BretFisher · June 23, 2025 11:39 · Jan 19, 2021 · Jan 18, 2021 · Jan 18, 2021 · Jan 18, 2021
diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,6 +1,6 @@
 ## 2021 Update: Easiest option is Justin's repo and image
 
-Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Moby VM. **This also works for Docker for Windows for getting in Moby Linux VM** (doesn't work for Windows Containers).
+Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Docker VM. **This also works for Docker for Windows for getting in Moby Linux VM** (doesn't work for Windows Containers).
 
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
 

diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -24,6 +24,6 @@ Phil Estes (Docker Maintainer) says:
 `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
 and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
 
-### Option 3 (easist): run nsenter from a pre-built image. From Justin Cormack (Docker Maintainer)
+## Option 3 (easist): run nsenter from a pre-built image. From Justin Cormack (Docker Maintainer)
 
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,4 +1,4 @@
-## 2018 Update: Easiest option is Justin's repo and image
+## 2021 Update: Easiest option is Justin's repo and image
 
 Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Moby VM. **This also works for Docker for Windows for getting in Moby Linux VM** (doesn't work for Windows Containers).
 
@@ -8,47 +8,22 @@ more info: https://github.com/justincormack/nsenter1
 
 ---
 
-## Option 1: use Screen (not as easy as nsenter)
+## Option 1 (hard way): use netcat
 
-Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
-to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
-the job done. Using the ctrl- options prevents garbled text on reconnect.
+`nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock`
 
-connect to tty on Docker for Mac VM
-
-`screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty`
-
-disconnect that session but leave it open in background
-
-`Ctrl-a d`
-
-list that session that's still running in background
-
-`screen -ls`
-
-reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
-
-`screen -r`
-
-kill this session (window) and exit
-
-`Ctrl-a k`
+Exit the shell with `exit`.
 
 ## Option 2 (easier): Use nsenter in priviledged container
 
 `docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh`
 
 Phil Estes (Docker Maintainer) says:
 
-> it’s running a container (using the debian image..nothing special about it other than it apparently has 
+> it’s running a container (using the debian image. nothing special about it other than it apparently has 
 `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
 and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
 
-### Or even easier, from Justin Cormack (Docker Maintainer)
+### Option 3 (easist): run nsenter from a pre-built image. From Justin Cormack (Docker Maintainer)
 
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
-
-Justin Says: 
-
-> Personally I mostly use screen, but then I also use the above too. That's my minimal nsenter image.
-
diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -16,7 +16,7 @@ the job done. Using the ctrl- options prevents garbled text on reconnect.
 
 connect to tty on Docker for Mac VM
 
-`screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty`
+`screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty`
 
 disconnect that session but leave it open in background
 

diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,6 +1,6 @@
 ## 2018 Update: Easiest option is Justin's repo and image
 
-Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Moby VM.
+Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Moby VM. **This also works for Docker for Windows for getting in Moby Linux VM** (doesn't work for Windows Containers).
 
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
 

diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,5 +1,7 @@
 ## 2018 Update: Easiest option is Justin's repo and image
 
+Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Moby VM.
+
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
 
 more info: https://github.com/justincormack/nsenter1

diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -42,9 +42,11 @@ Phil Estes (Docker Maintainer) says:
 `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
 and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
 
-## Or from Justin Cormack (Docker Maintainer)
+### Or even easier, from Justin Cormack (Docker Maintainer)
 
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
 
+Justin Says: 
+
 > Personally I mostly use screen, but then I also use the above too. That's my minimal nsenter image.
 
diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,39 +1,50 @@
 ## 2018 Update: Easiest option is Justin's repo and image
+
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
+
 more info: https://github.com/justincormack/nsenter1
 
 ---
 
 ## Option 1: use Screen (not as easy as nsenter)
+
 Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
 to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
 the job done. Using the ctrl- options prevents garbled text on reconnect.
 
