Closed Mair closed 1 year ago
I'm no expert on this, but could it be that in this case gdb needs to also have these capabilities set? I have no idea how gdb and Linux access permissions interact so this is just a guess though.
thanks @Wojtek242 I tried sudo setcap cap_net_raw,cap_net_admin=eip usr/bin/gdb
but no luck
On Mon, Oct 17, 2022 at 06:45:21PM -0700, Mair Swartz wrote:
thanks @Wojtek242 I tried
sudo setcap cap_net_raw,cap_net_admin=eip usr/bin/gdb
but no luck
Probably /usr/bin/gdb (note the leading slash)
And this comment is just a request to report back on the result of a websearch on "gdb setcap".
Groeten Geert Stappers -- Silence is hard to parse
Seems like this is exactly what you need @Mair: https://stackoverflow.com/questions/4357057/gdb-appears-to-ignore-executable-capabilities
Therefore, I'm closing this issue.
On Wed, Oct 19, 2022 at 02:12:43AM -0700, Wojciech Kozlowski wrote:
Therefore, I'm closing this issue.
Know that closed issues are allowed to get updates.
Please report your success story. a.k.a. Share knowledge about what works for you.
Groeten Geert Stappers -- Silence is hard to parse
@Wojtek242 I really appreciate the input I tried
sudo setcap cap_net_admin,cap_net_raw=eip target/debug/test-prom
sudo setcap cap_net_admin,cap_net_raw=eip /usr/bin/gdb
udo setcap cap_net_admin,cap_net_raw=eip /bin/bash
unfortunately no luck
I got it to work.
My situation is that I am running code on a Debian machine that I am using VSCode to remotely develop against using the VSCode SSH capabilities
my sample code as follows
fn main() {
let mut cap = pcap::Capture::from_device("eth0")
.unwrap()
.immediate_mode(true)
.open()
.unwrap();
while let Ok(packet) = cap.next_packet() {
println!("got packet! {:?}", packet);
}
}
Even though I could start the debugger on the first line, trying to progress I would get the error PcapError("socket: Operation not permitted")
taking a hint from the article https://stackoverflow.com/questions/4357057/gdb-appears-to-ignore-executable-capabilities
I started the debugger and did a ps aux
where I noticed these 2 processes
<home dir>.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/lldb/bin/lldb-server
<home dir>.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/adapter/codelldb
I gave both of these processes permissions
sudo setcap cap_net_admin,cap_net_raw+eip ~/.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/adapter/codelldb
sudo setcap cap_net_admin,cap_net_raw+eip ~/.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/lldb/bin/lldb-server
restarted the debugger and presto
Every time the app compiles I need to give the executable permissions again using sudo setcap cap_net_admin,cap_net_raw=eip target/debug/test-prom
but this is a minor nuisance and an be worked around with scripts
I got it to work.
My situation is that I am running code on a Debian machine that I am using VSCode to remotely develop against using the VSCode SSH capabilities
my sample code as follows
fn main() { let mut cap = pcap::Capture::from_device("eth0") .unwrap() .immediate_mode(true) .open() .unwrap(); while let Ok(packet) = cap.next_packet() { println!("got packet! {:?}", packet); } }
Even though I could start the debugger on the first line, trying to progress I would get the error
PcapError("socket: Operation not permitted")
taking a hint from the article https://stackoverflow.com/questions/4357057/gdb-appears-to-ignore-executable-capabilities I started the debugger and did aps aux
where I noticed these 2 processes<home dir>.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/lldb/bin/lldb-server <home dir>.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/adapter/codelldb
I gave both of these processes permissions
sudo setcap cap_net_admin,cap_net_raw+eip ~/.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/adapter/codelldb sudo setcap cap_net_admin,cap_net_raw+eip ~/.vscode-server/extensions/vadimcn.vscode-lldb-1.8.1/lldb/bin/lldb-server
restarted the debugger and presto
Every time the app compiles I need to give the executable permissions again using
sudo setcap cap_net_admin,cap_net_raw=eip target/debug/test-prom
but this is a minor nuisance and an be worked around with scripts
It seems codelldb
is unnecessary. just target/debug/test-prom
and lldb-server
is enough. Thanks for your solution.
Hi there, looking for some guidance and hopping you can help.
As per the documentation
This works great when running the application however, when trying to debug using break points I get
PcapError("socket: Operation not permitted")
. I get this despite having running sudo setcap cap_net_raw,cap_net_admin=eip path/to/bin. Any idea how I could debug this?