diff --git a/pkg/acceptance/compose/gss/docker-compose-python.yml b/pkg/acceptance/compose/gss/docker-compose-python.yml
index d07d26200131..99d899a178c0 100644
--- a/pkg/acceptance/compose/gss/docker-compose-python.yml
+++ b/pkg/acceptance/compose/gss/docker-compose-python.yml
@@ -18,6 +18,7 @@ services:
       - ../../../../cockroach-linux-2.6.32-gnu-amd64:/cockroach/cockroach
   python:
     build: ./python
+    user: "${UID}:${GID}"
     depends_on:
       - cockroach
     command: /start.sh
diff --git a/pkg/acceptance/compose/gss/docker-compose.yml b/pkg/acceptance/compose/gss/docker-compose.yml
index ca306ab03fef..55efb57dc1d9 100644
--- a/pkg/acceptance/compose/gss/docker-compose.yml
+++ b/pkg/acceptance/compose/gss/docker-compose.yml
@@ -18,6 +18,7 @@ services:
       - ../../../../cockroach-linux-2.6.32-gnu-amd64:/cockroach/cockroach
   psql:
     build: ./psql
+    user: "${UID}:${GID}"
     depends_on:
       - cockroach
     environment:
diff --git a/pkg/acceptance/compose/gss/psql/Dockerfile b/pkg/acceptance/compose/gss/psql/Dockerfile
index 963197535989..7f6c47205e9d 100644
--- a/pkg/acceptance/compose/gss/psql/Dockerfile
+++ b/pkg/acceptance/compose/gss/psql/Dockerfile
@@ -10,8 +10,15 @@ FROM postgres:11
 
 RUN apt-get update && \
   DEBIAN_FRONTEND=noninteractive apt-get install --yes --no-install-recommends \
+  ca-certificates \
+  curl \
   krb5-user
 
 COPY --from=builder /workspace/gss.test .
 
-ENTRYPOINT ["/start.sh"]
+RUN curl -fsSL "https://github.com/benesch/autouseradd/releases/download/1.3.0/autouseradd-1.3.0-amd64.tar.gz" -o autouseradd.tar.gz \
+  && echo "442dae58b727a79f81368127fac141d7f95501ffa05f8c48943d27c4e807deb7 autouseradd.tar.gz" | sha256sum -c - \
+  && tar xzf autouseradd.tar.gz --strip-components 1 \
+  && rm autouseradd.tar.gz
+
+ENTRYPOINT ["autouseradd", "--user", "roach", "--no-create-home", "/start.sh"]
diff --git a/pkg/acceptance/compose/gss/psql/gss_test.go b/pkg/acceptance/compose/gss/psql/gss_test.go
index 25dc6f2bd278..601020501766 100644
--- a/pkg/acceptance/compose/gss/psql/gss_test.go
+++ b/pkg/acceptance/compose/gss/psql/gss_test.go
@@ -35,7 +35,7 @@ func init() {
 }
 
 func TestGSS(t *testing.T) {
-	connector, err := pq.NewConnector("user=root sslmode=require")
+	connector, err := pq.NewConnector("user=root password=rootpw sslmode=require")
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/pkg/acceptance/compose/gss/psql/start.sh b/pkg/acceptance/compose/gss/psql/start.sh
index c143406bf29c..dc325ab5137d 100755
--- a/pkg/acceptance/compose/gss/psql/start.sh
+++ b/pkg/acceptance/compose/gss/psql/start.sh
@@ -4,4 +4,11 @@ set -e
 
 echo psql | kinit tester@MY.EX
 
+echo "Preparing SQL user ahead of test"
+env \
+    PGSSLKEY=/certs/client.root.key \
+    PGSSLCERT=/certs/client.root.crt \
+    psql -U root -c "ALTER USER root WITH PASSWORD rootpw"
+
+echo "Running test"
 ./gss.test
diff --git a/pkg/acceptance/compose/gss/python/Dockerfile b/pkg/acceptance/compose/gss/python/Dockerfile
index ea206b83e9d2..d53feb55e416 100644
--- a/pkg/acceptance/compose/gss/python/Dockerfile
+++ b/pkg/acceptance/compose/gss/python/Dockerfile
@@ -5,11 +5,19 @@ RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-k
   echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" | tee  /etc/apt/sources.list.d/pgdg.list && \
   apt-get update && \
   DEBIAN_FRONTEND=noninteractive apt-get install --yes --no-install-recommends \
+  curl \
   krb5-user \
   postgresql-client-11
 
+RUN curl -fsSL "https://github.com/benesch/autouseradd/releases/download/1.3.0/autouseradd-1.3.0-amd64.tar.gz" -o autouseradd.tar.gz \
+  && echo "442dae58b727a79f81368127fac141d7f95501ffa05f8c48943d27c4e807deb7 autouseradd.tar.gz" | sha256sum -c - \
+  && tar xzf autouseradd.tar.gz --strip-components 1 \
+  && rm autouseradd.tar.gz
+
 RUN mkdir /code
 WORKDIR /code
 COPY requirements.txt /code/
 RUN pip install -r requirements.txt
 COPY . /code/
+
+ENTRYPOINT ["autouseradd", "--user", "roach", "--no-create-home", "/start.sh"]
diff --git a/pkg/acceptance/compose/gss/python/start.sh b/pkg/acceptance/compose/gss/python/start.sh
index 8463488c7ee3..34a1c380f402 100755
--- a/pkg/acceptance/compose/gss/python/start.sh
+++ b/pkg/acceptance/compose/gss/python/start.sh
@@ -2,10 +2,18 @@
 
 set -e
 
+echo psql | kinit tester@MY.EX
+
+export PGSSLKEY=/certs/client.root.key
+export PGSSLCERT=/certs/client.root.crt
+export PGUSER=root
+
 psql -c "SET CLUSTER SETTING server.host_based_authentication.configuration = 'host all all all gss include_realm=0'"
 psql -c "CREATE USER tester"
 
-echo psql | kinit tester@MY.EX
+unset PGSSLKEY
+unset PGSSLCERT
+export PGUSER=tester
 
 # Exit with error unless we find the expected error message.
 python manage.py inspectdb 2>&1 | grep 'use of GSS authentication requires an enterprise license'
diff --git a/pkg/acceptance/compose_test.go b/pkg/acceptance/compose_test.go
index 0316ae37a894..7c0971bac7f5 100644
--- a/pkg/acceptance/compose_test.go
+++ b/pkg/acceptance/compose_test.go
@@ -16,6 +16,7 @@ import (
 	"os"
 	"os/exec"
 	"path/filepath"
+	"strconv"
 	"testing"
 )
 
@@ -32,6 +33,16 @@ func TestComposeFlyway(t *testing.T) {
 }
 
 func testCompose(t *testing.T, path string, exitCodeFrom string) {
+	uid := os.Getuid()
+	err := os.Setenv("UID", strconv.Itoa(uid))
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
+	gid := os.Getgid()
+	err = os.Setenv("GID", strconv.Itoa(gid))
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
 	cmd := exec.Command(
 		"docker-compose",
 		"--no-ansi",