[MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
-------------------------+--------------------------------
 Reporter:  s.j.clark@…  |      Owner:  macports-tickets@…
     Type:  defect       |     Status:  new
 Priority:  Normal       |  Milestone:
Component:  ports        |    Version:  2.3.4
 Keywords:               |       Port:
-------------------------+--------------------------------
 After installing gdb (ggdb) you are required to edit the file
 /System/Library/LaunchDaemons/com.apple.taskgated.plist and add the -p
 option to /usr/libexec/taskgated, i.e. edit the options line in that file
 to read <string>-sp</string>. That was easy enough until El Capitan
 introduced the "rootless" (System Integrity Protection) which means, even
 with sudo you can't edit files in /System. Any ideas out I can add the -p
 option where required to make ggdb work, or some other way to get ggdb to
 do it's thing? [I've found ways to reboot into recovery mode and turn off
 SIP - do I really need to do that to add one character to one file?].

--
Ticket URL: <https://trac.macports.org/ticket/49815>
MacPorts <https://www.macports.org/>
Ports system for OS X
_______________________________________________
macports-tickets mailing list
[hidden email]
https://lists.macosforge.org/mailman/listinfo/macports-tickets
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-------------------------------
  Reporter:  s.j.clark@…  |      Owner:  stuartwesterman@…
      Type:  defect       |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-------------------------------
Changes (by ryandesign@…):

 * keywords:   => elcapitan
 * owner:  macports-tickets@… => stuartwesterman@…
 * port:   => gdb


--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:1>
MacPorts <https://www.macports.org/>
Ports system for OS X
_______________________________________________
macports-tickets mailing list
[hidden email]
https://lists.macosforge.org/mailman/listinfo/macports-tickets
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-------------------------------
  Reporter:  s.j.clark@…  |      Owner:  stuartwesterman@…
      Type:  defect       |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-------------------------------

Comment (by ryandesign@…):

 Apple does not want you to edit system files, like those in /System.
 System Integrity Protection prevents you from editing system files, like
 those in /System. The MacPorts project recommends you leave System
 Integrity Protection enabled, however that would mean you cannot follow
 the gdb instructions to edit that system file. I don't know if there is an
 alternative that allows gdb to function without editing that file.

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:2>
MacPorts <https://www.macports.org/>
Ports system for OS X
_______________________________________________
macports-tickets mailing list
[hidden email]
https://lists.macosforge.org/mailman/listinfo/macports-tickets
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-------------------------------
  Reporter:  s.j.clark@…  |      Owner:  stuartwesterman@…
      Type:  defect       |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-------------------------------

Comment (by soulne4ny@…):

 It is possible to disable System Integrity Protection by `csrutil`.

 http://osxdaily.com/2015/10/05/disable-rootless-system-integrity-
 protection-mac-os-x/

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:3>
MacPorts <https://www.macports.org/>
Ports system for OS X
_______________________________________________
macports-tickets mailing list
[hidden email]
https://lists.macosforge.org/mailman/listinfo/macports-tickets
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-------------------------------
  Reporter:  s.j.clark@…  |      Owner:  stuartwesterman@…
      Type:  defect       |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-------------------------------

Comment (by raimue@…):

 gdb needs to be codesigned. See upstream information at
 https://sourceware.org/gdb/wiki/BuildingOnDarwin

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:4>
MacPorts <https://www.macports.org/>
Ports system for OS X
_______________________________________________
macports-tickets mailing list
[hidden email]
https://lists.macosforge.org/mailman/listinfo/macports-tickets
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-------------------------------
  Reporter:  s.j.clark@…  |      Owner:  stuartwesterman@…
      Type:  defect       |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-------------------------------

Comment (by ryandesign@…):

 Yes, I see that the method used by the portfile is, according to that
 documentation, "'''''strongly unrecommended''''' if you are using Mac OS X
 10.6 (Snow Leopard) or later"

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:5>
MacPorts <https://www.macports.org/>
Ports system for OS X
_______________________________________________
macports-tickets mailing list
[hidden email]
https://lists.macosforge.org/mailman/listinfo/macports-tickets
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-----------------------------
  Reporter:  s.j.clark@…  |      Owner:  stuartwesterman
      Type:  defect       |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-----------------------------

Comment (by gthb):

 Seems like the notice “You will need to make sure
 /System/Library/LaunchDaemons/com.apple.taskgated.plist has the '-p'
 option” should be removed from the gdb port ... because doing so is:

 * “**strongly unrecommended**” by the upstream documentation
 * actively prevented by Apple's SIP (though there are workarounds for
 that)
 * documented as no longer supported in `man taskgated`: “Procmod and
 procview support (-p) was removed in 10.11.”

 Instead, the upstream documentation says the “most up to date and secure
 method” is to code-sign gdb, and it has instructions for doing so. Those
 worked for me, eventually, when I found a workaround for the `codesign`
 command segfaulting, see:
 https://forums.developer.apple.com/message/204823#204823

 In any case, it seems reasonable to update the gdb port instructions to
 match what upstream recommends.

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:7>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-----------------------
  Reporter:  s.j.clark@…  |      Owner:
      Type:  defect       |     Status:  assigned
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-----------------------
Changes (by mf2k):

 * owner:  stuartwesterman =>
 * status:  new => assigned


Comment:

 #53744

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:8>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-----------------------
  Reporter:  s.j.clark@…  |      Owner:
      Type:  defect       |     Status:  assigned
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:               |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-----------------------
Changes (by mf2k):

 * cc: paxperscientiam (added)


Comment:

 has duplicate #53294.

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:9>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #49815: gdb: "rootless" El Capitan prevents required edit of /System/Library/LaunchDaemons/com.apple.taskgated.plist

MacPorts
In reply to this post by MacPorts
#49815: gdb: "rootless" El Capitan prevents required edit of
/System/Library/LaunchDaemons/com.apple.taskgated.plist
--------------------------+-----------------------
  Reporter:  s.j.clark@…  |      Owner:
      Type:  defect       |     Status:  closed
  Priority:  Normal       |  Milestone:
 Component:  ports        |    Version:  2.3.4
Resolution:  fixed        |   Keywords:  elcapitan
      Port:  gdb          |
--------------------------+-----------------------
Changes (by raimue):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 gdb notes hint at codesigning as of
 [380ef99dde4cec0516cba66797d478ff0d97239d/macports-ports] (#54217).

--
Ticket URL: <https://trac.macports.org/ticket/49815#comment:10>
MacPorts <https://www.macports.org/>
Ports system for macOS
Loading...