DEV Community

Mark Nefedov
Mark Nefedov

Posted on

Debugging Containers Without Shell Access: Quick Tips

#containers #linux #docker #devops

1. Run Commands Inside the Container’s Namespace

Every container runs in isolated namespaces. Use nsenter to "enter" these namespaces from the host:

# Get the container’s PID (Docker example)
PID=$(docker inspect -f '{{.State.Pid}}' your_container)  

# Inspect processes inside the container’s PID namespace
sudo nsenter -p -t $PID ps aux  

# Check network sockets in the container’s network namespace
sudo nsenter -n -t $PID ss -tnlp
Enter fullscreen mode Exit fullscreen mode

Replace ps or ss with any host-installed tool (e.g., tcpdump, strace).

2. Access Container Files via /proc

Container filesystems are mounted under /proc/$PID/root:

# View container files
ls /proc/$PID/root/etc/nginx/  

# Edit configs directly from the host
vim /proc/$PID/root/app/config.yaml
Enter fullscreen mode Exit fullscreen mode

Why This Works

https://www.man7.org/linux/man-pages/man7/namespaces.7.html

Top comments (0)

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

zaphoddont profile image

WSL2 tips and fixes

Will Sheppard -

lakhera2015 profile image

🚀 Revolutionizing DevOps Debugging with DevOps-GPT & OpenAI!🚀

Prashant Lakhera -

tejas2292 profile image

How I Built My Self-Hosted Cloud with Proxmox, Terraform & Docker

Tejas Patil -

imsushant12 profile image

Optimizing DynamoDB for High Throughput Workloads

Sushant Gaurav -