问题
I've checked /proc/sys/kernel/yama/ptrace_scope in the container and on the host - both report the value as zero but when attached to pid one gdb reports
Reading symbols from /opt/my-web-proxy/bin/my-web-proxy...done.
Attaching to program: /opt/my-web-proxy/bin/my-web-proxy, process 1
ptrace: Operation not permitted.
I've also tried attached to the container with the privileged flag
docker exec --privileged -it mywebproxy_my-proxy_1 /bin/bash
Host OS is Fedora 25 with docker from their repos and container is a official centos6.8
回答1:
I discovered the answer - the container needs to be started with strace capabilities
Adding this to my docker-compose.yml file allows GDB to work
cap_add:
- SYS_PTRACE
Or it can also be passed on the docker command line with --cap-add=SYS_PTRACE
来源:https://stackoverflow.com/questions/42029834/gdb-in-docker-container-returns-ptrace-operation-not-permitted