static-file-server icon indicating copy to clipboard operation
static-file-server copied to clipboard
verified publisher icon halverneus

Is there a way to shell into the Docker image?

Open wpm opened this issue 2 years ago • 1 comments

I can upload files to the /web directory of a running container using docker cp. After I have done this I want to manage those files, e.g. delete files beneath /web, or move them to different directories. Usually, I would do this by run the shell command via docker exec, but that doesn't appear to be possible.

docker exec pdf_structure-web-server-1 /bin/sh
OCI runtime exec failed: exec failed: unable to start container process: exec: "/bin/sh": stat /bin/sh: no such file or directory: unknown

I tried various paths to a shell program, but none of them worked.

Is there a shell program I can run with docker exec in this image? If not, how do I manage files in the container once I have uploaded them?

wpm avatar Jan 05 '24 18:01 wpm

You are correct, it isn't possible. The image is a "FROM scratch" Docker image, so even if someone could maliciously gain access to the container, somehow, they wouldn't be able to do anything inside the container (aka, this is a feature, not a bug). In fact, with the stock image there are only two files in the entire Docker container (the executable and a file that makes it possible to run the executable as a user other than root).

For the workflow you are using, here are my suggestions:

  1. Instead of docker cp, pick a directory on your host where the files reside and mount it as a volume. In this use-case you can remove the files from that directory on the host and they will disappear. For added security, you can mount the volume with read-only permission for the container.
  2. If you were using a Dockerfile to build your image with the included files, I'd suggest automating an rebuilding the image with the remaining desired files. I suppose you can also script the same result using docker cp.

I definitely recommend 1 over 2, unless you have a use-case where this isn't possible. The two primary uses for the Docker version of static-file-server are for quickly serving files from a folder (solution 1) or for creating a new Docker image with permanent static files included. If you have a use-case that doesn't fit that paradigm, I'm interested in knowing about it in case the project should support it.

halverneus avatar Jan 05 '24 18:01 halverneus