Remove --privileged recommendation from entrypoint script message (#14027)

The use of the `--privileged` [flag](https://docs.docker.com/engine/reference/commandline/run/#options) is not recommended, as it does not adhere to the principle of least privilege.
2026-05-05 04:16:31 +02:00 · 2022-02-18 16:52:21 -05:00 · 2022-02-18 16:52:21 -05:00 · 64a8f9aeff
commit 64a8f9aeff
parent 8b1e041c61
2 changed files with 2 additions and 2 deletions
--- a/.release/docker/docker-entrypoint.sh
+++ b/.release/docker/docker-entrypoint.sh
@ -91,7 +91,7 @@ if [ "$1" = 'vault' ]; then

        # In the case vault has been started in a container without IPC_LOCK privileges
        if ! vault -version 1>/dev/null 2>/dev/null; then
-            >&2 echo "Couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --privileged or --cap-add IPC_LOCK"
+            >&2 echo "Couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --cap-add IPC_LOCK"
            setcap cap_ipc_lock=-ep $(readlink -f $(which vault))
        fi
    fi
--- a/scripts/docker/docker-entrypoint.sh
+++ b/scripts/docker/docker-entrypoint.sh
@ -91,7 +91,7 @@ if [ "$1" = 'vault' ]; then

        # In the case vault has been started in a container without IPC_LOCK privileges
        if ! vault -version 1>/dev/null 2>/dev/null; then
-            >&2 echo "Couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --privileged or --cap-add IPC_LOCK"
+            >&2 echo "Couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --cap-add IPC_LOCK"
            setcap cap_ipc_lock=-ep $(readlink -f $(which vault))
        fi
    fi