diff --git a/nixproc/backends/docker/test-module/default.nix b/nixproc/backends/docker/test-module/default.nix
index e4d9c6a..84c27ac 100644
--- a/nixproc/backends/docker/test-module/default.nix
+++ b/nixproc/backends/docker/test-module/default.nix
@@ -5,15 +5,25 @@ let
     inherit (pkgs) lib;
   };
 
+  # We cannot deploy Docker as unprivileged user. Use a privileged installation instead
+  profileSettingsProcessManager = import ../../../test-driver/profiles/privileged.nix;
+
+  # For privileged deployments, use a different directory than /var, because it does not have the right SELinux context to work with containers
+  profileSettingsSystem = if profileSettings.params.stateDir == "/var" then profileSettings // {
+    params = profileSettings.params // rec {
+      stateDir = "/dockervar";
+      runtimeDir = "${stateDir}/run";
+    };
+  } else profileSettings;
+
   processesEnvProcessManager = import ../../sysvinit/build-sysvinit-env.nix ({
     inherit pkgs system;
     exprFile = ./processes-docker.nix;
-  } // profileSettings.params);
+  } // profileSettingsProcessManager.params);
 
   processesEnvSystem = import ../build-docker-env.nix ({
     inherit pkgs system exprFile extraParams;
-  }
-  // profileSettings.params);
+  } // profileSettingsSystem.params);
 in
 {
   nixosModules = [];
@@ -28,14 +38,16 @@ in
 
   deployProcessManager = ''
     machine.succeed(
-        "${executeDeploy { inherit profileSettings; processManager = "sysvinit"; processesEnv = processesEnvProcessManager; }}"
+        "${executeDeploy { profileSettings = profileSettingsProcessManager; processManager = "sysvinit"; processesEnv = processesEnvProcessManager; }}"
     )
-    machine.wait_for_file("${profileSettings.params.stateDir}/run/docker.sock")
+    machine.wait_for_file("${profileSettingsProcessManager.params.stateDir}/run/docker.sock")
+  '' + pkgs.lib.optionalString profileSettings.params.forceDisableUserChange ''
+    machine.succeed("usermod -a -G docker unprivileged")
   '';
 
   deploySystem = ''
     machine.succeed(
-        "${executeDeploy { inherit profileSettings; processManager = "docker"; processesEnv = processesEnvSystem; }}"
+        "${executeDeploy { profileSettings = profileSettingsSystem; processManager = "docker"; processesEnv = processesEnvSystem; }}"
     )
   '';
 }
diff --git a/tools/docker/nixproc-docker-deploy.in b/tools/docker/nixproc-docker-deploy.in
index 51a2083..580296a 100644
--- a/tools/docker/nixproc-docker-deploy.in
+++ b/tools/docker/nixproc-docker-deploy.in
@@ -24,7 +24,7 @@ EOF
 
 # Parse valid argument options
 
-PARAMS=`@getopt@ -n $0 -o p:o:h -l profile:,old-profile:,user,help -- "$@"`
+PARAMS=`@getopt@ -n $0 -o p:o:h -l profile:,old-profile:,state-dir:,force-disable-user-change,help -- "$@"`
 
 if [ $? != 0 ]
 then