What are .dockerenv and .dockerinit?
Matthew Martinez 
What are the .dockerenv and .dockerinit files in the root of my container's filesystem? How are they used? Is there any documentation on these files?
root@18ceee4f9041:/# ls -al /
total 72
drwxr-xr-x. 21 root root 4096 Jan 4 20:45 .
drwxr-xr-x. 21 root root 4096 Jan 4 20:45 ..
-rwxr-xr-x. 1 root root 0 Jan 4 20:45 .dockerenv
-rwxr-xr-x. 1 root root 0 Jan 4 20:45 .dockerinitOther people have asked similar questions, but I can find no answers:
- .dockerinit / .dockerenv (9/12/2015)
I'm asking because I'm working on a bug in my docker-executing tool called scuba. You can pass --user to docker run to set the UID of the process in a container, but it has no entry in /etc/passwd, so I was investigating options for creating the user during container startup.
(Cross-posted at Stack Overflow, where it may be closed.)
2 Answers
AFAIK there is no official documentation about them.
Those files where only used by the old and deprecated LXC execution driver. They were hacks required by docker when using LXC to run the containers.
The .dockerinit was a sort of init process. It was the binary run by the lxc-attach command called when starting a container. It was the responsible to setup the environment, the user and the working directory and then run your entrypoint/cmd.
The .dockerenv contained the environment variables defined inside the container. They were used to setup the environment variables properly after the lxc-attach. This file was read by the .dockerinit process.
The new libcontainer/runc driver (the driver enabled by default) does not use these files. You will find them empty in your containers. In fact, the LXC support has been recently removed from the docker development branch.
So maybe these files will eventually disappear in the future, although currently are widely used by applications to detect the presence of docker.
8In order to find out, whether their code is running inside a docker environment, it was popular to test for the existence of either the /.dockerinit or the /.dockerenv file.
Since the dockerinit file has been removed in newer versions, the best idea should now be to check the existence of the dockerenv file.
- Quoting another source:
I'm not sure how official
/.dockerenvis -- it's pretty much undocumented, but docker/libnetwork#815 seems to imply that it'll be longer-lived
A sample implementation of such a check from our code:
if ! [ -f /.dockerenv ] ; then echo "Not running inside docker, exiting to avoid data damage." >&2 exit 1
fi
