Merge pull request #2701 from nextcloud/enh/2689/run-clamav-non-root

adjust clamav dockerfile in order to run as non-root user

Containers/clamav/Dockerfile

@@ -6,8 +6,13 @@ COPY clamav.conf /tmp/clamav.conf
 RUN set -ex; \
     apk add --no-cache tzdata; \
     cat /tmp/clamav.conf | tee -a /etc/clamav/clamd.conf; \
-    rm /tmp/clamav.conf
+    rm /tmp/clamav.conf; \
+    mkdir -p /var/run/clamav /run/lock; \
+    chown -R clamav:clamav /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock; \
+    chmod 770 -R /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock
 
-# USER root is probably used
+VOLUME /var/lib/clamav
+
+USER clamav
 
 LABEL com.centurylinklabs.watchtower.monitor-only="true"