warning: Error disabling address space randomization: Operation not permitted

warning: Error disabling address space randomization: Operation not permitted

내가 무엇을 잘못했는가(혹은 하지 않았는가)gdb제대로 작동하지 않는 건가요?

root@6be3d60ab7c6:/# cat minimal.c 
int main()
{
  int i = 1337;
  return 0;
}
root@6be3d60ab7c6:/# gcc -g minimal.c -o minimal
root@6be3d60ab7c6:/# gdb minimal
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
.
.
.
Reading symbols from minimal...done.
(gdb) break main
Breakpoint 1 at 0x4004f1: file minimal.c, line 3.
(gdb) run
Starting program: /minimal 
warning: Error disabling address space randomization: Operation not permitted
During startup program exited normally.
(gdb) 
(gdb) print i   
No symbol "i" in current context.

Docker를 사용하시는 경우, 아마,--security-opt seccomp=unconfined옵션(및 ptrace 활성화):

docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined

For whatever reason, your user account doesn't have permission to disable the kernel's address space layout randomisation for this process. By default, gdb turns this off because it makes some sorts of debugging easier (in particular, it means the address of stack objects will be the same each time you run your program). Read more here.

gdb의 이 기능을 디세블로 하면 이 문제를 회피할 수 있습니다.set disable-randomization off.

사용자에게 ASLR을 비활성화하는 데 필요한 권한을 부여하는 것은 아마도 다음과 같은 쓰기 권한을 갖는 것으로 요약됩니다./proc/sys/kernel/randomize_va_space자세한 내용은 이쪽.

Building on wisbucky's answer (thank you!), here are the same settings for Docker compose:

security_opt:
  - seccomp:unconfined
cap_add:
  - SYS_PTRACE

보안 옵션seccomp:unconfined을 수정하다address space randomization경고.

The capability SYS_PTRACE didn't seem to have a noticeable effect even though the Docker documentation states that SYS_PTRACE is a capability that is "not granted by default". Perhaps I don't know what to look for.

ReferenceURL : https://stackoverflow.com/questions/35860527/warning-error-disabling-address-space-randomization-operation-not-permitted