Categories: Linux
The following commands can be used to view the contents of the filesystem of a running Docker container without needing to start any process within the container (eg shell or sshd). This can be useful for minimal container types which do not have a shell.
# Run following as root
# (applies to Docker 18.09 on Ubuntu 18.04 LTS)
name=<name of container>
dockerId=$(docker inspect -f {{.Id}} $name)
mountId=$(cat /var/lib/docker/image/overlay2/layerdb/mounts/$dockerId/mount-id)
cd /var/lib/docker/overlay2/$mountId/merged
or alternative:
name=<name of container>
PID=$(docker inspect -f '{{.State.Pid}}' $name)
cd /proc/$PID/root
If you are willing to copy the files being inspected, then docker cp
can be used:
name=<name of container>
docker cp $name:/some/path/inside/container /some/path/on/host
For a container which is not running, the following is necessary:
name=<name of container>
docker export $name | tar xf -
If the image is large, it might be better to export to a tar-file then extract just specific files:
docker export $name | gzip - > /tmp/$name.tgz
# then the usual tar commands, eg
tar tf /tmp/$name.tar # view all files
wantedfile=etc/passwd # note: no leading slash
tar xf /tmp/$name.tar $wantedfile
# or start an interactive file-browser
file-roller /tmp/$name.tgz
And of course for a startable image with a shell:
docker run --rm -it --entrypoint=/bin/sh name-of-image
or an already-running container with a shell:
docker exec -it name-of-container /bin/sh
All of these solutions were filtered out of a large discussion on stackoverflow, with some fixes/rephrasing.