docker exec --user root

"The worst thing that can happen is that you accidentally learn something." For a person like me, who loves learning new stuff about technology, learning something by accident is one of the best things that can happen ;)

Diving in kernel code is scary and fascinating as CTF's, both requires same curiosity though

This kind of videos about kernel/syscall are amazing man, keep going

"this loose and wide approach of learning gets you deeper than just being boxed into a topic by some kind of kind of standard tutorial" well said 👍

For my work I use a lot of windows containers, so far I haven’t found a great explanation of this on the windows side of things, but I do feel inspired to write Pocker, a powershell implementation of docker on windows, which I’m pretty sure will easily surpass bocker in horribleness ;)

Kudos brother 👊. You are doing so much for the community, stuff like deep dive in to kernel source is something you simply can't find anywhere else! Thanks for this little series, hope to see another on on aufs.

Very well explained series about Docker. Good job.

Thank you for the three docker vids, i learned a lot!

chroot is needed to setup a root filesystem in the mount-namespace. When you later join the mount-namespace the root filesystem is already setup

Dude... I've been watching your videos for a while now, I'm not a programmer or anything and just recently started using linux, docker was something I didn't understand at all. but just recently got around to the idea of running Arch linux on my phone via Termux. I was facing a problem trying to run one piece of software on Arch, it didn't make sense, then I dived deep into the logs and what not... Being a fresh rookie to linux I though there's something I'm doing wrong here, then out of the blue I got a "flashback" seeing how you talked about privilages and docker... it all made sense why I was facing those issues! suddenly the way Arch was being "ran" made total sense, I still haven't solved my issue (and I don't think I will ever solve it from the research I've done now), but it stopped me from diving deep down the termite hole, and maybe get me diving down the rabbit hole. TLDR; Thank you for teaching me something I didn't think I learned watching your videos!

I believe the `chroot` is needed to select the binary you want to call from within the container's mount namespace. Since you don't include the chroot, you're calling the host's /bin/bash instead. This can be useful if you're debugging a container with a minimal (or non-existent) tools. You can use nsenter with tools from the host.

Holy balls, I never thought "getpid" implementation would be so complicated

is there a way to get a high-res version of the drawn docker logo used here? i think that it, in combination with some other images from this channel, could make for some great wallpapers

Nice video :)

Hi ! I see 42 of your video today haha ... Yeah get so much time :p I learn a lot with you, your website is cool too (you forgot your KZbin's intro video with comment on your html :p) (if you want some's help for your layout I'm a frond-end) Keep going ! I will test some of your's advice

Omg, very good thanla

Thanks for that awesome explanation of how docker works :D definitely learned something. The only major problem I always run into is the fact, that docker runs soooo much slower on MacOS than Linux and even Windows (I mainly develop in PHP) I'm talking like seconds longer for the same request. But I guess this has something to do with how docker is implemented in MacOS. Or do you have any experience with that?

Cooles Video, ich verstehe zwar zu 60% nur Bahnhof, aber ich denke ich habe dennoch ein paar Sachen dazu gelernt.😊

BSD jails are like Linux containers but a lot less messy :)

Inb4 you find a container vuln and end my whole docker/kuberbetes deployment architecture

Repeating my question from the last video: Docker for Linux seems clear now, but how does docker work on other OSes then? VM or something else?

Bro hi I'm new to your channel

Started with docker, then found systemd-nspawn - which I like tinkering with more than docker.

Cloud computing is just someone else's computer. Containers are just someone else's kernel :p.

NIce, do Hyper-V next :) You might need a soldering iron.

can you please combine this docker videos in one playlist? (docker system hacking)

Can you investigate how docker uses cgroups too?

Can you please make vedios about converting suselinux iso image into docker image

Bash sounds like a reasonable language to implement Docker. Definitely better than Go. Docker still sounds to me like over-engineered wrapper around tar and bunch of names pace and cgroup commands.

Wow, 8 character tabs and no enforced brackets after if statements.

but nsenter is just docker with root?

I would like if you could make a video about reverse engeneering because I'm interested to know how to hack online games mmorpg

Beans

8th Meow

Why is bocker "terrible"?

last

0 views and 7 likes.. hmm

Any uefa champions league fan here?

first at everything: watch, like, comment.

You are exaplining containers and nsenter not from a Linux perspective but from a shell binaries perspective. Awful video.