Adding and dropping priviliges (capabilities) when running a Docker container

Add capability:

docker run --cap-add MAC_ADMIN ubuntu

Drop capability:

docker run --cap-drop KILL ubuntu

Run the Docker container with all capabilities enabled:

docker run --privileged ubuntu