 connect to tty on Docker for Mac VM
+
 `screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty`
 
 disconnect that session but leave it open in background
+
 `Ctrl-a d`
 
 list that session that's still running in background
+
 `screen -ls`
 
 reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
+
 `screen -r`
 
 kill this session (window) and exit
+
 `Ctrl-a k`
 
 ## Option 2 (easier): Use nsenter in priviledged container
 
 `docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh`
-Phil Estes (Docker Maintainer) says this does:
+
+Phil Estes (Docker Maintainer) says:
+
 > it’s running a container (using the debian image..nothing special about it other than it apparently has 
 `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
 and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
 
 ## Or from Justin Cormack (Docker Maintainer)
 
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
+
 > Personally I mostly use screen, but then I also use the above too. That's my minimal nsenter image.
 
diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,39 +1,39 @@
 ## 2018 Update: Easiest option is Justin's repo and image
-====================
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
 more info: https://github.com/justincormack/nsenter1
 
 ---
 
-## Option 1: use Screen (not easy like nsenter)
+## Option 1: use Screen (not as easy as nsenter)
 Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
 to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
 the job done. Using the ctrl- options prevents garbled text on reconnect.
 
-### connect to tty on Docker for Mac VM
+connect to tty on Docker for Mac VM
 `screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty`
 
-### disconnect that session but leave it open in background
+disconnect that session but leave it open in background
 `Ctrl-a d`
 
-### list that session that's still running in background
+list that session that's still running in background
 `screen -ls`
 
-### reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
+reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
 `screen -r`
 
-### kill this session (window) and exit
+kill this session (window) and exit
 `Ctrl-a k`
 
 ## Option 2 (easier): Use nsenter in priviledged container
 
-other option to connect w/o screen
 `docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh`
 Phil Estes (Docker Maintainer) says this does:
 > it’s running a container (using the debian image..nothing special about it other than it apparently has 
 `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
 and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
 
 ## Or from Justin Cormack (Docker Maintainer)
-> Personally I mostly use screen, but then I also use the below too. That's my minimal nsenter image
+
 `docker run -it --rm --privileged --pid=host justincormack/nsenter1`
+> Personally I mostly use screen, but then I also use the above too. That's my minimal nsenter image.
+
diff --git a/docker-for-mac.md b/docker-for-mac.md
@@ -1,44 +1,39 @@
 ## 2018 Update: Easiest option is Justin's repo and image
 ====================
-docker run -it --rm --privileged --pid=host justincormack/nsenter1
-# more info: https://github.com/justincormack/nsenter1
+`docker run -it --rm --privileged --pid=host justincormack/nsenter1`
+more info: https://github.com/justincormack/nsenter1
 
+---
 
-#
 ## Option 1: use Screen (not easy like nsenter)
-#
-# Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
-# to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
-# the job done. Using the ctrl- options prevents garbled text on reconnect.
+Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
+to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
+the job done. Using the ctrl- options prevents garbled text on reconnect.
 
-# connect to tty on Docker for Mac VM
-screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
+### connect to tty on Docker for Mac VM
+`screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty`
 
-# disconnect that session but leave it open in background
-Ctrl-a d
+### disconnect that session but leave it open in background
+`Ctrl-a d`
 
-# list that session that's still running in background
-screen -ls
+### list that session that's still running in background
+`screen -ls`
 
-# reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
-screen -r
-
-# kill this session (window) and exit
-Ctrl-a k
+### reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
+`screen -r`
 
+### kill this session (window) and exit
+`Ctrl-a k`
 
 ## Option 2 (easier): Use nsenter in priviledged container
 
-# other option to connect w/o screen
-docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
-# Phil Estes (Docker Maintainer) says this does:
-# it’s running a container (using the debian image..nothing special about it other than it apparently has 
-# `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
-# and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
-
-# --or--
+other option to connect w/o screen
+`docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh`
+Phil Estes (Docker Maintainer) says this does:
+> it’s running a container (using the debian image..nothing special about it other than it apparently has 
+`nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
+and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
 
-# from Justin Cormack (Docker Maintainer)
-# Personally I mostly use screen, but then I also use 
-docker run -it --rm --privileged --pid=host justincormack/nsenter1
-# too. That's my minimal nsenter image
+## Or from Justin Cormack (Docker Maintainer)
+> Personally I mostly use screen, but then I also use the below too. That's my minimal nsenter image
+`docker run -it --rm --privileged --pid=host justincormack/nsenter1`
diff --git a/screen-docker-for-mac.sh → docker-for-mac.md b/screen-docker-for-mac.sh → docker-for-mac.md
@@ -9,7 +9,7 @@ docker run -it --rm --privileged --pid=host justincormack/nsenter1
 #
 # Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
 # to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
-# the job done.
+# the job done. Using the ctrl- options prevents garbled text on reconnect.
 
 # connect to tty on Docker for Mac VM
 screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty

diff --git a/screen-docker-for-mac.sh b/screen-docker-for-mac.sh
@@ -1,3 +1,16 @@
+## 2018 Update: Easiest option is Justin's repo and image
+====================
+docker run -it --rm --privileged --pid=host justincormack/nsenter1
+# more info: https://github.com/justincormack/nsenter1
+
+
+#
+## Option 1: use Screen (not easy like nsenter)
+#
+# Note this isn't a list of commands to run in order. The first one gets you in the VM (hit return twice 
+# to see a prompt). Then other commands are for managing that connection. Not a great CLI expirence but gets
+# the job done.
+
 # connect to tty on Docker for Mac VM
 screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
 
@@ -13,14 +26,19 @@ screen -r
 # kill this session (window) and exit
 Ctrl-a k
 
+
+## Option 2 (easier): Use nsenter in priviledged container
+
 # other option to connect w/o screen
 docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
-# Phil Estes says this does:
-# it’s running a container (using the debian image..nothing special about it other than it apparently has `nsenter` installed)
-# , with pid=host (so you are in the process space of the mini VM running Docker4Mac), and then nsenter says “whatever is pid 1, 
-# use that as context, and enter all the namespaces of that, and run a shell there"
+# Phil Estes (Docker Maintainer) says this does:
+# it’s running a container (using the debian image..nothing special about it other than it apparently has 
+# `nsenter` installed), with pid=host (so you are in the process space of the mini VM running Docker4Mac), 
+# and then nsenter says “whatever is pid 1, use that as context, and enter all the namespaces of that, and run a shell there"
+
+# --or--
 
-# from Justin Cormack
+# from Justin Cormack (Docker Maintainer)
 # Personally I mostly use screen, but then I also use 
-docker run --privileged --pid=host justincormack/nsenter1
+docker run -it --rm --privileged --pid=host justincormack/nsenter1
 # too. That's my minimal nsenter image
diff --git a/screen-docker-for-mac.sh b/screen-docker-for-mac.sh
@@ -19,3 +19,8 @@ docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
 # it’s running a container (using the debian image..nothing special about it other than it apparently has `nsenter` installed)
 # , with pid=host (so you are in the process space of the mini VM running Docker4Mac), and then nsenter says “whatever is pid 1, 
 # use that as context, and enter all the namespaces of that, and run a shell there"
+
+# from Justin Cormack
+# Personally I mostly use screen, but then I also use 
+docker run --privileged --pid=host justincormack/nsenter1
+# too. That's my minimal nsenter image
diff --git a/screen-docker-for-mac.md → screen-docker-for-mac.sh b/screen-docker-for-mac.md → screen-docker-for-mac.sh
diff --git a/screen-docker-for-mac.md b/screen-docker-for-mac.md
@@ -0,0 +1,21 @@
+# connect to tty on Docker for Mac VM
+screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
+
+# disconnect that session but leave it open in background
+Ctrl-a d
+
+# list that session that's still running in background
+screen -ls
+
+# reconnect to that session (don't open a new one, that won't work and 2nd tty will give you garbled screen)
+screen -r
+
+# kill this session (window) and exit
+Ctrl-a k
+
+# other option to connect w/o screen
+docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
+# Phil Estes says this does:
+# it’s running a container (using the debian image..nothing special about it other than it apparently has `nsenter` installed)
+# , with pid=host (so you are in the process space of the mini VM running Docker4Mac), and then nsenter says “whatever is pid 1, 
+# use that as context, and enter all the namespaces of that, and run a shell there"