Some time ago, I had to modify one application which did not have a Dockerfile in its source code repository. Apparently, someone forgot to commit it. I could make the changes, but how do I deploy it?

Fortunately, I could download the previous docker image from the Docker repository and check what was inside. So, how do we check what is inside a Docker image?

As the first step, we must save a Docker image as a tar file.

docker save — output image.tar <image name>

Now, we can create a new directory and unpack the tar file into it.

mkdir extracted
tar -xf image.tar -C extracted

The directory contains directories for every layer in this docker image. In the case of my image, the content of the tar file looks like this:


Let’s look at the manifest.json file. It contains an array of docker layers listed in order of their creation.

"Config": "0e5176443be87e22a05ce7b9e28b623289f6722465fb9c3579c6b98c2419aa89.json",
"RepoTags": ["sbt:latest"],
"Layers": [

We see that the last layer is defined in the file “a1700ea4465fc48b04e06501ae0dd47a21bc95eddbf90fde6f9c63e38c819da0/layer.tar”. For demonstration purposes, I unpacked the image created while writing the blog post about building a project inside a Docker container.

Hence I expect that the last layer contains files modified while creating a new user. Let’s verify that.

In the directory, there is a layer.tar file which I must unpack. After unpacking it, I see that it contains an empty “/home/appuser” directory and some files in the “/etc” directory. Which files does it contain? Only the “/etc” files which have been modified in the last step of Dockerfile. In this case, the files containing information about Linux users.

> ls etc
group group- passwd passwd- shadow shadow-

We can repeat the same steps to see modifications done in every other layer of the docker image.

There is one more thing. At the end of the Dockerfile, I defined the default user. Where does it store this information?

To find this, we must once again look at the directory which contains the last Docker layer. There is a JSON file in it which configures the working directory and the user. In the case of my image, the configuration looks like this:

"config": {
"Hostname": "",
"Domainname": "",
"User": "appuser",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"Cmd": [
"ArgsEscaped": true,
"Image": "sha256:f48ad349b9aafb3e1512619fbf43307f5ab7a464c87b38fdaace51d788317aee",
"Volumes": null,
"WorkingDir": "/home/appuser",
"Entrypoint": null,
"OnBuild": [],
"Labels": null
Older post

What is wrong with tech conferences?

Why are tech conferences boring?

Newer post

How to scrape a single web page using Scrapy in Jupyter Notebook?

Scrapy Spiders and processing pipelines 101