Linux ptrace and jmap
This is just a note to myself, and to any others who may have run into the same issue as I did.
After switching some Java servers over from the previous Ubuntu LTS release (10.04) to the latest one (12.04), I noticed that the "jmap" command had stopped working. For example,
If you want to disable it permanently, put the following line in
After switching some Java servers over from the previous Ubuntu LTS release (10.04) to the latest one (12.04), I noticed that the "jmap" command had stopped working. For example,
"jmap -heap 4711" aborted withAttaching to process ID 4711, please wait...It turns out a new security feature has been enabled in the Linux kernel a while ago. The system call "ptrace" is now only allowed from the parent of the process. This makes things like jmap useless, since the target process is never a child of the jmap process. Fortunately the feature can be disabled. Just do the following as root:
Error attaching to process: sun.jvm.hotspot.debugger.DebuggerException: Can't attach to the process
# echo 0 > /proc/sys/kernel/yama/ptrace_scopeNow you can use jmap as before.
If you want to disable it permanently, put the following line in
/etc/sysctl.conf:kernel.yama.ptrace_scope=0This will disable it every time the system boots.