Skip to content

Instantly share code, notes, and snippets.

@jarek-przygodzki

jarek-przygodzki/docker-shell-on-host.md

Last active August 17, 2022 03:50
Show Gist options
  • Save jarek-przygodzki/e80c3ed716b94f2678f0455dfce95675 to your computer and use it in GitHub Desktop.
Save jarek-przygodzki/e80c3ed716b94f2678f0455dfce95675 to your computer and use it in GitHub Desktop.
Download ZIP
Docker: get a shell on the host
Raw
docker-shell-on-host.md 
$ docker run --privileged --pid=host -it alpine:3.8 \
nsenter -t 1 -m -u -n -i sh
  • --rm : removes the container after it is stopped
  • -ti (or -t -i) : adds a tty and leaves the standard input opened
  • --privileged : grants additional permissions to the container, it allows the container to gain access to the devices of the host (/dev)
  • --pid=host : use the host's Process ID Namespace. Allows the container to use the process tree of the Docker host (the machine in which the Docker daemon is running)

nsenter

  • -t PID Target process to get namespaces from
  • -m Enter mount namespace
  • -u Enter UTS namespace (hostname etc)
  • -i Enter System V IPC namespace
  • -n Enter network namespace
  • -p Enter pid namespace
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment