docker容器中的gdb返回“ ptrace：不允许操作”。 [英] gdb in docker container returns "ptrace: Operation not permitted."

问题描述

我已经检查了容器和主机上的 / proc / sys / kernel / yama / ptrace_scope -都报告该值为零，但是当附加到pid时gdb报告

I've checked /proc/sys/kernel/yama/ptrace_scope in the container and on the host - both report the value as zero but when attached to pid one gdb reports

Reading symbols from /opt/my-web-proxy/bin/my-web-proxy...done.
Attaching to program: /opt/my-web-proxy/bin/my-web-proxy, process 1
ptrace: Operation not permitted.

我也尝试使用特权标志将其附加到容器上

I've also tried attached to the container with the privileged flag

docker exec --privileged -it mywebproxy_my-proxy_1 /bin/bash

主机操作系统是Fedora 25，其仓库中有docker，容器是官方的centos6.8

Host OS is Fedora 25 with docker from their repos and container is a official centos6.8

推荐答案

我找到了答案-容器需要使用strace功能启动

I discovered the answer - the container needs to be started with strace capabilities

将其添加到docker-compose.yml文件中即可使GDB工作

Adding this to my docker-compose.yml file allows GDB to work

cap_add:
    - SYS_PTRACE

或者也可以使用-cap-add = SYS_PTRACE

这篇关于docker容器中的gdb返回“ ptrace：不允许操作”。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！