Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Docker VM. This also works for Docker for Windows for getting in Moby Linux VM (doesn't work for Windows Containers).
docker run -it --rm --privileged --pid=host justincormack/nsenter1
more info: https://github.com/justincormack/nsenter1
nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock
Exit the shell with exit
.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
Phil Estes (Docker Maintainer) says:
it’s running a container (using the debian image. nothing special about it other than it apparently has
nsenter
installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
docker run -it --rm --privileged --pid=host justincormack/nsenter1
The 2nd method to attach, using
docker run -it --rm --privileged --pid=host justincormack/nsenter1
"just works" reliably.I've observed that when using screen to attach to the tty, occasionally the output will get corrupted. In this case, I can't seem to reset it back using the normal 'unix-y' tricks like 'reset', 'stty sane', 'Ctl-a Z', or such. From the output of pstree, and typing the command 'sleep 100', I can see that my commands are making it through, just the output being somehow not rendered.
Curious if there is anyone knew the cause for this -- but happy to have this universal solution