How to run gdb in sudo mode in NetBeans
When you are debugging your code in NetBeans, sometimes, you would like to escalate the privilege of your program to do certain things that are not permitted as a normal user. You can certainly run the command as:
sudo gdb <your program>
But then, that’s not a very nice environment to work in. Otherwise, why would you want to use a modern IDE, right? A solution is to run the entire NetBeans as root. But then, that’s probably not what you want, as you would have to mess with all kinds of environment settings, if you have some complex development environment. In this article, I’ll show how to achieve the result inside the comfortable environment of NetBeans, without running the whole NetBeans as root.
First of all, we need to configure /etc/sudoers such that sudo will not prompt for a password when we run gdb. Otherwise, NetBeans will complain that gdb version checking failed, and will not run it.
- Open the file
/etc/sudoersin a text editor (you need to sudo!) - Add the following contents as the last line:
%xp ALL= NOPASSWD: /usr/bin/gdb - Save and exit.
This tells sudo that the users in the group xp can run the command gdb in sudo mode without having to provide a password. The group xp is a group which I belong to. Normally, when you create a new user in Linux, a group with the same name is created as well, unless you specify that the new user belong to some other groups. Change the group name to the group that you belong to.
Note that you have to add it below this line:
%admin ALL=(ALL) ALL
Otherwise, the line above would override all the new settings that you may add. After adding the new settings, let try it to see if it works:
xp@shanghai:~/NetBeansProjects/testexec/dist/Debug/GNU-Linux-x86$ sudo gdb
GNU gdb (GDB) 7.1-ubuntu
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
(gdb)
It should run without prompting for password. If sudo still prompts for password, that means your setting is not correct, please review the description above again.
In NetBeans, you can only set the debugger command, but we want to do more flexible things. Let’s create a file called sudo-gdb, and fill in the following script:
-
#!/bin/sh
-
sudo gdb $1 $2 $3 $4 $5 $6 $7 $8 $9
Save it and set the executable bit with the following command:
chmod 755 sudo-gdb
Now, it’s time to go to NetBeans to change the debugger command. In NetBeans, do the following:
- Select menu
Tools > Options - Click on
C/C++ - Select the
Build Toolstab - In the
Tool Collectionpanel, select GNU. - On the right panel, in the
Debugger Commandfield, change to the following:
/home/xp/bin/sudo-gdb
I put thesudo-gdbscript in the bin folder of my home directory. Set it to the path and file name of yoursudo-gdbscript. - Click on the OK button to save the new settings.
Now, let’s create a C/C++ test project called testexec, which will execute a simple command that requires privilege escalation. Here’s the code of the program:
-
#include <stdio.h>
-
#include <stdlib.h>
-
#include <unistd.h>
-
-
int main(int argc, char** argv) {
-
-
char * cmd = "/bin/mkdir /usr/local/haha";
-
-
int ret = system(cmd);
-
-
return (EXIT_SUCCESS);
-
}
That’s very simple program which will create the directory /usr/local/haha. This will require a change in privilege to perform the task. After compiling the project, it’s time to test it. Let’s set a break point at the beginning of the code, and start up the debugging process in NetBeans. As the debugger stops at your break point, let’s check the process list on the system, and we should see:
...
xp 6664 0.1 0.0 4088 608 pts/9 Ss+ 14:02 0:00 /bin/sh /tmp/gdb_helper_5930088629376080858.sh
xp 6671 0.1 0.0 4088 596 ? S 14:02 0:00 /bin/sh /home/xp/bin/sudo-gdb -nx --nw --silent --interpreter=mi -tty /dev/pts/9
root 6672 1.1 0.5 42764 11316 ? S 14:02 0:00 gdb -nx --nw --silent --interpreter=mi -tty /dev/pts/9
root 6675 0.1 0.0 11720 812 ? Ts 14:02 0:00 /home/xp/NetBeansProjects/testexec/dist/Debug/GNU-Linux-x86/testexec
xp 6943 0.1 0.0 4088 608 pts/9 Ss+ 14:10 0:00 /bin/sh /tmp/gdb_helper_7950020252642466307.sh
xp 6950 0.1 0.0 4088 596 ? S 14:10 0:00 /bin/sh /home/xp/bin/sudo-gdb -nx --nw --silent --interpreter=mi -tty /dev/pts/9
root 6951 1.1 0.5 42760 11312 ? S 14:10 0:00 gdb -nx --nw --silent --interpreter=mi -tty /dev/pts/9
root 6954 0.0 0.0 11720 812 ? Ts 14:10 0:00 /home/xp/NetBeansProjects/testexec/dist/Debug/GNU-Linux-x86/testexec
...
From the list of processes above, we see that gdb is running as root. We also see that the program testexec is also running as root. Just let the program run to end, and go to see in the directory /usr/local, we should see the newly created sub-directory. This shows that the new settings are working properly.
The caveat is that this solution is still not as flexible as I would like. Normally, I would open multiple projects to work on at the same time. Some programs need privilege escalation, others don’t. It is not possible to have custom debugger settings for each program, as the settings apply to all programs in NetBeans.
I’m still looking for a more flexible way. Maybe a special plugin for NetBeans will do?
Thanks a lot, this is exactly what I was struggling to do. A nice article that saved me a lot of time.
Glad it helped.
How can you do this for Python? I would like to have students access the parallel port but not have to use sudo?
@Rick,
This is probably not an issue of NetBeans or Python, but a system privilege issue. You can set read-write privilege for a specific group (say, lp group) to access the parallel port, and then add all users who need access to the port to that specific user group.
That’s probably how I would do.
You can also use the askpass functionality of recent “sudo” versions instead of messing around with the config file.
Great article! Exactly what I was looking for. Thanks a lot.
\”/usr/local/netbeans-7.3/bin/sudo-gdb\”: not in executable format: File format not recognized
this is the error i’m getting. i copy pasted sudo-gdb content n thoroughly verified for no errors
thanq great article.