I have VS Code running on macOS connecting to a linux box where I am doing Go development. I am connecting via a user that has sudo privileges on the linux host. The root account is disabled on the remote host.
The application I am writing needs to run with root privileges. Is there a way to set vscode to elevate privileges when debugging the application? Or do I need to enable the root account for software development purposes?
While not the exact same environment, I suppose that the needed underlying functionality of needing root to debug, test, and run your code from VSCode is the same as in this answer to How can I debug Go file in VS Code with root privileges? here.
The gist: VSCode version 1.65.0 has a new experimental launch option "asRoot": "true", use it with "console": "integratedTerminal".
For instance, in your launch.json:
{
"version": "0.2.0",
"configurations": [
{
"name": "Test/dbg pkg as root",
"type": "go",
"request": "launch",
"mode": "test",
"program": "${fileDirname}",
"console": "integratedTerminal",
"asRoot": true,
},
]
}
When launching this configuration by pressing F5, a new debug terminal session opens (or might get reused) and the following command executed, needing sudo (which you mentioned you do have rights to use):
/usr/bin/env GOPATH=/home/foobar/go /usr/bin/sudo /home/foobar/go/bin/dlv dap --check-go-version=false --client-addr=:41945
Here is how I was able to run my tests as root for Python development. This should work for most Visual Studio Code debug environments. First run the debugger and let the Debug Console start up. Stop debugger if needed. Run sudo su and enter password. Now the Debug Console is running as root.
It appears that when using the Restart debugger command, it creates a new console so this cannot be used; you need to stop and than restart.
Start debugging again and you should now be root.
If you close the debug console, you will need to repeat the above steps.
Below is the answer I received from the vs code developer team. This isn’t a feature and it will never be a feature.
In order to debug as a root, the debugger (dlv) must run as a root.
Nether dlv, nor this extension aims to offer privilege escalation
solutions. In remote debugging, dlv on the remote machine is
externally managed, not by this extension, so it's out of scope.
Moreover, this extension just communicates with the dlv on the remote
host with DAP, which is not designed for security. So I am afraid this
extension is not the right layer for privilege escalation. To debug as
a root, as you already know, run dlv on the remote machine as a root
(you may also need to set --only-same-user=false if the remote host is
Linux) but protect access to the dlv server & the remote machine
appropriately using proven security technologies. For local debugging,
this is tracked in #558. But, I want to emphasize that debugging as a
root still needs to be done with great care.
Related
In Visual Studio Code's settings, you can easily add custom terminal profiles like this:
"terminal.integrated.profiles.linux": {
"test": {
"path": "bash",
"icon": "terminal-bash",
}
}
This will open a terminal host for the host on which the vscode server is running (local, devcontainer, remote over ssh, etc).
With that said, VS Code is still capable of opening a local terminal on the host regardless of where it the server is running with the workbench.action.terminal.newLocal command:
Is it possible to write a terminal profile to open a local terminal from the usual UI?
I'm trying to get Remote-SSH working with ssh-agent, from Windows 7 desktop to CentOs 7 server.
I'm using ssh, ssh-add and ssh-agent from the Git for windows package. From the cmd prompt, this is all working fine, I can "ssh-add -l" and see the keys, and I can run "ssh " and it runs with no problems and without asking for password:
C:\Users\gnb>"c:\Program Files\Git\usr\bin\ssh-add.exe" -l
4096 SHA256:zg2IR6OlPwCGP8SzcbriXIQjth5zuDc9rbO6uaNPmcU gnb#VDI028-MEL (RSA)
C:\Users\gnb>ssh vdi ls
Desktop
tsclient
wkspace
C:\Users\gnb>
From within VS-Code, I can't get this to work. Running the exact same ssh-add command from within the VS-Code Terminal does not seem to find the agent:
C:\Users\gnb>"c:\Program Files\Git\usr\bin\ssh-add.exe" -l
Could not open a connection to your authentication agent.
The actual remote functionality in VS-Code more or less works, but keeps stopping to ask for passwords.
What's missing here? Why can the vs-code environment not connect to the ssh-agent?
OK, I've had a few more hours playing around with this and I think I understand what's going on.
