If you're using Docker, you probably need the --security-opt seccomp=unconfinedoption (as well as enabling ptrace):

如果您使用 Docker，您可能需要该--security-opt seccomp=unconfined选项（以及启用 ptrace）：

docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined

For whatever reason, your user account doesn't have permission to disable the kernel's address space layout randomisation for this process. By default, gdb turns this off because it makes some sorts of debugging easier (in particular, it means the address of stack objects will be the same each time you run your program). Read more here.

无论出于何种原因，您的用户帐户都无权为此进程禁用内核的地址空间布局随机化。默认情况下，gdb 将其关闭，因为它使某些类型的调试更容易（特别是，这意味着每次运行程序时堆栈对象的地址都将相同）。在这里阅读更多。

You can work around this problem by disabling this feature of gdb with set disable-randomization off.

您可以通过禁用 gdb 的此功能来解决此问题set disable-randomization off。

As for getting your user the permission needed to disable ASLR, it probably boils down to having write permission to /proc/sys/kernel/randomize_va_space. Read more here.

至于让您的用户获得禁用 ASLR 所需的权限，它可能归结为拥有对/proc/sys/kernel/randomize_va_space. 在这里阅读更多。

Building on wisbucky's answer(thank you!), here are the same settings for Docker compose:

基于wisbucky 的回答（谢谢！），以下是 Docker compose 的相同设置：

security_opt:
  - seccomp:unconfined
cap_add:
  - SYS_PTRACE

The security option seccomp:unconfirmedfixed the address space randomizationwarnings.

安全选项seccomp:unconfirmed修复了address space randomization警告。

The capability SYS_PTRACE didn't seem to have a noticeable effect even though the Docker documentationstates that SYS_PTRACE is a capability that is "not granted by default". Perhaps I don't know what to look for.

尽管Docker 文档指出 SYS_PTRACE 是“默认情况下未授予”的功能，但功能 SYS_PTRACE 似乎没有明显影响。也许我不知道该找什么。