From 343802a5478dd779efdbe2ceda84b37a9cf6e890 Mon Sep 17 00:00:00 2001
From: rsundriyal <ravis069@gmail.com>
Date: Wed, 8 Nov 2023 13:57:00 -0500
Subject: [PATCH] Added feature to run clamav docker container as non-root
 user.

---
 src/manual/Installing/Docker.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/manual/Installing/Docker.md b/src/manual/Installing/Docker.md
index bfce908..1a09d54 100644
--- a/src/manual/Installing/Docker.md
+++ b/src/manual/Installing/Docker.md
@@ -179,6 +179,18 @@ To do so, you have two options:
 
 If you're thinking about running multiple containers that share a single database volume, [here are some notes on how this might work](#multiple-containers-sharing-the-same-mounted-databases).
 
+### Running ClamD using non-root user using --user and --entrypoint 
+
+You can run a container using a non-root user "clamav" with unprivileged entrypoint script.   
+ Just run:
+```bash
+docker run -it --rm \
+      --user "clamav"
+      --entrypoint /init-unprivileged
+      --name "clam_container_01" \
+    clamav/clamav:unstable_base
+```
+
 ## Running Clam(D)Scan
 
 Scanning files using `clamscan` or `clamdscan` is possible in various ways with Docker. This section briefly describes them, but the other sections of this document are best read before hand to better understand some of the concepts.