jarek-przygodzki/docker-shell-on-host.md

Last active August 17, 2022 03:50

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/jarek-przygodzki/e80c3ed716b94f2678f0455dfce95675.js"></script>
Save jarek-przygodzki/e80c3ed716b94f2678f0455dfce95675 to your computer and use it in GitHub Desktop.

Download ZIP

Docker: get a shell on the host

Raw

docker-shell-on-host.md

$ docker run --privileged --pid=host -it alpine:3.8 \
nsenter -t 1 -m -u -n -i sh

--rm : removes the container after it is stopped
-ti (or -t -i) : adds a tty and leaves the standard input opened
--privileged : grants additional permissions to the container, it allows the container to gain access to the devices of the host (/dev)
--pid=host : use the host's Process ID Namespace. Allows the container to use the process tree of the Docker host (the machine in which the Docker daemon is running)

nsenter

-t PID Target process to get namespaces from
-m Enter mount namespace
-u Enter UTS namespace (hostname etc)
-i Enter System V IPC namespace
-n Enter network namespace
-p Enter pid namespace

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment