KDevelop - Attach debugger to a running process

Tue Apr 7 14:52:05 BST 2020

On 4/7/20 8:27 AM, David Redondo wrote:
> Hi John,
> 
> yes that's a kernel level setting. Probably depending on the distribution you 
> are using. On my system (KDE Neon)  /etc/sysctl.d/10-ptrace.conf reads:
> # The PTRACE system is used for debugging.  With it, a single user process
> # can attach to any other dumpable process owned by the same user.  In the
> # case of malicious software, it is possible to use PTRACE to access
> # credentials that exist in memory (re-using existing SSH connections,
> # extracting GPG agent information, etc).
> #
> # A PTRACE scope of "0" is the more permissive mode.  A scope of "1" limits
> # PTRACE only to direct child processes (e.g. "gdb name-of-program" and
> # "strace -f name-of-program" work, but gdb's "attach" and "strace -fp $PID"
> # do not).  The PTRACE scope is ignored when a user has CAP_SYS_PTRACE, so
> # "sudo strace -fp $PID" will work as before.  For more details see:
> # https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace
> #
> # For applications launching crash handlers that need PTRACE, exceptions can
> # be registered by the debugee by declaring in the segfault handler
> # specifically which process will be using PTRACE on the debugee:
> #   prctl(PR_SET_PTRACER, debugger_pid, 0, 0, 0);
> #
> # In general, PTRACE is not needed for the average running Ubuntu system.
> # To that end, the default is to set the PTRACE scope to "1".  This value
> # may not be appropriate for developers or servers with only admin accounts.
> 
> Regards,
> David
> 
> Am Montag, 6. April 2020, 18:55:25 CEST schrieb John Hayes:
>> Aleix, Sven,
>>
On 4/7/20 8:39 AM, Jonathan Verner wrote:
> Hi,
> 
> the problem is that on most distributions, attaching a debugger to a running 
> process is not allowed by default. See, e.g., https://stackoverflow.com/
> questions/19215177/how-to-solve-ptrace-operation-not-permitted-when-trying-to-
> attach-gdb-to-a-pro
> 
> As per the stackoverflow question, this can be solved by running
> 
>     $ echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
> 
> or editing `/etc/sysctl.d/10-ptrace.conf`
> 
> It seems a good idea to mention this in the documentation. Perhaps kdevelop 
> could also provide a more userfriendly message...
> 
> Cheers,
> 
> Jonathan
> 
> On pondělí 6. dubna 2020 18:55:25 CEST John Hayes wrote:
>> Aleix, Sven,
>>
>> Could you clarify the use of the Attach the Debugger to a running
>> Process? I am working on that section in the KDevelop5 manual and I can
>> attach to a running project with Heaptrack, but not with gdb or lldb.
>> When I try with either debugger I get:
>>
>> 	ptrace: Operation not permitted.
>>
>> Am I doing something wrong, or is this due to linux kernel changes?
> 

Thanks guys, this looks like it will help me move forward on the manual.
It definitely needs to be mentioned in the manual to alleviate
frustration and additional questions.

-- 
Cheers,
John