After installing gdb from homebrew (via $ brew install gdb
), I followed these instructions to give gdb permissions to attach to a process.
When I got to the step that runs the command:
$ codesign --entitlements gdb-entitlement.xml -fs gdb-cert $(which gdb)
I get the following error, with an exit code of 1:
/usr/local/bin/gdb: errSecInternalComponent
I cannot figure out what is wrong, and therefore cannot proceed with installing a working version of gdb. Any help?
EXTRA INFO:
-
Mac OS X version 10.14.4
-
GDB version 8.3 (via homebrew)
-
Added my user to the
_developer
group; didn't help -
Attempted restart of my machine and
sudo killall taskgated
to no avail -
Attempted installing earlier version of GDB (8.0.1), but got same result
Best Answer
I found that if I first followed these instructions to create the certificate BEFORE attempting to complete the gdb signing instructions, I was able to get it to work. The only exception is that I had to keep the certificate in the System Keychain instead of moving it back into Login.
Here's a consolidated set of steps:
Creating the Certificate with the right permissions
sudo security add-trust -d -r trustRoot -p basic -p codeSign -k /Library/Keychains/System.keychain ~/Desktop/gdb-cert.cer
rm -f ~/Desktop/gdb-cert.cer
Drag the "gdb-cert" certificate from the "System" keychain back into the "login" keychain (and maybe back again...?)EDIT: apparently not necessary, per commentsChecking the Certificate:
security find-certificate -c gdb-cert
-> should show some details about the cert, if it can be foundsecurity find-certificate -p -c gdb-cert | openssl x509 -checkend 0
-> should say the cert won't expiresecurity dump-trust-settings -d
-> should show that this cert has code signing trust setting enabled (may show other certs/permissions)Creating the "entitlements.xml" File:
Copy the text below and save it in an "entitlements.xml" file in your current directory.
Signing the debugger binaries
Run the following commands in terminal:
codesign --entitlements entitlements.xml -fs gdb-cert $(which gdb)
-> codesign with entitlementscodesign -vv $(which gdb)
-> verify codesigningcodesign -d --entitlements - $(which gdb)
-> display details of code signatureRefresh System Certificates
Reboot the machine