Is it possible to scan entire host filesystem from docker container?

I want to move our host server’s (Ubuntu) implementation of various host server management tools like clamav antivirus scanning and rsync (for server backup) into individual docker containers that each have their own cron jobs that control scheduling for the tool within its own container and the filesystem to be read/scanned is the entire host server’s filesystem (not its own container and not some other container).

Is this possible?

The host server has many other web apps running as docker containers on it that have various bind mount point volumes on the host. The host servers are always Ubuntu.

Is it possible that these host tool containers can mount the entire filesystem at “/”? Can this be done at all and/or if we have other container volumes that would mount under “/” at their respective mount points? Will this cause conflicts? If mounting the host at “/” is not possible, is there another way to read the filesystem of the host from within the container?

The goal is to be able to assemble a docker-compose configuration file that has all of the tools we always deploy to a host server all ready to go, configured and deployable using the same technology (docker) that we use already with all of our web apps so we don’t need to configure and setup the cron jobs on the host server itself.

Did you ever get a reply I am looking to do exactly the same thing (ClamAV as container with full FS access ONLY to clamd.

Even looks like there is a good candidate container. mkodockx/docker-clamav

Thanks for any inside. I know it somewhat goes again the namespace concept but there is a case for 1 or 2 trusted (and CHECKSUM validated apps) having system level privileges.