gdb attach fails with ptrace: Operation not permitted

Today I ran into a weird problem. I could not attach to my own process with gdb. The process ran under my UID, but gdb refused to attach. This is a problem of wrong permissions, although /proc/[pid]/status looked ok:

...
Uid:    1000    1000    1000    1000
Gid:    1000    1000    1000    1000
...

I am the owner but cannot attach? Well, I launched gdb as root and could attach. Strange. Without digging deeper into this, my dirty workaround was this:

sudo chmod +s /usr/bin/gdb

Update: Thanks to Mario, who pointed out, that the reason is the Kernel hardening stuff build into the Ubuntu kernel. See his comment how to fix the problem permanently.

19 Antworten auf „gdb attach fails with ptrace: Operation not permitted“

  1. The solution above only works for Ubuntu. I am experiencing the same issue but in Debian. Holler if you have a solution!

  2. Hi Mario,

    echo 0 > /proc/sys/kernel/yama/ptrace_scope

    is not working. It complains „Permission denied“

    Tried with
    sudo echo 0 > /proc/sys/kernel/yama/ptrace_scope

    Yet, the same issue 🙁

  3. @lds: don’t mix sudo and pipes, that will not work. Become root first and the write the value to ptrac_scope:

    $ sudo su -
    $ echo 0 > /proc/sys/kernel/yama/ptrace_scope
    
  4. According to the Ubuntu wiki, that change went in with version 10.10. So can anyone tell me (or even provide a guess?)

    a) why I’m running into the problem in my 10.04 installation, and

    b) what to do about it, since /proc/sys/kernel/yama/ doesn’t exist, let alone ptrace_scope within it?

    (Neither does the 10-ptrace.conf file in /etc/sysctl.d, though at least the *folder* is there! : )

  5. You must be running a backport kernel or something similar. The gdb in 10.10 and later carry a patch to provide a detailed error message:

    Could not attach to process. If your uid matches the uid of the target
    process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
    again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf
    ptrace: Operation not permitted.

  6. I had the same problem. I stopped and started the running process to attach to and the problem disappeared.

  7. By executing sudo chmod +s /usr/bin/gdb, you are basically giving every user root access since any user can then run gdb as root. Thus DO NOT DO THIS UNDER ANY CIRCUMSTANCE!!!

    Go with the echo 0 > /proc/sys/kernel/yama/ptrace_scope solution instead.

  8. Redirects with > will not work unless you are logged in as root.

    Consider

    echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope

Kommentare sind geschlossen.