diff --git a/components/engine/daemon/execdriver/lxc/driver.go b/components/engine/daemon/execdriver/lxc/driver.go
index 1d315ca3b7..e7aaaf7ec7 100644
--- a/components/engine/daemon/execdriver/lxc/driver.go
+++ b/components/engine/daemon/execdriver/lxc/driver.go
@@ -123,11 +123,11 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba
 	}
 
 	if len(c.CapAdd) > 0 {
-		params = append(params, "-cap-add", strings.Join(c.CapAdd, ","))
+		params = append(params, fmt.Sprintf("-cap-add=%s", strings.Join(c.CapAdd, ":")))
 	}
 
 	if len(c.CapDrop) > 0 {
-		params = append(params, "-cap-drop", strings.Join(c.CapDrop, ","))
+		params = append(params, fmt.Sprintf("-cap-drop=%s", strings.Join(c.CapDrop, ":")))
 	}
 
 	params = append(params, "--", c.Entrypoint)
diff --git a/components/engine/daemon/execdriver/lxc/lxc_init_linux.go b/components/engine/daemon/execdriver/lxc/lxc_init_linux.go
index de7a6385a0..0eee2c4881 100644
--- a/components/engine/daemon/execdriver/lxc/lxc_init_linux.go
+++ b/components/engine/daemon/execdriver/lxc/lxc_init_linux.go
@@ -55,10 +55,10 @@ func finalizeNamespace(args *execdriver.InitArgs) error {
 		)
 
 		if args.CapAdd != "" {
-			adds = strings.Split(args.CapAdd, ",")
+			adds = strings.Split(args.CapAdd, ":")
 		}
 		if args.CapDrop != "" {
-			drops = strings.Split(args.CapDrop, ",")
+			drops = strings.Split(args.CapDrop, ":")
 		}
 
 		caps, err := execdriver.TweakCapabilities(container.Capabilities, adds, drops)