The lldb I'm using is from XCode 7.0.1. I can debug my binary if I run lldb as root.
I eventually figured out my actual bug from log messages without lldb. Turns out, Mac OS X 10.11 El Capitan doesn't allow the root user to deploy binaries to /usr/bin which our installer does so that our binary is in the default ssh environment path. I setup a custom ~/.ssh/environment and configured PermitUserEnvironment to yes in /etc/sshd_config and that let my binary run normally. But, still, I can't seem to run lldb as a normal system user with our binary. Tony > On Oct 2, 2015, at 6:05 PM, Jason Molenda <jmole...@apple.com> wrote: > > The fact that it doesn't work as root makes it less likely it's an unsigned > debugserver / missigned debugserver issue. You can run an unsigned / > mis-signed lldb as root and it will still work on os x 10.11, as well as a > signed one run by a user account. > > Is the binary you're running under the debugger signed? I think it needs the > get-task-allow entitlement if the debugger is going to attach/run it. > > >> On Oct 2, 2015, at 5:58 PM, Todd Fiala via lldb-dev >> <lldb-dev@lists.llvm.org> wrote: >> >> Hi Tony, >> >> This is the right list. >> >> Are you using an LLDB that you built locally? If so, can you move aside the >> debugserver that you find somewhere under in your LLDB.framework bundle >> directory, and make a symlink to the debugserver that comes out of your >> /Applications/Xcode.app bundle? Your official Xcode.app one should be in a >> location like: >> /Applications/Xcode.app/Contents/SharedFrameworks/LLDB.framework/Versions/A/Resources/debugserver >> >> The other thing it could be is that I think your lldb_codesign cert may need >> to be recreated on a new OS. I seem to recall the instructions there >> indicate the code signing cert does not survive OS updates but I might be >> mistaken. >> >> I suspect the symlink will resolve your issue, though. With tighter >> security, it is likely that a home-built debugserver is no longer going to >> work without being Apple signed. We may need to adjust the Xcode build to >> create a symlink to the official one if that's the case. >> >> -Todd >> >> On Fri, Oct 2, 2015 at 2:35 PM, Tony Perrie via lldb-dev >> <lldb-dev@lists.llvm.org> wrote: >> I can only seem to debug our binary as the root user om 10.11. I rebooted >> at one point, and lldb did work briefly with a system user but then after >> the machine ran for a bit, it proceeded to not work again. Rebooted again, >> and again, lldb failes with this error... >> >> lldb /opt/aspera/bin/ascp >> (lldb) target create "/opt/aspera/bin/ascp" >> 2015-10-02 14:24:17.091 lldb[1721:12884] Metadata.framework [Error]: >> couldn't get the client port >> Current executable set to '/opt/aspera/bin/ascp' (x86_64). >> (lldb) r -i ~/.ssh/id_rsa /tmp/mp_source/* localhost:/tmp/mp_dest/ >> error: process exited with status -1 (unable to attach) >> >> As root, I can reproduce the error: >> >> root# lldb /opt/aspera/bin/ascp >> (lldb) target create "/opt/aspera/bin/ascp" >> 2015-10-02 14:30:40.515 lldb[1864:14630] Metadata.framework [Error]: >> couldn't get the client port >> Current executable set to '/opt/aspera/bin/ascp' (x86_64). >> (lldb) r -i /var/root/.ssh/id_rsa /tmp/mp_source/* localhost:/tmp/mp_dest/ >> Process 1866 launched: '/opt/aspera/bin/ascp' (x86_64) >> >> Session Stop (Error: Session initiation failed, Server process failed to >> start: permissions?) >> Process 1866 exited with status = 1 (0x00000001) >> >> I have another machine running OS X 10.9 and lldb where everything works >> flawlessly. >> >> The problem with out binary seems to be that OS X is prohibiting our binary >> from starting another process (even as root). Not sure if this is the right >> list for that question though. Assume it's something to do with 10.11's >> security model. >> >> >> _______________________________________________ >> lldb-dev mailing list >> lldb-dev@lists.llvm.org >> http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev >> >> >> >> >> -- >> -Todd >> _______________________________________________ >> lldb-dev mailing list >> lldb-dev@lists.llvm.org >> http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev > _______________________________________________ lldb-dev mailing list lldb-dev@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev
