Sounds great. Can you post how to boot into recovery on M4?
From my notes, just went through it:
Force-delete persistent Network Extension configuration after app removal in MacOS Recovery Mode.
It is required when deleted applications leave orphaned services that block Local Network permissions (e.g. crashed VPNs, security tools). The configuration can't be deleted while the OS is running. Most of the configuration files are protected by System Integrity Protection (SIP) during normal boot. Recovery Mode bypasses SIP.
Example of orphaned service: synergy-service
Location: System Settings > Privacy & Security > Local Network
Config file disk location: Macintosh HD/Library/Preferences/com.apple.networkextension.plist
IMPORTANT NOTE: Backup first as this will reset all network extensions and more
-------------------------------------------------------------------------------------------
1. Shut down the computer: Apple menu > Shut Down
2. Boot to Recovery:
a. Press the Power button and hold it until 'Loading Startup Options...' text appears
b. Select: Options > Continue > Authenticate as admin
c. Open Terminal: Top menu bar > Utilities > Terminal
3. Identify system volume (ignore external drives): diskutil list internal
4. Unlock FileVault (if enabled): diskutil apfs unlockVolume disk3s4 -passphrase "your_mac_login_password"
* disk3s4 for disk3 and partition 4, replace it by your 'Macintosh HD - Data' identifier
* omit -passphrase to enter password interactively
5. Mount & remount system volume (-u for update existing mount and -w for enable read-write mode):
a. diskutil mount disk3s4
b. mount -uw /Volumes/Macintosh\ HD
6. Access the file system: cd /Volumes/Macintosh\ HD/
7. Delete the com.apple.networkextension.plist configuration file (-f for force)
a. cd /Volumes/Macintosh\ HD/Library/Preferences
b. rm -f com.apple.networkextension.plist
c. Confirm deletion: ls -la | grep networkextension
8. Reboot: Apple menu > Restart
Important Post-Recovery Actions:
a. System Settings > Privacy & Security > Local Network
Apps might not work until re-added: Open the app and it should trigger permission prompt
b. System Settings > Network > Firewall
Firewall will be turned off, reset to defaults and all custom rules lost: Turn on and re-configure the Firewall
c. System Settings > Network > Filters & Proxies
Re-enter the app manually or open the app and it will trigger permission prompt
d. System Settings > General > Login items & Extensions > Extensions (select 'By Category', Tahoe only) > Network Extensions
Network extensions (e.g. ad blockers) will be disabled until re-enabled
Pro Tips:
a. If rm fails, the file may be locked by a kernel extension. Boot into Safe Mode first (shift key at startup)
b. Always uninstall apps via their official uninstaller before deleting app bundles
c. Last resort only: If the file reappears after reboot, the orphaned service is still registered.
Run in terminal before deletion: sudo launchctl remove com.apple.networkextension
This procedure is irreversible and may cause system failure or instability.
