From 69e7de3cc0d7b41ff0c33833d4e75f3ddfdcc8b0 Mon Sep 17 00:00:00 2001
From: Simon L <szaimen@e.mail.de>
Date: Wed, 7 Jun 2023 14:50:35 +0200
Subject: [PATCH] adjust clamav dockerfile in order to run as non-root user

Signed-off-by: Simon L <szaimen@e.mail.de>
---
 Containers/clamav/Dockerfile | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile
index f40f880e..e3daab5e 100644
--- a/Containers/clamav/Dockerfile
+++ b/Containers/clamav/Dockerfile
@@ -6,8 +6,13 @@ COPY clamav.conf /tmp/clamav.conf
 RUN set -ex; \
     apk add --no-cache tzdata; \
     cat /tmp/clamav.conf | tee -a /etc/clamav/clamd.conf; \
-    rm /tmp/clamav.conf
+    rm /tmp/clamav.conf; \
+    mkdir -p /var/run/clamav /run/lock; \
+    chown -R clamav:clamav /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock; \
+    chmod 770 -R /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock
 
-# USER root is probably used
+VOLUME /var/lib/clamav
+
+USER clamav
 
 LABEL com.centurylinklabs.watchtower.monitor-only="true"