How to execute/debug an executable requiring root privileges? #190
Description
I built the Raw_Send GNAT.Sockets example program demonstrating simple raw socket usage in GNATStudio continuous release (20240506) on a Linux machine. I cannot run or debug it within GNATStudio because it requires root privileges to create and access the raw socket. Runs fine from the Bash shell prompt using sudo.
I tried various kludges to no avail and searched the GNATStudio user manual. The execution command line and environment seems to be highly restricted, can’t just add sudo the command line. It would be OK if you had to execute the program outside of GNATStudio but running GDB outside of it would be disappointing.
As workarounds, a couple people suggested to 1) use setcap with cap_net_raw; or 2) try running gdbserver as root on the native and getting native GNATstudio to talk to it.
Using setcap allows the binary to execute correctly, the only downside is the command has to be run after every build as the executable file is deleted/recreated. I haven’t taken the time to try the gdbserver approach but might if I get tried of running setcap commands. This approach is better than running the entire IDE as root.
The exact command to get it to run is:
sudo setcap cap_net_raw+ep executable-filename
Example:
ken@linux:$ ./raw_send
Connecting to 127.0.0.1...raised GNAT.SOCKETS.SOCKET_ERROR : [1] Operation not permitted
ken@linux$ sudo setcap cap_net_raw+ep raw_send
ken@linux:$ ./raw_send
Connecting to 127.0.0.1...Connected.
Sending data...Sent 25 bytes.
I would like to do a lot more low level programming but it doesn’t seem doable without being able to set root privilege on the execution environment. Is there another way? What am I missing?