It only works from cmd if it is the same cmd window that was used to start the agent. Opening a new cmd window then ssh gets the same msg as starting vs-code from the menu - can't find the agent. It appears that the start-ssh-agent script that comes with git/ssh on Win7 is setting some environment variables or some such that the ssh client needs. This does make sense, Unix ssh-agent acts the same way, but I'm clearly not used to thinking about windows apps in those terms.
It also seems the start-ssg-agent script will set the environment variables to point to an existing agent if one is running, else will create a new agent. So a 2 line batch file
start-ssh-agent
code
will reliably start up VS Code with the ssh-agent. If you name the identity file in the ssh config, vs-code will add they key to the agent when required. Otherwise you need to manually add the key to the agent, or fall back to entering the password all the time.
Suspect the better solution is to be on Win10 and use ssh-agent as a service, which should mean VS-code should find the agent when run from a menu. But I can't test that.
I need to code / edit files in a remote server using SSH, and I would like to access it with VSCode.
I'm on Windows 10, using "Git Bash" as integrated terminal in VSCode, which means I can connect to the server using VSCode's terminal.
What I'm missing is a way to open files from the terminal to the editor, and even better - interacting with the files using the explorer.
How can this be done?
Since the May, 2nd 2019 announcement of "Remote Development with VS Code", you now officially have:
Visual Studio Code Remote - SSH
The Remote - SSH extension lets you use any remote machine with a SSH server as your development environment.
Since nearly every desktop and server operating system has a SSH server that can be configured, the extension can greatly simplify development and troubleshooting in a wide variety of situations.
You can:
Develop on the same operating system you deploy to or use larger, faster, or more specialized hardware than your local machine.
Quickly swap between different, remote development environments and safely make updates without worrying about impacting your local machine.
Access an existing development environment from multiple machines or locations.
Debug an application running somewhere else such as a customer site or in the cloud.
Q1 2020: VSCode 1.42 improves support for Windows servers, including automatic OS detection.
Is this what you are looking for?
https://marketplace.visualstudio.com/items?itemName=humy2833.ftp-simple#overview
You need to setup sFtp connection to your server.
Install extensions Code Runner and SSH-FS. Add config into your user setting like this:
"code-runner.runInTerminal":true,
"code-runner.fileDirectoryAsCwd": true,
"code-runner.ignoreSelection": true,
"code-runner.saveFileBeforeRun": true,
"files.eol": "\n",
"sshfs.configs": [
{
"label": "label",
//Must use the root direction "/"
"root": "/",
"host": "host",
"port": port,
"username": "name",
"password": "password"
"name": "name"
}]
Login your server account over ssh by the vscode terminal. Then you can edit and run your code on remote server.
Try disabling it and re-enabling it. It works for me.
I was able to log in via putty and ssh from terminal, so it wasn't that. It's just the configuration gets hung up or something.
All of the previous answers require installing a package from the VS Code Marketplace. Here is a solution, that won't even require you to install VS Code.
The Web Based VS Code Editor: Run VS Code on any machine anywhere and access it in the browser.
All you need to do is, first install code-server using:
$ curl -fsSL https://code-server.dev/install.sh | sh
Start code-server using:
$ code-server
After running this you can log on to https://127.0.0.1:8080 and view the web-based VS code.
To keep the service running in the background, use:
$ sudo systemctl restart code-server#$USER
You might also want to edit the configurations, for e.g., run it on 0.0.0.0:8080 instead of 127.0.0.1:8080 or to change the password - use:
$ nano ~/.config/code-server/config.yaml
I have used nano as my text editor, feel free to use your preferred text editor.
For in-depth setup and configuration guide: Setup Guide
Original GitHub repo for more info: code-server
here is my debug configuration :
{
"type": "node",
"request": "attach",
"name": "testServer",
"address": "test.server.ip",
"port": 5858,
"localRoot": "${workspaceRoot}/test/server",
"remoteRoot": "~/App/test/server"
}
I have started remote application in debug mode successfully by using below command
node --debug app
Then I start VS Code debugger using testServer configuration. it print error:
Debugging with legacy protocol because Node.js version could not be determined (Error: timeout)
I am using VS Code version 1.16.1 on macOS sierra.
