diff --git a/docker/Dockerfile b/docker/Dockerfile
index 38e37e61b..706195587 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -9,6 +9,12 @@ WORKDIR /app
 RUN python -m venv /venv
 ENV PATH="/venv/bin:$PATH"
 
+# Permission kludges to support `docker run --user xxx`
+RUN chmod a+rwx /venv /venv/{bin,include,lib,lib/python3.1/site-packages}
+
+RUN mkdir       /.aider /.cache
+RUN chmod a+rwx /.aider /.cache
+
 # So git doesn't complain about unusual permissions
 RUN git config --system --add safe.directory /app
 
@@ -16,8 +22,8 @@ RUN git config --system --add safe.directory /app
 FROM base AS aider-full
 
 COPY . /tmp/aider
-RUN pip install --upgrade pip \
-    && pip install --no-cache-dir /tmp/aider[help,browser,playwright] \
+RUN /venv/bin/python -m pip install --upgrade --no-cache-dir pip \
+    && /venv/bin/python -m pip install --no-cache-dir /tmp/aider[help,browser,playwright] \
        --extra-index-url https://download.pytorch.org/whl/cpu \
     && rm -rf /tmp/aider
 
@@ -29,8 +35,8 @@ ENTRYPOINT ["/venv/bin/aider"]
 FROM base AS aider
 
 COPY . /tmp/aider
-RUN pip install --upgrade pip \
-    && pip install --no-cache-dir /tmp/aider \
+RUN /venv/bin/python -m pip install --upgrade --no-cache-dir pip \
+    && /venv/bin/python -m pip install --no-cache-dir /tmp/aider \
        --extra-index-url https://download.pytorch.org/whl/cpu \
     && rm -rf /tmp/aider