Disabling IPC_LOCK inside Dockerfile

[baoj-dfo]

In Dockerfile, I added line
RUN setcap cap_ipc_lock=+ep $(readlink -f $(which vault))

but still get couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --cap-add IPC_LOCK

I know "docker run --cap-add=IPC_LOCK -d --name=dev-vault vault", I want to be inside Dockerfile.

[encbladexp]

A Dockerfile could not add capabilities, this is by design, and nothing vault could change. Dockerfile influences the Image, but capabilities are a runtime/container thing. You want something that is technical not possible.