diff --git a/oz-init/init.go b/oz-init/init.go
index 0457eca..1291fd3 100644
--- a/oz-init/init.go
+++ b/oz-init/init.go
@@ -500,7 +500,7 @@ func (st *initState) setupFilesystem(extra []oz.WhitelistItem) error {
 
 	fs := fs.NewFilesystem(st.config, st.log)
 
-	if err := setupRootfs(fs, st.config.UseFullDev); err != nil {
+	if err := setupRootfs(fs, st.uid, st.gid, st.config.UseFullDev); err != nil {
 		return err
 	}
 
diff --git a/oz-init/rootfs.go b/oz-init/rootfs.go
index b4822d6..38ff686 100644
--- a/oz-init/rootfs.go
+++ b/oz-init/rootfs.go
@@ -2,10 +2,13 @@ package ozinit
 
 import (
 	"fmt"
-	"github.com/subgraph/oz/fs"
+
 	"os"
 	"path"
+	"strconv"
 	"syscall"
+	
+	"github.com/subgraph/oz/fs"
 )
 
 var basicBindDirs = []string{
@@ -72,7 +75,7 @@ func _makedev(x, y int) int {
 	return (((x) << 8) | (y))
 }
 
-func setupRootfs(fsys *fs.Filesystem, useFullDev bool) error {
+func setupRootfs(fsys *fs.Filesystem, uid, gid uint32, useFullDev bool) error {
 	if err := os.MkdirAll(fsys.Root(), 0755); err != nil {
 		return fmt.Errorf("could not create rootfs path '%s': %v", fsys.Root(), err)
 	}
@@ -102,6 +105,14 @@ func setupRootfs(fsys *fs.Filesystem, useFullDev bool) error {
 		}
 	}
 
+	rup := path.Join(fsys.Root(), "/run/user", strconv.FormatUint(uint64(uid), 10))
+	if err := os.MkdirAll(rup, 0700); err != nil {
+		return fmt.Errorf("failed to create user rundir: %v", err)
+	}
+	if err := os.Chown(rup, int(uid), int(gid)); err != nil {
+		return fmt.Errorf("failed to chiwn user rundir: %v", err)
+	}
+
 	dp := path.Join(fsys.Root(), "dev")
 	if err := syscall.Mount("", dp, "tmpfs", syscall.MS_NOSUID|syscall.MS_NOEXEC, "mode=755"); err != nil {
 		return err