Today I ran into a weird problem. I could not attach to my own process with gdb. The process ran under my UID, but gdb refused to attach. This is a problem of wrong permissions, although /proc/[pid]/status
looked ok:
... Uid: 1000 1000 1000 1000 Gid: 1000 1000 1000 1000 ...
I am the owner but cannot attach? Well, I launched gdb as root and could attach. Strange. Without digging deeper into this, my dirty workaround was this:
sudo chmod +s /usr/bin/gdb |
Update: Thanks to Mario, who pointed out, that the reason is the Kernel hardening stuff build into the Ubuntu kernel. See his comment how to fix the problem permanently.
I like your style :-). Nice hack!
I found the issue:
https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace%20Protection
And the solution is just either do this (as root):
$ echo 0 > /proc/sys/kernel/yama/ptrace_scope
…or make it permanent by setting ptrace_scope to 0 in /etc/sysctl.d/10-ptrace.conf
Hope you find it useful!
The solution above only works for Ubuntu. I am experiencing the same issue but in Debian. Holler if you have a solution!
Thanks!!!
Hi Mario,
echo 0 > /proc/sys/kernel/yama/ptrace_scope
is not working. It complains „Permission denied“
Tried with
sudo echo 0 > /proc/sys/kernel/yama/ptrace_scope
Yet, the same issue 🙁
@lds: don’t mix sudo and pipes, that will not work. Become root first and the write the value to ptrac_scope:
$ sudo -i
# echo 0 > /proc/sys/kernel/yama/ptrace_scope
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
According to the Ubuntu wiki, that change went in with version 10.10. So can anyone tell me (or even provide a guess?)
a) why I’m running into the problem in my 10.04 installation, and
b) what to do about it, since /proc/sys/kernel/yama/ doesn’t exist, let alone ptrace_scope within it?
(Neither does the 10-ptrace.conf file in /etc/sysctl.d, though at least the *folder* is there! : )
You must be running a backport kernel or something similar. The gdb in 10.10 and later carry a patch to provide a detailed error message:
Could not attach to process. If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
I had the same problem. I stopped and started the running process to attach to and the problem disappeared.
thanks, this solve my problem exactly
By executing sudo chmod +s /usr/bin/gdb, you are basically giving every user root access since any user can then run gdb as root. Thus DO NOT DO THIS UNDER ANY CIRCUMSTANCE!!!
Go with the echo 0 > /proc/sys/kernel/yama/ptrace_scope solution instead.
Redirects with > will not work unless you are logged in as root.
Consider
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope