如何解决“不允许执行 ptrace 操作"?尝试将 GDB 附加到进程时? [英] How to solve "ptrace operation not permitted" when trying to attach GDB to a process?
问题描述
我正在尝试使用 gdb 附加一个程序,但它返回:
I'm trying to attach a program with gdb but it returns:
附加到进程 29139
无法附加到进程.如果您的 uid 与目标的 uid 匹配进程,检查/proc/sys/kernel/yama/ptrace_scope 的设置,或尝试再次以root用户身份.有关详细信息,请参阅/etc/sysctl.d/10-ptrace.conf
ptrace: 不允许操作.
Attaching to process 29139
Could not attach to process. If your uid matches the uid of the target process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
gdb-debugger 返回无法附加到进程,请检查权限并重试."
gdb-debugger returns "Failed to attach to process, please check privileges and try again."
strace 返回attach: ptrace(PTRACE_ATTACH, ...): Operation not allowed"
strace returns "attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted"
我将 "kernel.yama.ptrace_scope" 1 更改为 0 并将 /proc/sys/kernel/yama/ptrace_scope
1 更改为 0 并尝试 set environment LD_PRELOAD=./ptrace.so
用这个:
I changed "kernel.yama.ptrace_scope" 1 to 0 and /proc/sys/kernel/yama/ptrace_scope
1 to 0 and tried set environment LD_PRELOAD=./ptrace.so
with this:
#include <stdio.h>
int ptrace(int i, int j, int k, int l) {
printf(" ptrace(%i, %i, %i, %i), returning -1
", i, j, k, l);
return 0;
}
但它仍然返回相同的错误.如何将它附加到调试器?
But it still returns the same error. How can I attach it to debuggers?
推荐答案
如果你使用 Docker,你可能需要这些选项:
If you are using Docker, you will probably need these options:
docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined
如果您使用的是 Podman,您可能还需要它的 --cap-add
选项:
If you are using Podman, you will probably need its --cap-add
option too:
podman run --cap-add=SYS_PTRACE
这篇关于如何解决“不允许执行 ptrace 操作"?尝试将 GDB 附加到进程时?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!