From node:16.10-stretch
WORKDIR /app`
COPY . .
RUN apt-get update && npm install && apt-get install clamav-daemon -y && \
freshclam && echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
echo "TCPAddr 127.0.0.1" >> /etc/clamav/clamd.js && \
mkdir /unscanned_files && chmod -R 0777 /unscanned_files
RUN useradd -u 10101 clamav_user
RUN chmod -R 0777 /app/bootstrap.sh
USER clamav_user
CMD ["sh", "bootstrap.sh"]
Now docker build is creating fine for non-root users but when we run this build it is giving a permission error. Error: Can't open /var/log/clamav/freshclam.log in append mode (check permission) mkdir: cannot create directory '/var/run/clamav' : Permission denied enter code here
what changes are required in this ClamAV docker file to run for non-root users without permission problems?? please help
From node:16.10-stretch
WORKDIR /app
COPY . .
RUN apt-get update && npm install && apt-get install clamav-daemon -y && \
freshclam && echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
echo "TCPAddr 127.0.0.1" >> /etc/clamav/clamd.js && \
mkdir /unscanned_files && chmod -R 0777 /unscanned_files
RUN useradd -u 10101 clamav_user
RUN chmod -R 0777 /app/bootstrap.sh
RUN mkdir -p /var/run/clamav && chown -R clamav_user /var/run/clamav
USER clamav_user
CMD ["sh", "bootstrap.sh"]
on a side note, as optimization you should rearrange dockerfile in following manner
From node:16.10-stretch
COPY package.json /tmp
RUN apt-get update && npm --prefix /tmp/ install && apt-get install clamav-daemon -y && \
freshclam && echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
echo "TCPAddr 127.0.0.1" >> /etc/clamav/clamd.js && \
mkdir /unscanned_files && chmod -R 0777 /unscanned_files
RUN useradd -u 10101 clamav_user
RUN mkdir -p /var/run/clamav && chown -R clamav_user /var/run/clamav
WORKDIR /app
COPY . .
RUN chmod -R 0777 /app/bootstrap.sh
USER clamav_user
CMD ["sh", "bootstrap.sh"]
This will avoid building layer RUN apt-get update && npm install && apt-get install clamav-daemon -y && \\ freshclam && echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \\ echo "TCPAddr 127.0.0.1" >> /etc/clamav/clamd.js && \\ mkdir /unscanned_files && chmod -R 0777 /unscanned_files
again as your source files are only changed
I am not sure what's in the bootstrap.sh you have, but i think the above changes will work for you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.