diff --git a/services/dregistry/Dockerfile b/services/dregistry/Dockerfile
index 424e5383345954885c38eee4d9326de1d7045de3..5588df7d9eb7acd0d99d5c7c771fab3c51ac4e65 100755
--- a/services/dregistry/Dockerfile
+++ b/services/dregistry/Dockerfile
@@ -1 +1,19 @@
 FROM registry:2
+
+RUN set -ex && apk --no-cache add sudo bash
+
+#------------------------
+# Rosetta user
+#------------------------
+
+# Add group. We chose GID 65527 to try avoiding conflicts.
+RUN addgroup -g 65527 rosetta
+
+# Add user. We chose UID 65527 to try avoiding conflicts.
+RUN adduser rosetta -D -h /rosetta -u 65527 -G rosetta -s /bin/bash
+
+# Add rosetta user to sudoers
+RUN adduser rosetta wheel
+
+# Passwordless sudo
+RUN sed -e 's;^# \(%wheel.*NOPASSWD.*\);\1;g' -i /etc/sudoers
\ No newline at end of file
diff --git a/services/standaloneworker/Dockerfile b/services/standaloneworker/Dockerfile
index 11ceaceaf1455b0baca49b4dc7c2c4c41558da3f..1c66d6d2b71bc3082ae45bef3200ef9a412ef03a 100755
--- a/services/standaloneworker/Dockerfile
+++ b/services/standaloneworker/Dockerfile
@@ -24,11 +24,32 @@ RUN dnf install -y python wget
 # Install iputils (fpr ping) and openssh-clients (for scp)
 RUN dnf install -y iputils openssh-clients
 
-# TODO: Add the rosettta user
 
 # Copy registries.conf to allow insecure access to dregistry
 COPY registries.conf /etc/containers/registries.conf
 
+
+#------------------------
+# Rosetta user
+#------------------------
+
+# Add group. We chose GID 65527 to try avoiding conflicts.
+RUN groupadd -g 65527 rosetta
+
+# Add user. We chose UID 65527 to try avoiding conflicts.
+RUN useradd rosetta -d /rosetta -u 65527 -g 65527 -m -s /bin/bash
+
+# Add rosetta user to sudoers
+RUN usermod -aG wheel rosetta
+
+# Passwordless sudo
+RUN sed -e 's;^# \(%wheel.*NOPASSWD.*\);\1;g' -i /etc/sudoers
+
+# Authorized keys
+RUN mkdir /rosetta/.ssh
+COPY keys/id_rsa.pub /rosetta/.ssh/authorized_keys
+
+
 #----------------------
 # Entrypoint
 #----------------------