Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to solve "ptrace operation not permitted" when trying to attach GDB to a process?

I'm trying to attach a program with gdb but it returns:

Attaching to process 29139
Could not attach to process. If your uid matches the uid of the target process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.

gdb-debugger returns "Failed to attach to process, please check privileges and try again."

strace returns "attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted"

I changed "kernel.yama.ptrace_scope" 1 to 0 and /proc/sys/kernel/yama/ptrace_scope 1 to 0 and tried set environment LD_PRELOAD=./ptrace.so with this:

#include <stdio.h> int ptrace(int i, int j, int k, int l) {     printf(" ptrace(%i, %i, %i, %i), returning -1\n", i, j, k, l);     return 0; } 

But it still returns the same error. How can I attach it to debuggers?

like image 765
bbaytemir Avatar asked Oct 06 '13 23:10

bbaytemir


2 Answers

If you are using Docker, you will probably need these options:

docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined 

If you are using Podman, you will probably need its --cap-add option too:

podman run --cap-add=SYS_PTRACE 
like image 96
wisbucky Avatar answered Oct 23 '22 15:10

wisbucky


This is due to kernel hardening in Linux; you can disable this behavior by echo 0 > /proc/sys/kernel/yama/ptrace_scope or by modifying it in /etc/sysctl.d/10-ptrace.conf

See also this article about it in Fedora 22 (with links to the documentation) and this comment thread about Ubuntu and .

like image 43
jesup Avatar answered Oct 23 '22 14:10

jesup