diff --git a/divingbell/templates/daemonset-apparmor.yaml b/divingbell/templates/daemonset-apparmor.yaml
index 6d673b0..35e82a6 100644
--- a/divingbell/templates/daemonset-apparmor.yaml
+++ b/divingbell/templates/daemonset-apparmor.yaml
@@ -49,7 +49,9 @@ spec:
           subPath: {{ $daemonset }}
           readOnly: true
         securityContext:
-          privileged: true
+          capabilities:
+            add:
+              - 'MAC_ADMIN'
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-apt.yaml b/divingbell/templates/daemonset-apt.yaml
index eeb929b..955688a 100644
--- a/divingbell/templates/daemonset-apt.yaml
+++ b/divingbell/templates/daemonset-apt.yaml
@@ -48,8 +48,6 @@ spec:
           mountPath: /tmp/{{ $daemonset }}.sh
           subPath: {{ $daemonset }}
           readOnly: true
-        securityContext:
-          privileged: true
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-ethtool.yaml b/divingbell/templates/daemonset-ethtool.yaml
index f58b5d1..2eadffb 100644
--- a/divingbell/templates/daemonset-ethtool.yaml
+++ b/divingbell/templates/daemonset-ethtool.yaml
@@ -51,7 +51,9 @@ spec:
           subPath: {{ $daemonset }}
           readOnly: true
         securityContext:
-          privileged: true
+          capabilities:
+            add:
+              - 'NET_ADMIN'
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-limits.yaml b/divingbell/templates/daemonset-limits.yaml
index fa7c767..5000203 100644
--- a/divingbell/templates/daemonset-limits.yaml
+++ b/divingbell/templates/daemonset-limits.yaml
@@ -50,8 +50,6 @@ spec:
           mountPath: /tmp/{{ $daemonset }}.sh
           subPath: {{ $daemonset }}
           readOnly: true
-        securityContext:
-          privileged: true
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-mounts.yaml b/divingbell/templates/daemonset-mounts.yaml
index cf7addc..0a05db0 100644
--- a/divingbell/templates/daemonset-mounts.yaml
+++ b/divingbell/templates/daemonset-mounts.yaml
@@ -50,8 +50,6 @@ spec:
           mountPath: /tmp/{{ $daemonset }}.sh
           subPath: {{ $daemonset }}
           readOnly: true
-        securityContext:
-          privileged: true
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-perm.yaml b/divingbell/templates/daemonset-perm.yaml
index 6c31c71..727d394 100644
--- a/divingbell/templates/daemonset-perm.yaml
+++ b/divingbell/templates/daemonset-perm.yaml
@@ -50,8 +50,6 @@ spec:
           mountPath: /tmp/{{ $daemonset }}.sh
           subPath: {{ $daemonset }}
           readOnly: true
-        securityContext:
-          privileged: true
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-sysctl.yaml b/divingbell/templates/daemonset-sysctl.yaml
index 7731302..7e5bc57 100644
--- a/divingbell/templates/daemonset-sysctl.yaml
+++ b/divingbell/templates/daemonset-sysctl.yaml
@@ -51,7 +51,11 @@ spec:
           subPath: {{ $daemonset }}
           readOnly: true
         securityContext:
-          privileged: true
+          capabilities:
+            add:
+              - 'SYS_PTRACE'
+              - 'SYS_ADMIN'
+              - 'SYS_RAWIO'
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath:
diff --git a/divingbell/templates/daemonset-uamlite.yaml b/divingbell/templates/daemonset-uamlite.yaml
index b298973..847ac50 100644
--- a/divingbell/templates/daemonset-uamlite.yaml
+++ b/divingbell/templates/daemonset-uamlite.yaml
@@ -50,8 +50,6 @@ spec:
           mountPath: /tmp/{{ $daemonset }}.sh
           subPath: {{ $daemonset }}
           readOnly: true
-        securityContext:
-          privileged: true
       volumes:
       - name: rootfs-{{ $daemonset }}
         hostPath: