-
Notifications
You must be signed in to change notification settings - Fork 218
Troubleshoot attaching to processes using GDB
Attaching to a process on Linux with GDB as a normal user may fail with "ptrace:Operation not permitted". By default Linux does not allow attaching to a process which wasn't launched by the debugger (see the Yama security documentation for more details).
There are three ways to workaround this:
-
Run the following command as super user:
echo 0| sudo tee /proc/sys/kernel/yama/ptrace_scopeThis will set the ptrace level to 0, after this just with user permissions you can attach to processes which are not launched by the debugger.
-
On distributions without Yama (such as Raspbian) you can use
libcap2-binto assign ptrace permissions to specific executables:sudo setcap cap_sys_ptrace=eip /usr/bin/gdb -
Alternatively, launch GDB as super user and attach to processes. Use root@machine to login with a password or certificate. Note, many Linux distros are configured to disallow root login through SSH for security reasons. You may have to configure /etc/ssh/sshd_config to allow root login with certificate or password. You can verify SSH connection via a client like putty.exe in windows.
For Docker Linux containers, it is necessary to add the capability when the container is created in order to allow attaching to a process with gdb.
The flag of --cap-add=SYS_PTRACE needs to be added when starting the container using docker run.
More information can be found on the Docker documentation page.