diff --git a/toolbox b/toolbox
index 654f2248a..ec43496ea 100755
--- a/toolbox
+++ b/toolbox
@@ -382,6 +382,7 @@ copy_etc_profile_d_toolbox_to_container()
     echo "$base_toolbox_command: looking for /etc/profile.d/toolbox.sh in container $toolbox_container" >&3
 
     if $prefix_sudo podman exec \
+               --user "$USER" \
                "$container" \
                sh -c 'mount | grep /etc/profile.d/toolbox.sh >/dev/null 2>/dev/null' 2>&3; then
         echo "$base_toolbox_command: /etc/profile.d/toolbox.sh already mounted in container $toolbox_container" >&3
@@ -936,7 +937,7 @@ create()
             --uidmap "$user_id_real":0:1 \
             --uidmap 0:1:"$user_id_real" \
             --uidmap "$uid_plus_one":"$uid_plus_one":"$max_minus_uid" \
-            --user "$USER" \
+            --user root:root \
             $kcm_socket_bind \
             $toolbox_path_bind \
             $toolbox_profile_bind \
@@ -1094,7 +1095,10 @@ run()
     echo "$base_toolbox_command: looking for $program in container $toolbox_container" >&3
 
     # shellcheck disable=SC2016
-    if ! $prefix_sudo podman exec "$toolbox_container" sh -c 'command -v "$1"' sh "$program" >/dev/null 2>&3; then
+    if ! $prefix_sudo podman exec \
+                 --user "$USER" \
+                 "$toolbox_container" \
+                 sh -c 'command -v "$1"' sh "$program" >/dev/null 2>&3; then
         if $fallback_to_bash; then
             echo "$base_toolbox_command: $program not found in $toolbox_container; using /bin/bash instead" >&3
             program=/bin/bash
@@ -1116,6 +1120,7 @@ run()
     $prefix_sudo podman exec \
             --interactive \
             --tty \
+            --user "$USER" \
             $set_environment \
             "$toolbox_container" \
             capsh --caps="" -- -c 'cd "$1"; shift; exec "$@"' /bin/sh "$PWD" "$program" "$@" 2>&3