Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there a workaround for: "dtrace cannot control executables signed with restricted entitlements"?

It looks like in OS X 10.11 El Capitan, dtruss and dtrace can no longer do what they're meant to do. This is the error I get when I try to run sudo dtruss curl ...:

dtrace: failed to execute curl: dtrace cannot control executables signed with restricted entitlements

I've come across people noticing this problem but so far no solutions.

Is there a way to fix this or work around this?

like image 582
Flimm Avatar asked Nov 02 '15 11:11

Flimm


1 Answers

Following up to Alexander Ushakov and Charles' answers:

Once you csrutil enable --without dtrace, there is an alternative to copying the binary: run the binary in one Terminal window and trace the Terminal process itself in another Terminal window.

In the first terminal window, find its PID:

$ echo $$ 1154 

In the second terminal window, begin the trace:

$ sudo dtruss -p 1154 -f 

Back, in the first terminal window, run the process you want to trace:

$ ls 

At this point, you should see the trace in the second window. Ignore the entries for the PID you are tracing (e.g., 1154), and the rest are for the process (and its descendants) you are interested in.

1154/0x1499:  sigprocmask(0x3, 0x7FFF53E5C608, 0x0)      = 0x0 0 1154/0x1499:  sigprocmask(0x1, 0x7FFF53E5C614, 0x7FFF53E5C610)       = 0x0 0 3100/0xa9f3:  getpid(0x7FFF82A35344, 0x7FFF82A35334, 0x2000)         = 3100 0 3100/0xa9f3:  sigprocmask(0x3, 0x10BE32EF8, 0x0)         = 0x0 0 
like image 168
Raghu Dodda Avatar answered Sep 24 '22 12:09

Raghu Dodda