How to install tshark on Docker?

I want to install tshark on ubuntu17.04 on Docker for Mac with Dockerfile.
I am using docker-compose

In apt install tshark, there is a following prompt.
The prompt stopping install despite I typed yes.

  • Ansible docker_container gives “Error getting network id”
  • What is Docker Cloud local url?
  • Namenode runs on InternalIP:8020 in cloudera docker and causes applications to fail
  • Error when building a Docker container
  • How to access environment variables set by docker run from monit controlled processes inside the container
  • Docker service with ulimit
  • How to install tshark in Dockerfile?

    Dumpcap can be installed in a way that allows members of the "wireshark" system
    group to capture packets. This is recommended over the alternative of running
    Wireshark/Tshark directly as root, because less of the code will run with
    elevated privileges.
    For more detailed information please see
    Enabling this feature may be a security risk, so it is disabled by default. If
    in doubt, it is suggested to leave it disabled.
    Should non-superusers be able to capture packets? [yes/no] yes

  • What are the disadvantages of a Docker container using the host network?
  • Find out to which removed docker container a volume belonged to
  • Links in docker-compose are not resolved
  • How to forward Docker for Mac to X11?
  • How to set hostname in global service in Docker Swarm
  • Sending spark-submit inside a docker container to a YARN cluster
  • One Solution collect form web for “How to install tshark on Docker?”

    First, you generally have (to avoid having to type ‘yes’):

    RUN apt install -yq xxx


    • you can check out this tshark image, which does install dumcap; by compiling wireshark, which produced dumpcap.
    • the alternative (no compilation, only install) is this image

    The install command becomes in that last case:

    # Install build wireshark, need to run as root RUN apt-get update && \
        apt-get install -y wireshark && \
        groupadd wireshark && \
        usermod -aG wireshark developer && \
        setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap && \
        chgrp wireshark /usr/bin/dumpcap && \
        chmod 750 /usr/bin/dumpcap
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.