remote debugging application inside a greengrass docker component


i read that i can remote debug an application in a docker container by starting the container like

docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -it <image_name>

however i don't think i can run a docker component with the -it 'interactive flag'

without the -it flag if i try to connect to a running process in the docker i receive a

Unable to start debugging. Attaching to process 29966 with GDB failed because of insufficient privileges with error message 'ptrace: Operation not permitted.'.


how does anyone else debug inside a greengrass container ?

  • Hi, are you running Greengrass inside a container or are you running a component as container?

  • Hi @MassimalianoAWS , I'm running the Docker container as a component on a Greengrass device. (we have multiple Docker components actually, but this one i would like to debug)

asked 9 days ago35 views
1 Answer

The "ptrace: Operation not permitted" error message usually occurs when you are trying to attach a debugger to a process running inside a Docker container and the container is running in a restricted environment or with insufficient privileges, In some environments, such as when running Docker containers with default security settings, ptrace is not allowed by default due to security concerns.

answered 8 days ago
  • how would one get around this ? I thought the --cap-add=SYS_PTRACE and --security-opt seccomp=unconfined part of me starting up the docker container would do this ?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions