Allow `gdb` inside container in AWS dev environments

hhvm / packaging

The sources for how we have built the HHVM packages.

MIT License

65 stars 65 forks source link

Allow `gdb` inside container in AWS dev environments #247

Open fredemmott opened 3 years ago

fredemmott commented 3 years ago

This will be a change to the docker seccomp profile, which is currently customized:

warning: Error disabling address space randomization: Operation not permitted
warning: Could not trace the inferior process.
warning: ptrace: Operation not permitted

Currently attempting to workaround by commiting the container, then restarting with unconfined seccomp profile

jjergus commented 3 years ago

Is this about https://github.com/hhvm/packaging/blob/master/aws/ondemand/facebook/hhvm/seccomp.json ?

My intention with that was to make it less restrictive (I couldn't run HHVM tests without it), not more restrictive/secure (there's no reason for that since it's not a shared machine). If I accidentally made it more restrictive we should fix that.

jjergus commented 3 years ago

I just copypasted that file from the first search result for the error message I was getting :P

fredemmott commented 3 years ago

The current config is less restrictive than default, but still too restricted