I guess it's not able to connect remote server because it's secured by SSH. But I can't see any configuration related to SSH in VS Code debugger's configuration.
I have already gone through some articles and issues like this
andthis, but no help.
Thanks for any help.
You'll need to start the remote application, and tell node to expose the port remotely with the following command:
node app --inspect=0.0.0.0:5858
I got it working like that on Windows :
Create a new putty session with hostname, your remote server, and go to "Tunnels" under the SSH dropdown, then configure it like it :
Run node debug on your remote host and copy the port it give to you (For me 9229)
Run node debug
Then fill Putty like that :
Fill putty tunnel
You can now save this session, and then open it.
Now, every time you will open this SSH session, everything happening on your remote server on port 9229 will be redirected to your local 9229 port.
In VSCode, the config is now really simple, because it's like you are on local :
{
"type": "node",
"request": "attach",
"name": "Attach",
"port": 9229
},
Hope it helped
In Atom, I'm able to debug installed extensions by opening the developer tools (Option+Cmd+I) and browsing through JavaScript files in ~/.atom/packages, e.g.
Is it possible to do this in VSCode? After opening the developer tools via Help -> Toggle Developer Tools, the only extension-related files I can find are the icon images:
1. Find the extension host process's PID:
$ PID=$(pgrep -f "^/Applications/Visual Studio Code\.app/.*--type=extensionHost")
$ echo $PID
35791
Argument -f tells pgrep to match the pattern against the full process argument string, not just the process name.
2. Send SIGUSR1 to the extension host Node process to tell it to start listening for debugger connections:
$ kill -SIGUSR1 $PID
(This produces no output.)
3. Find which port the process started listening on using lsof:
$ lsof -p $PID -a -i4tcp
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
Code\x20H 35791 tim.vergenz 58u IPv4 0x8af67df8a9aa26a8 0t0 TCP localhost:63767 (LISTEN)
Argument explanations:
-p means filter by PID
-i4tcp means filter by Internet address (4tcp means only IPv4 / tcp protocl)
the -a in between combines the two filters via AND instead of the default OR
In the "NAME" column you'll find the host and port that your VS Code extension host process is listening on -- i.e. in the example above, localhost:63767.
4. Open Chrome Devtools, and add the debug address under Devices > Discover network targets > Configure.
5. Open your new debug target:
You may need to manually add ~/.vscode/extensions to your workspace in order to browse files and add breakpoints:
... and click "Allow" to grant it permission:
Success!
Your code doesn't show in the main developer tools because VSCode unfortunately runs extensions in a separate process called the Extension Host.
You can go to Help > Process Explorer to look up the Extension Host process id, then kill -sigusr1 it to turn on its debugger (like any node process). Then in Chrome, go to chrome://inspect and you should see the process (it won't look very recognizable, the name will be something like /private/var/folders/f3/zmhpprp15zxfd1s3fpp3prm80000gn/T/AppTranslocation/C0D80599-1ECA-4802-A110-A1…)
I'm not 100% sure if all extension code is available in that debugger because it has subprocesses, but so far I've been able to set breakpoints in some of my installed extensions.
Due to how VS Code implements its debugging UI and debug protocol it's not not possible (but I'm not 100% certain about this).
Debug adapters are part of VS Code's extensible architecture: they are contributed as extensions. What sets them apart from other extensions is the fact that the debug adapter code is not running in the extension host, but as a separate standalone program.
You can easily run an extension under the debugger thought. You'll need extension source files and debugger launch configuration.
You can find more about running and debugging extensions in the VS Code documentation.
You can also check the example extension wordcount for launch configuration.
I hope this will help you in vs code extension development you can set up debugging env in this way
create folder with the name .vscode
in this folder create json file named launch.json
in the json file you need this script
{
"version": "0.2.0",
"configurations": [
{
"name": "Extension",
"type": "extensionHost",
"request": "launch",
"runtimeExecutable": "${execPath}",
"args": [
"--extensionDevelopmentPath=${workspaceFolder}"
]
}
]
}
then you press F5 vs code will launch new window with your extension installed
in the new window CTRL+SHIFT+P
search for "toggle developer tools "
if the extension is not for you you need just to run steps 5 & 6