adjust clamav dockerfile in order to run as non-root user

Signed-off-by: Simon L <szaimen@e.mail.de>
2025-12-20 06:26:57 +00:00 · 2023-06-07 14:50:35 +02:00 · 2023-06-07 14:50:35 +02:00 · 69e7de3cc0
commit 69e7de3cc0
parent 56e3f27d6c
1 changed files with 7 additions and 2 deletions
--- a/Containers/clamav/Dockerfile
+++ b/Containers/clamav/Dockerfile
@ -6,8 +6,13 @@ COPY clamav.conf /tmp/clamav.conf
 RUN set -ex; \
    apk add --no-cache tzdata; \
    cat /tmp/clamav.conf | tee -a /etc/clamav/clamd.conf; \
-    rm /tmp/clamav.conf
+    rm /tmp/clamav.conf; \
+    mkdir -p /var/run/clamav /run/lock; \
+    chown -R clamav:clamav /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock; \
+    chmod 770 -R /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock

-# USER root is probably used
+VOLUME /var/lib/clamav
+
+USER clamav

 LABEL com.centurylinklabs.watchtower.monitor-only="true"