diff --git a/Dockerfile b/Dockerfile
index f08eae242c731a4bd4b8077ad2fd75dbf11d289f..5851d391ad746d614bc4655c9034fe4933e34609 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,15 @@
 ARG image
 FROM ${image}
-RUN if command -v apt-get; \
-    then \
-        apt-get update && apt-get install -y sudo; \
-    elif command -v yum; \
-    then \
-        yum install -y sudo; \
-    elif command -v apk; \
-    then \
-        apk add --update --no-cache sudo; \
-    elif command -v dnf; \
-    then \
-        dnf install -y sudo; \
-    fi
-ARG userland
-ADD [ "https://www.shore.co.il/blog/static/runas-${userland}", "/entrypoint" ]
-ENTRYPOINT [ "/bin/sh", "/entrypoint" ]
+RUN apk add --update --no-cache openssl || true && \
+    wget https://github.com/tianon/gosu/releases/download/1.10/gosu-amd64 || \
+    curl -fsSL https://github.com/tianon/gosu/releases/download/1.10/gosu-amd64 -o gosu-amd64 && \
+    install -o root -g root -m 755 gosu-amd64 /usr/local/bin/gosu && \
+    rm gosu-amd64 && \
+    wget https://www.shore.co.il/blog/static/runas || \
+    curl -fsSL https://www.shore.co.il/blog/static/runas -o runas && \
+    install -o root -g root -m 755 runas /entrypoint && \
+    rm runas
+ENTRYPOINT [ "/entrypoint" ]
 VOLUME /data
 WORKDIR /data
 ENV HOME /data
diff --git a/test.bats b/test.bats
index 94e8f73ca23440ac187d5f76b868ccc7e68b96a9..7ca89e29b8c89a40b3e4eaab956d03765b60fbc7 100755
--- a/test.bats
+++ b/test.bats
@@ -1,13 +1,23 @@
 #!/usr/bin/env bats
 
-_test () {
+_test_root () {
     name="${1:-$BATS_TEST_DESCRIPTION}"
     tag="${2:-latest}"
-    userland="${3:-gnu}"
-    docker build -t "runas-$name" --build-arg "image=$name:$tag" --build-arg "userland=$userland" ./
-    docker run --rm -v "$BATS_TEST_DIRNAME:/data" "runas-$name" touch "$name.touch"
-    test "$(id -u)" = "$(stat -c '%u' $name.touch)"
-    test "$(id -g)" = "$(stat -c '%g' $name.touch)"
+    docker build -t "runas-$name" --build-arg "image=$name:$tag" ./
+    docker run --rm -v "$BATS_TEST_DIRNAME:/data" "runas-$name" touch "$name.root"
+    test "$(id -u)" = "$(stat -c '%u' $name.root)"
+    test "$(id -g)" = "$(stat -c '%g' $name.root)"
+}
+
+_test_user () {
+    name="${1:-$BATS_TEST_DESCRIPTION}"
+    tag="${2:-latest}"
+    user="$(id -u)"
+    group="$(id -g)"
+    docker build -t "runas-$name" --build-arg "image=$name:$tag" ./
+    docker run -u "$user:$group" --rm -v "$BATS_TEST_DIRNAME:/data" "runas-$name" touch "$name.user"
+    test "$user" = "$(stat -c '%u' $name.user)"
+    test "$user" = "$(stat -c '%g' $name.user)"
 }
 
 teardown () {
@@ -15,8 +25,13 @@ teardown () {
     rm -f *.touch
 }
 
-@test "ubuntu" { _test; }
-@test "debian" { _test debian stable-slim; }
-@test "centos" { _test; }
-@test "fedora" { _test; }
-@test "alpine" { _test alpine latest busybox; }
+@test "ubuntu" { _test_root buildpack-deps bionic; }
+@test "debian" { _test_root buildpack-deps stretch; }
+@test "centos" { _test_root; }
+@test "fedora" { _test_root; }
+@test "alpine" { _test_root; }
+@test "ubuntu" { _test_user buildpack-deps bionic; }
+@test "debian" { _test_user buildpack-deps stretch; }
+@test "centos" { _test_user; }
+@test "fedora" { _test_user; }
+@test "alpine" { _test_user; }