✦ For everyone, free.

Practical knowledge for real and everyday life

Home

19.2.5.3 Exec Filesystem Check

A focused guide to Exec Filesystem Check, connecting core concepts with practical Docker and container operations.

Filesystem checks using docker exec involve inspecting the filesystem inside a running container to verify file presence, content, structure, permissions, and disk usage. This is done without stopping the container, without copying files out, and without attaching to the container's primary process. The exec'd command sees exactly the filesystem state the container's application sees — including both the image layers and any writable layer changes made at runtime.

Listing Directory Contents

docker exec my-container ls /app

docker exec my-container ls -la /app

The -la flags show hidden files and detailed metadata including permissions, ownership, and modification time.

docker exec my-container ls -lh /var/log

The -h flag shows sizes in human-readable form (KB, MB, GB).

Checking Whether a File Exists

docker exec my-container test -f /app/config.yaml && echo "exists" || echo "missing"

Or using a shell:

docker exec my-container sh -c "[ -f /app/config.yaml ] && echo exists || echo missing"

Commonly used test conditions:

ExpressionTrue when
-f FILEFILE exists and is a regular file
-d DIRDIR exists and is a directory
-e PATHPATH exists (any type)
-r FILEFILE exists and is readable
-w FILEFILE exists and is writable
-x FILEFILE exists and is executable
-s FILEFILE exists and has non-zero size

Reading File Contents

docker exec my-container cat /app/config.yaml

docker exec my-container head -20 /app/logs/app.log

docker exec my-container tail -50 /var/log/nginx/error.log

Searching for Files

docker exec my-container find /app -name "*.log"

Find all files modified in the last hour:

docker exec my-container find /app -mmin -60 -type f

Find files larger than 10 MB:

docker exec my-container find / -size +10M -type f 2>/dev/null

Checking Permissions and Ownership

docker exec my-container stat /app/server

  File: /app/server
  Size: 12345678    Blocks: 24112      IO Block: 4096   regular file
Device: 801h/2049d  Inode: 987654      Links: 1
Access: (0755/-rwxr-xr-x)  Uid: (1000/appuser)   Gid: (1000/appgroup)

docker exec my-container ls -la /data/storage

If the application reports permission errors, the uid/gid mismatch between the container process user and the mounted directory owner is often the cause.

Checking Disk Usage

docker exec my-container df -h

Filesystem      Size  Used Avail Use% Mounted on
overlay          50G   8.2G   42G  17% /
tmpfs            64M     0   64M   0% /dev
/dev/sda1        50G   8.2G   42G  17% /etc/hosts

The overlay filesystem is the container's union filesystem (image layers plus writable layer). The mounted path shows the host disk being used.

docker exec my-container du -sh /app
docker exec my-container du -sh /var/log/*

Checking the Writable Layer

Files written by the container at runtime exist in the writable layer on top of the image layers. There is no direct command to list only the writable layer's contents from inside the container, but checking modified files gives insight:

docker exec my-container find / -newer /app -not -path "*/proc/*" -not -path "*/sys/*" 2>/dev/null

From the host, the writable layer can be examined using docker diff:

docker diff my-container

This lists all files added (A), modified (M), or deleted (D) in the writable layer relative to the image.

Verifying Volume Mounts

Check if a volume is mounted at the expected path:

docker exec my-container mountpoint /data

Or verify the mount's content:

docker exec my-container ls -la /data
docker exec my-container df -h /data

Configuration File Inspection

docker exec my-container cat /etc/nginx/nginx.conf
docker exec my-container cat /etc/postgresql/postgresql.conf
docker exec my-container printenv DATABASE_URL

Checking Symbolic Links

docker exec my-container ls -la /var/log/nginx/access.log

If the official nginx image was used, this shows:

lrwxrwxrwx 1 root root 11 Jan 1 00:00 /var/log/nginx/access.log -> /dev/stdout

This confirms the log redirect is in place.

Verifying Installed Software

docker exec my-container which python3
docker exec my-container python3 --version
docker exec my-container curl --version
docker exec my-container dpkg -l | grep nginx
docker exec my-container apk list --installed | grep curl

Comprehensive Filesystem Inspection

For a thorough inspection without opening a full shell session:

docker exec my-container sh -c "
  echo '=== /app contents ===' && ls -la /app
  echo '=== Disk usage ===' && df -h
  echo '=== Log files ===' && find /var/log -type f -name '*.log' | head -20
  echo '=== Config files ===' && find /etc -name '*.conf' 2>/dev/null | head -20
"

This runs a multi-step inspection in one exec call by wrapping the commands in sh -c.

Related content