I'm trying to run this simple program ls
under strace and it wouldnt let me. Can you guys think of why this be the case?
[jeffjose@skipper ~]$ strace ls
strace: ptrace(PTRACE_TRACEME, ...): Permission denied
I'm on Fedora 17b, and my shell is tcsh
. I can provide more info, if needed.
UPDATE: Christopher points out that there's a bug report on this. He also suggests me to tweak selinux or disable it. Is that the only way? What does this mean? What am I doing if I do that? Can someone elaborate and answer that? I'll chose that as the correct answer for my query. Thanks!
UPDATE2: I was doing some debugging using gdb
and this came up again. Lucky for me, what needs to be done was clearly mentioned there.
warning: the SELinux boolean 'deny_ptrace' is enabled, you can disable this process attach protection by: (gdb) shell sudo setsebool deny_ptrace=0
I was able to make strace
run without any trouble. But what does this mean? What did I just do?
Best Answer
SELINUX is (security enhanced linux ) for hardening servers, running it on your desktop is a little much.
However If you want to learn about selinux, a good method is to run it in permissive mode on your desktop machine.
I use a tool called setroubleshooter which sends me desktop notifications when one of selinux's policies has been violated. If the operation is legitimate, I can "generate a local policy module to allow this access"
For example today on my machine gnome3 violated selinux, but was not denied as I am in permissive mode. selinuxtroubleshooter provided this advice:
these two commands allow you to check and set SELINUX
Have fun.