diff --git a/Dockerfile b/Dockerfile
index be12bc018c03..60c5ecadbb1d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -225,6 +225,15 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
+# Warehouse runs as `nobody` with `/nonexistent` as `$HOME`, which causes
+# significant shpilkes for libraries that expect to use XDG dirs.
+# Placate everybody by making some directories for runtime use.
+# Note that this happens right after `/tmp/*` is blown away, because we want
+# to keep these.
+RUN mkdir -p /tmp/share /tmp/cache
+ENV XDG_DATA_HOME /tmp/share
+ENV XDG_CACHE_COME /tmp/cache
+
 # Copy the directory into the container, this is done last so that changes to
 # Warehouse itself require the least amount of layers being invalidated from
 # the cache. This is most important in development, but it also useful for