Viewing the Filesystem of a Docker Container

Categories: Linux

The following commands can be used to view the contents of the filesystem of a running Docker container without needing to start any process within the container (eg shell or sshd). This can be useful for minimal container types which do not have a shell.

# Run following as root
# (applies to Docker 18.09 on Ubuntu 18.04 LTS)
name=<name of container>
dockerId=$(docker inspect -f {{.Id}} $name)
mountId=$(cat /var/lib/docker/image/overlay2/layerdb/mounts/$dockerId/mount-id)
cd /var/lib/docker/overlay2/$mountId/merged

or alternative:

name=<name of container>
PID=$(docker inspect -f '{{.State.Pid}}' $name)
cd /proc/$PID/root

If you are willing to copy the files being inspected, then docker cp can be used:

name=<name of container>
docker cp $name:/some/path/inside/container /some/path/on/host

For a container which is not running, the following is necessary:

name=<name of container>
docker export $name | tar xf -

If the image is large, it might be better to export to a tar-file then extract just specific files:

docker export $name | gzip - > /tmp/$name.tgz

# then the usual tar commands, eg
tar tf /tmp/$name.tar # view all files

wantedfile=etc/passwd # note: no leading slash
tar xf /tmp/$name.tar $wantedfile

# or start an interactive file-browser
file-roller /tmp/$name.tgz

And of course for a startable image with a shell:

docker run --rm -it --entrypoint=/bin/sh name-of-image

or an already-running container with a shell:

docker exec -it name-of-container /bin/sh

All of these solutions were filtered out of a large discussion on stackoverflow, with some fixes/rephrasing.