How to install tshark on Docker?

I want to install tshark on ubuntu17.04 on Docker for Mac with Dockerfile.
I am using docker-compose

In apt install tshark, there is a following prompt.
The prompt stopping install despite I typed yes.

  • how to find MAX memory from docker stats?
  • Dockerfile unexpected behaviour between RUN commands
  • during startup program exited normally. segmentation fault
  • How can JVMs running inside Bluemix container groups be monitored?
  • Connecting to a Remote EJB Module running in Docker
  • Docker - R creates multiple processes
  • How to install tshark in Dockerfile?

    Dumpcap can be installed in a way that allows members of the "wireshark" system
    group to capture packets. This is recommended over the alternative of running
    Wireshark/Tshark directly as root, because less of the code will run with
    elevated privileges.
    For more detailed information please see
    Enabling this feature may be a security risk, so it is disabled by default. If
    in doubt, it is suggested to leave it disabled.
    Should non-superusers be able to capture packets? [yes/no] yes

  • How to bind 1 port to another one inside a Docker container?
  • Flask app doesn't retrieve data from same database as unit tests
  • How to setting Core file size in Docker container?
  • Docker can't expose mesos port 5050
  • Docker windows with hyper-v example baffles me??? Why does the alpine example not work they way I thought it would?
  • How to use CloudBees Docker Custom Build Environment Plugin?
  • One Solution collect form web for “How to install tshark on Docker?”

    First, you generally have (to avoid having to type ‘yes’):

    RUN apt install -yq xxx


    • you can check out this tshark image, which does install dumcap; by compiling wireshark, which produced dumpcap.
    • the alternative (no compilation, only install) is this image

    The install command becomes in that last case:

    # Install build wireshark, need to run as root RUN apt-get update && \
        apt-get install -y wireshark && \
        groupadd wireshark && \
        usermod -aG wireshark developer && \
        setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap && \
        chgrp wireshark /usr/bin/dumpcap && \
        chmod 750 /usr/bin/dumpcap
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.