Skip to content

Instantly share code, notes, and snippets.

@gravitylow
Forked from hlissner/codesign_gdb.md
Last active October 23, 2024 09:17
Show Gist options
  • Save gravitylow/fb595186ce6068537a6e9da6d8b5b96d to your computer and use it in GitHub Desktop.
Save gravitylow/fb595186ce6068537a6e9da6d8b5b96d to your computer and use it in GitHub Desktop.
Codesign gdb on macOS

If you are getting this in gdb on macOS while trying to run a program:

Unable to find Mach task port for process-id 57573: (os/kern) failure (0x5).
 (please check gdb is codesigned - see taskgated(8))
  1. Open Keychain Access
  2. In menu, open Keychain Access > Certificate Assistant > Create a certificate
  3. Give it a name (e.g. gdbc)
  • Identity type: Self Signed Root
  • Certificate type: Code Signing
  • Check: let me override defaults
  1. Continue until "specify a location for..."
  2. Set Keychain location to System
  3. Create certificate and close Certificate Assistant.
  4. Find certificate in System keychain.
  5. Double click certificate
  6. Expand Trust, set Code signing to always trust
  7. Restart taskgated in terminal: killall taskgated
  8. Codesign gdb using your certificate: codesign -fs gdbc /usr/local/bin/gdb
  9. Shut down your mac and restart in recovery mode (hold down command-R until apple logo appears)
  10. Open terminal window
  11. Modify System Integrity Protection to allow debugging: csrutil enable --without debug
  12. Reboot your Mac. Debugging with gdb should now work as expected.
@nirbhayc
Copy link

nirbhayc commented Dec 5, 2021

It only worked for me after I added --entitlements switch (as mentioned in https://gist.github.com/gravitylow/fb595186ce6068537a6e9da6d8b5b96d#gistcomment-2891198).

I created gdb-entitlements.xml in current directory, and

$ sudo codesign --entitlements gdb-entitlement.xml -fs gdbc /usr/local/bin/gdb

Big Sur (11.6), gdb (10.1)

@tcwan
Copy link

tcwan commented Mar 30, 2023

Managed to codesign build and gdb 12.1 +multiarch on Venture 13.2.1 on Mac Mini M2 a few weeks ago.

The I updated to Ventura 13.3. Macports had a new gdb port to 13.1.
I tried to update gdb to 13.1, which currently fails compilation on Apple Silicon due to some dylib machine architecture mismatch.

Reverted to gdb 12.1 +multiarch, tried to build, but now codesigning fails.

sudo codesign --entitlements gdb-entitlement.xml -fs gdb-cert /opt/local/bin/ggdb
/opt/local/bin/ggdb: errSecInternalComponent

Edit: Found out that I cannot do this from a SSH session from my user account.
I needed to log into the Administrator account directly from macOS and run the codesign from the terminal as a local session. This is because codesign will trigger a system administrator password dialog before it can proceed.

@UponTheSky
Copy link

@schemacs
Thanks it works! Mine is old Monteray 12.5 with Intel core i5, and the gdb is 13.1

@david-alvarez-rosa
Copy link

Tried above in MacOS Ventura (M1)—not working for me unfortunately :(

Does anyone know how to get this fixed? I really want to get GDB working.

@GOODMIA2024
Copy link

Tried above in MacOS Ventura (M1)—not working for me unfortunately :(

Does anyone know how to get this fixed? I really want to get GDB working.

Same issue here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment