Here is the OS I am using:
Linux securecluster 4.9.8-moby #1 SMP Wed Feb 8 09:56:43 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
When trying to attach gdb to hanging process as root user, I got the following:
Attaching to process 9636
Could not attach to process. If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
I modified /etc/sysctl.d/10-ptrace.conf , resulting in:
kernel.yama.ptrace_scope = 0
However, I got the same error. I tried changing /proc/sys/kernel/yama/ptrace_scope :
echo 0 | tee /proc/sys/kernel/yama/ptrace_scope
tee: /proc/sys/kernel/yama/ptrace_scope: Read-only file system
Hint is appreciated.
Disabling ptrace in docker If you run docker version lower than 19.03 or have kernel version lower than 4.8, ptrace is disabled by default. You can enable it by adding –cap-add=SYS_PTRACE flag. For example {docker run –cap-add=SYS_PTRACE python}. Docker uses seccomp configuration to prevent ptrace from running.
ptrace_scope: As Linux grows in popularity, it will become a larger target for malware. One particularly troubling weakness of the Linux process interfaces is that a single user is able to examine the memory and running state of any of their processes.
Are you using a container engine? Try attaching to the process from the outside of the container (on the host); it may have a different PID there.
Alternatively, launch the container with the CAP_SYS_PTRACE
capability (using --cap-add=SYS_PTRACE
, for example). Of course, if you cannot reproduce the hang, then you cannot use this approach.
I modified /etc/sysctl.d/10-ptrace.conf
This will only take effect on next reboot.
Until then, just do sudo sysctl -w kernel.yama.ptrace_scope=0
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With