diff --git a/cypress/plugins/docker/index.ts b/cypress/plugins/docker/index.ts
index 9f755da674..66bab0b853 100644
--- a/cypress/plugins/docker/index.ts
+++ b/cypress/plugins/docker/index.ts
@@ -36,12 +36,21 @@ export async function dockerRun(opts: {
     const params = opts.params ?? [];
 
     if (params?.includes("-v") && userInfo.uid >= 0) {
-        // On *nix we run the docker container as our uid:gid otherwise cleaning it up its media_store can be difficult
-        params.push("-u", `${userInfo.uid}:${userInfo.gid}`);
-
+        // Run the docker container as our uid:gid to prevent problems with permissions.
         if (await isPodman()) {
-            // keep the user ID if the docker command is actually podman
-            params.push("--userns=keep-id");
+            // Note: this setup is for podman rootless containers.
+
+            // In podman, run as root in the container, which maps to the current
+            // user on the host. This is probably the default since Synapse's
+            // Dockerfile doesn't specify, but we're being explicit here
+            // because it's important for the permissions to work.
+            params.push("-u", "0:0");
+
+            // Tell Synapse not to switch UID
+            params.push("-e", "UID=0");
+            params.push("-e", "GID=0");
+        } else {
+            params.push("-u", `${userInfo.uid}:${userInfo.gid}`);
         }
     }