How to run commands in an instance#
Incus allows to run commands inside an instance using the Incus client, without needing to access the instance through the network.
For containers, this always works and is handled directly by Incus.
For virtual machines, the
incus-agent process must be running inside of the virtual machine for this to work.
To run commands inside your instance, use the
incus exec command.
By running a shell command (for example,
/bin/bash), you can get shell access to your instance.
Run commands inside your instance#
To run a single command from the terminal of the host machine, use the
incus exec command:
incus exec <instance_name> -- <command>
For example, enter the following command to update the package list on your container:
incus exec ubuntu-container -- apt-get update
Incus can execute commands either interactively or non-interactively.
In interactive mode, a pseudo-terminal device (PTS) is used to handle input (stdin) and output (stdout, stderr).
This mode is automatically selected by the CLI if connected to a terminal emulator (and not run from a script).
To force interactive mode, add either
--mode interactive to the command.
In non-interactive mode, pipes are allocated instead (one for each of stdin, stdout and stderr).
This method allows running a command and properly getting separate stdin, stdout and stderr as required by many scripts.
To force non-interactive mode, add either
--mode non-interactive to the command.
User, groups and working directory#
Incus has a policy not to read data from within the instances or trust anything that can be found in the instance.
Therefore, Incus does not parse files like
/etc/nsswitch.conf to handle user and group resolution.
As a result, Incus doesn’t know the home directory for the user or the supplementary groups the user is in.
By default, Incus runs commands as
root (UID 0) with the default group (GID 0) and the working directory set to
You can override the user, group and working directory by specifying absolute values through the following flags:
--user- the user ID for running the command
--group- the group ID for running the command
--cwd- the directory in which the command should run
You can pass environment variables to an exec session in the following two ways:
- Set environment variables as instance options
To set the
ENVVARenvironment variable to
VALUEin the instance, set the
environment.ENVVARinstance option (see
incus config set <instance_name> environment.ENVVAR=VALUE
- Pass environment variables to the exec command
To pass an environment variable to the exec command, use the
--envflag. For example:
incus exec <instance_name> --env ENVVAR=VALUE -- <command>
In addition, Incus sets the following default values (unless they are passed in one of the ways described above):
running as root (UID 0)
running as root (UID 0)
Get shell access to your instance#
If you want to run commands directly in your instance, run a shell command inside it.
For example, enter the following command (assuming that the
/bin/bash command exists in your instance):
incus exec <instance_name> -- /bin/bash
By default, you are logged in as the
If you want to log in as a different user, enter the following command:
incus exec <instance_name> -- su --login <user_name>
Depending on the operating system that you run in your instance, you might need to create a user first.
To exit the instance shell, enter
exit or press