I have a problem with my Linux daemon program. It starts with root privileges, performs some configuration, and then constantly reduces privileges, switching to some users and groups and continues to work. Switching to an unprivileged user is performed as follows:
void switch_to_user_group(std::string const& username, std::string const& groupname)
{
gid_t gid = getgid();
if (!groupname.empty())
{
gid = get_group_id(groupname);
if (0 != setgid(gid))
{
std::cout << "Failed to switch to group " << gid << std::endl;
std::abort();
}
}
if (!username.empty())
{
uid_t uid = get_user_id(username);
if (initgroups(username.c_str(), gid) != 0)
{
std::cout << "initgroups failed" << std::endl;
std::abort();
}
if (0 != setuid(uid))
{
std::cout << "Failed to switch to user " << uid << std::endl;
std::abort();
}
}
}
The switch works correctly, I see the process in ps and works under my user from above. The problem is that I cannot connect to this process from gdb even after it has reset privileges. Exit:
Attaching to process 15716
Could not attach to process. If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
gdb , , , . Kubuntu 13.10 (YAMA ), Debian 6 7 .
, :
- ptrace , UID, gdb?
- , gdb? ?
.