Jay Taylor's notes

back to listing index

Extract file from docker image? - Unix & Linux Stack Exchange

[web search]
Original source (unix.stackexchange.com)
Tags: docker unix.stackexchange.com
Clipped on: 2022-08-17

  1. Home
    1. Public
    2. Questions
    3. Tags
    4. Users
    5. Companies
    6. Unanswered
    1. Teams
      Stack Overflow for Teams – Start collaborating and sharing organizational knowledge. Create a free Team Why Teams?
Asked 5 years, 8 months ago
Modified 4 months ago
Viewed 67k times

I'd like to extract a file from a Docker image without having to run the image.

The docker save option is not currrently a viable option for me as it's saving too huge of a file just to un-tar a specific file.

Jeff Schaller
63.8k3333 gold badges104104 silver badges232232 bronze badges
asked Dec 20, 2016 at 12:19
91211 gold badge66 silver badges1010 bronze badges

4 Answers


You can extract files from an image with the following commands:

container_id=$(docker create "$image")
docker cp "$container_id:$source_path" "$destination_path"
docker rm "$container_id"

According to the docker create documentation, this doesn't run the container:

The docker create command creates a writeable container layer over the specified image and prepares it for running the specified command. The container ID is then printed to STDOUT. This is similar to docker run -d except the container is never started. You can then use the docker start <container_id> command to start the container at any point.

For reference (my previous answer), a less efficient way of extracting a file from an image is the following:

docker run some_image cat "$file_path" > "$output_path"
answered Jun 9, 2017 at 15:26
1,45111 gold badge1010 silver badges77 bronze badges
  • 5
    You might want to over-ride the entrypoint. docker run --entrypoint /bin/sh my_image -c /bin/cat some_file
    – Andrew
    Jun 6, 2018 at 23:52
  • 3
    This runs the image, which is specifically what I didn't want to do as stated in my question.
    – BlakBat
    Mar 26, 2019 at 10:49
  • 1
    Ah, that's a good point. I agree my current answer isn't satisfactory then.
    – bbc
    Mar 26, 2019 at 17:19
  • 2
    @BlakBat Does this updated answer work for you? I guess I should have created a new answer but it's done now.
    – bbc
    Apr 16, 2019 at 12:33
  • 2
    @bbc This updated answer does in fact not start a container (the crux of the question), and does not require to be root.
    – BlakBat
    Apr 20, 2019 at 8:17

None of the above worked for me. The complete working command is:

docker run --rm --entrypoint /bin/sh image_name -c "cat /path/filename" > output_filename

Without quotes cat is passed without filename, so it does not know what to show. Also it is a good idea to delete the container after command is finished.

34933 silver badges1010 bronze badges
answered Oct 16, 2018 at 9:34
18911 silver badge22 bronze badges
  • The command you're referring to will only work depending on the docker and how correctly ENTRYPOINT / CMD was set in the Dockerfile; this has nothing to do with quoting. You also say to delete the container, yet you specify --rm. Lastly, when I had posted my question I specified "without having to run the image" and no answers were a solution taking this into account.
    – BlakBat
    Oct 21, 2018 at 15:41
  • 1
    Regardless which CMD and ENTRYPOINT were set in Dockerfile I override both, so it would work always (on Linux of course). What do you mean by "depending on the docker"? Settings, version, env, what? You question is not correct because images cannot be executed, only containers can. I think there is no correct answer, you have to deal with many files or create a temporary container. --rm removes the temporary container, other's answers leave some junk on your disk.
    – sekrett
    Oct 22, 2018 at 10:26
  • Can simplify quoting by skipping the shell: docker run --rm --entrypoint /bin/cat image_name /path/filename > output_filename Jun 25, 2020 at 21:21
  • This answer works, but unfortunately, I came here after figuring out another way, might help someone it's a bit shorter too... docker run --entrypoint /bin/cat image_name /path/filename > filename
    – lauksas
    Sep 9, 2021 at 17:03

I believe that Docker containers store cached files created in the following directory for Ubuntu:


From there you should be able to access the file system and retrieve your file(s).

G-Man Says 'Reinstate Monica'
20.9k2525 gold badges6060 silver badges113113 bronze badges
answered Dec 20, 2016 at 15:11
4,50999 gold badges3838 silver badges6464 bronze badges
  • Nope. That directory only contains layersize and json, and is also not user readable (even if user is in docker group). /var/lib/docker/aufs/diff will contain the file that I look for (but is categorized not by container id) and is also not readable.
    – BlakBat
    Dec 20, 2016 at 16:24
  • Give me a few and I will look it up. I know for a fact there is a way to retreive the files without entering the container or running it.
    – ryekayo
    Dec 20, 2016 at 18:18
  • By not readable, how does it show? I have found an example where you can pull text files from the containers by going to the /var/lib/docker/aufs/diff/* directory
    – ryekayo
    Dec 20, 2016 at 18:49
  • My mistake. User can access /var/lib/docker/aufs (but not all other directories in /var/lib/docker/)
    – BlakBat
    Dec 21, 2016 at 9:46
  • Can you access as root?
    – ryekayo
    Dec 21, 2016 at 14:17

If storing the full output of docker save isn't an option, you could use pipelines to extract just the needed file from it.

Unfortunately, because the output is a "tar of tars", it can be a slightly iterative process.

What I did when I needed to extract a file just now was:

  1. Determine which version of the image the file you are interested in changed most recently (how you do this probably depends on your image), and the date it was created / saved

  2. Get the full table of contents from the output of the docker save command with:

    docker save IMAGE_NAME | tar -tvf -

  3. Find the layer.tar file(s) in the output of that command that match the date of the image that you determined in step 1. (you can add | grep layer.tar to just show those files)

  4. Extract that layer.tar file to standard out, and get the table of contents of it:

    docker save IMAGE_NAME | tar -xf - -O CHECKSUM_FROM_LIST/layer.tar | tar -tvf -

  5. Verify the file you want is listed, and extract it once you find the name:

    docker save IMAGE_NAME | tar -xf - -O CHECKSUM_FROM_LIST/layer.tar | tar -xf - PATH/TO/YOUR/FILE

If there are more than one layer.tar files matching the date you are looking for in step 2/3, you may need to repeat step 4 for each one of them until you find the right one

Replace the text in capitals in the commands above with the correct image names, checksums and filenames for your case.

answered Mar 11, 2019 at 10:04
Michael Firth
33122 silver badges77 bronze badges

Your Answer

Community wiki

Not the answer you're looking for? Browse other questions tagged or ask your own question.

Hot Network Questions

Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of The Open Group.

This site is not affiliated with Linus Torvalds or The Open Group in any way.