Debugging applications that run on Ubuntu

Note: The following topic applies to applications running on Ubuntu, and when using Docker on Ubuntu and Windows platforms.

By default, on Ubuntu, a process can only attach to another process if it has a predefined relationship with it. An example would be a parent process that has started a child process. This is a restriction to ptrace and is valid for non-root users only. It is designed to ensure higher security to malware attacks. The root user can still attach to any process.

This affects unsolicited Dynamic Attachment debugging.

This behavior is defined by the sysctl value in /proc/sys/kernel/yama/ptrace_scope, which is set to 1, by default.

To relax the restriction and allow processes to attach to other processes, this value must be set to 0. This allows processes that have the same user id to attach to each other. Execute the following to remove the restriction:

sudo sh << END
echo 0 > /proc/sys/kernel/yama/ptrace_scope

If the launch.json file contains a COBOL: Attach to process configuration or if you use Visual Studio Code for dynamic attachment, then you might need to set ptrace_scope to zero in order to enable the debugger to run.