9

My goal is to be able to remote debug from Atom.io. into a docker container running go in dlv debugger. This is the first problem:

Update:1. I am running Docker container on a mac, but that should not influence the code signing thing as I am running in a container, right?

Update:2. Codesignig the host, did not help.

Error:

1. root@...:/go/src/app# go get github.com/derekparker/delve/cmd/dlv

2. root@...:/go/src/app# dlv debug hello.go

could not launch process: fork/exec ./debug: operation not permitted

Then tried to

1. root@...:/go/src/app# sudo

2. bash: sudo: command not found
Chris G.
  • 23,930
  • 48
  • 177
  • 302

4 Answers4

5

According Delve Issue #515

Docker has security settings preventing ptrace(2) operations by default with in the container. Pass --security-opt seccomp:unconfined to docker run when starting.

*confirmation of this in official docker bug tracker https://github.com/docker/docker/issues/21051

CAMOBAP
  • 5,523
  • 8
  • 58
  • 93
4

It seems to work if you start the container with --privileged. I've tried to figure out if there is a more fine-grained capability but failed.

Also I just found https://github.com/steeve/homebrew-delve which should make things easier on OSX.

Mattias Wadman
  • 11,172
  • 2
  • 42
  • 57
3

Docker has security settings preventing ptrace(2)

See how i fixed it.

if using a docker-compose file to run the container then append seccomp:unconfined in the services section like below

api: 
  security_opt:
    - seccomp:unconfined

if using docker run ...passing seccomp:unconfined works as well

Edwin O.
  • 4,998
  • 41
  • 44
0

Run Docker container as a command:

docker run -itd -p 2028:22 -p 2345:2345 --dns=10.236.8.8 --privileged=true --name=golang  centos7-golang  /usr/bin/supervisord

it works for me~

Matt
  • 1,518
  • 4
  • 16
  • 30
user8157703
  • 1