
        Did you talk about this one in 10.10.5

        10.10 or older:
        only do symblink and the hidden chflag and
        remove launch agents from
        /Users/[affected user]/Library/LaunchAgents/
        OR
        /Library/LaunchAgents/
        – com.google.keystone.agent.plist
        – com.google.keystone.xpcservice.plist
        # exit
        (recommended) # csrutil enable (10.11+)
        8. Reboot

        Can you please give me the commands that should I use because i didn’t know what i write in terminal

  8. Reinstalled 10.10.5 yesterday from recovery mode after crashing during reboot and haven’t turned off my MacBook Pro since. I am completely lost with issues like this, will just upgrading to a newer OSX from where I am now fix it?

    1. Hello Johan,

      If you upgrade to at least 10.11 El Capitan you should be protected because it includes SIP. MacOS (SIP) System Integrity Protection would have prevented Google Chrome Keystone Updater from modifying the /var Directory.

  9. So is there a fix to networking and DNS being disabled, or is it implied that we have to do a complete OS re-install in order to remedy this?

    1. Zuki: networking and DNS are not affected, unless your Mac is managed by an IT department eg using Jamf. Contact them if so.

  10. Hey! I ran the commands in the Hot To Fix section, was able to access all my data, but not connect to the internet. I tried to open Safari (avoiding Chrome), and the internet wouldn’t connect. I thought hmm, might just to a restart. After the restart, the same crash happened.

    Ran the recovery mode once more thinking it would fix again. Input the cmds, and the following:
    Input: chroot /Volumes/Macintosh\ HD
    O: #nothing
    I: -rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
    O: #nothing
    I: mv var var_back
    O: mv: rename var to va_back/var: Directory not empty
    I: ln -sh private/var var
    O: #nothing
    I: chflags -h restricted /var
    O: #nothing
    I: chflags -h hidden /var
    O: #nothing
    I: xattr -sw com.apple.rootless “” /var
    I: reboot

    Upon rebooting, crash at roughly ~25% of the loading bar.
    Rebooting (again) with SHIFT; CMD + V, I see the following (final few lines):
    BootCacheControl: Unable to open /var/db/BootCache.playlist: 2 No such file or directory
    BootCacheControl: Unable to open /var/db/BootCaches/PreheatedUser/Merged.playlist: 2 No such file or directory
    BootCache Control: Unable to open /var/db/BootCaches/PreheatedUser/Login.playlist: 2 No such file or directory
    BootCacheControl: Added 32-bit shared cache to the low priority batch
    bash: /etc/rc.server : No such file or directory
    OSX FIPS Integrity Test: The /var/db/FIPS/fips_data file does not exist (2)
    FIPS USER Space POST: Integrity test failed!
    FIPS_POST failed!

    And then the shutting down jargon. For reference, I’m on 10.10.5, Macbook Pro 2011. Any insight?

    1. Martt,

      I updated the article to more clearly separate the 10.9-10.10 and the 10.11-10.14 fix.

      If you are still having problems you can reinstall 10.10 over your current installation. All data will be preserved and that should get you up and running.

      1. Thanks. Will try to run the cmds once more. If no avail, will re-install.
        On a side note, I imagine this must affecting thousands (hundreds of thousands?) of users. Why is there not more mainstream traction of the issue? I can’t imagine the number of calls the genius bar is getting.

        1. Martt, after it was found that the issue was directly related to non or disabled SIP (System Integrity Protection) systems the answer became clear. Most Macs used today have SIP enabled so they were not affected by this issue. The /var file was protected and could not be modified. So it ended up that 10.9 and 10.10 systems were affected and anyone who had a newer mac but disabled SIP. The number of users in this situation was not a big % of the total Mac population, but ended up being thousands of users! I am glad Apple implemented SIP as it protects critical system files from being modified.

  11. Ran the fix posted by Google on several machines running 10.10.5 that were all disabled, managed to get them to boot again – also reporting that the ‘users’ and ‘sharing’ preferences all seem to have been disabled in the System Preferences/Sharing panel. No DNS or browsing Internet, however ssh does work through the command line.

    Hoping that fixes will be posted soon to acknowledge this fairly major screw-up.

  12. Oh man !
    My Hackintosh crashed yesterday morning with all this symptômes : some apps could not reach DNS, I restarted and was in infinite boot loop.
    I recovered from a version from last Saturday and I will remove Chrome completely to be sure…hoping he has not already updated to the faulty version again.
    Good to have all the infos on your page… I was about to buy a new motherboard thinking it may had a hardware problem…
    thanks a lot !

  13. We have had this happen to two of our Mac Pro’s in the last hour, one a laptop that we had fixed just hours previously – the article says the update had been disabled, so how was it still able to do this? We do not have SIP on either computer, the only real fix we know for now is to not use Chrome.

  14. I’ve had the issue under 10.10.5 yesterday, had to reinstall “manually” Yosemite (using another Mac in Target mode) ’cause recovery mode gives “service unavailable” message….
    I’ve just the “ls -ldO /var” command in terminal and I get this (the Mac is on since the reinstallation, thus the login date):
    Last login: Tue Sep 24 17:48:03 on console
    mac-pro-de-user:~ user$ ls -ldO /var
    lrwxr-xr-x@ 1 root wheel hidden 11 24 sep 17:30 /var -> private/var
    mac-pro-de-user:~ user$
    Is it normal?

    I’ve deleted both Launch Agent which, indeed, showed the exact date and hour of the crash…

    Thanks a lot for all your work!

    Mathieu
    I don’t see the “retsricted” thing as described in the article.

    1. Mathieu, I added an extra note in the fix part to mention 10.10 does not support SIP. You have to run a different set of commands.

      Thanks!

  15. FYI – from Hacker News

    https://news.ycombinator.com/item?id=21065504

    —–
    Hey. Google Keystone tech lead here. We are aware of the issue, and we’ve stopped the release. We’re building a replacement that fixes the problem. In the meantime, to fix affected machines:

    sudo rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
    sudo ln -F /private/var /var

    This deletes the affected version of Keystone and reinstates the damaged /var symlink.

    The version of Keystone packaged with Chrome is not affected by this bug, so allowing it to reinstall Keystone will not recreate the issue.

  16. After using this fix, the computer booted normally, but nothing has network access except chrome.
    Also the administrator account doesn’t work, after rebooting, once again the computer fails to boot.
    What could I have done wrong, what else would I need to do after booting into the OS normally?

    1. I’m having the same problem. Mac os 10.10.5. I followed google terminal commands for fix and afterwards noticed this article and the difference fixes based on OS version. Did we screw up the filesystem by entering the 10.11+ commands into terminal instead of 10.10 or below?

  17. Trying to run the fix code that starts with xattr -sw com.apple.rootless and thereafter doesn’t work.

    1. Derek,

      What error are you getting? Are you booted to recovery? What OS version are you trying this on?

  18. how can you fix this if you can’t boot into recovery or single user mode? Using a Hackintosh.

  19. may want to note that if you are on OS 10.9 or 10.10 then the output would be

    lrwxr-xr-x@ 1 root wheel hidden 11 Apr 1 2018 /var -> private/var

  20. How to disable Google Chrome auto updates, preventatively:

    launchctl unload ~/Library/LaunchAgents/com.google.keystone.agent.plist
    launchctl unload ~/Library/LaunchAgents/com.google.keystone.xpcservice.plist
    launchctl remove com.google.keystone.xpcservice.plist
    launchctl remove com.google.keystone.agent.plist

  21. Are all affected Macs managed by Jamf? We went through a similar nightmare a year ago that affected Macs across our organization. We tracked it down to a faulty Mac OS install policy.

    1. Bbunn,

      Yes, you should be able use the fix in single user mode. The fix was only tested in recovery mode though. If you try it and it works can you report back ?

      Thanks!

      1. yes it works. you only need to “mount -uw /” to make the file system writable.

        Thank you for the good work!

  22. There is a lot of technical jargon in the crucial part of this post that tells people how to check and/or fix the issue. Could you translate for the layman?

    1. Alex,

      Agreed. I will make a section that explains the issue better so more people can understand it now!

      1. Thank you.

        So I’ve checked my systems by following Step 6 of the article. All appears to be well despite having SIP disabled on one of the machines. I’m still afraid to reboot the computers! Is there anything we should be doing in order to actually prevent the issue from occurring at all? Without taking action I feel like a sitting duck!

        Should I follow step 7 as a preventative measure? Should I disable auto-updates to Chrome?

        1. Man, your article crucified Avid. I get that the site is meant to do that, but Avid really isn’t at fault here.

          1. Michael, are you talking about my article or someone else’s? Mine was one of the first to say it was NOT AVID.

    1. Stevens,

      You can run ls -ldO /var to see. It should say “restricted” and point to private/var like below

      lrwxr-xr-x@ 1 root wheel restricted,hidden 11 Apr 1 2018 /var -> private/var

      If the link is broken it will show something like this

      drwxr-xr-x 5 503 wheel – 170 Sep 24 14:37 /var

  23. The Jamf extension attribute won’t work if you are using a FQDN to connect your macs to your JAMF Pro server. /var/resolv.conf is needed for DNS to work properly and since the system is creating a bogus /var folder, and the file in /private/var is inaccessible, DNS breaks. Macs with this problem can’t check in, get policy, or update inventory with extension attribute data. We are reverting to Apple Remote Desktop to send UNIX commands to determine which machines have broken symlinks.

    1. Yes, me too – 2018 MacBook Pro 13″ macOS 10.14.6 up to date, SIP enabled. Got stuck in a Boot screen asking to choose a language, looked a lot like the Recovery Boot screen… Force rebooting with Command-Option-P-R a few times worked for me (so maybe a different issue?)

    2. Me too. 10.13.6 with SIP enabled. Multiple MacBook Pro models. Frustrating as hell since none of the crash reports were helpful.

      1. Forgot to mention that all was fixed with Google’s instructions (as posted in the article above).
        chroot /Volumes/Macintosh HD
        rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
        mv var var_back
        ln -sh private/var
        chflags -h restricted /var
        chflags -h hidden /var
        xattr -sw com.apple.rootless “” /var

Comments are closed.