diff --git a/README.md b/README.md
index 57ed770..ff71fb6 100644
--- a/README.md
+++ b/README.md
@@ -178,7 +178,7 @@ services:
 
 #### Rootless Podman
 
-When using rootless Podman, the OpenVox Server process starts as a virtual `root` and then drops privileges to the `puppet` user.
+When using rootless Podman, the OpenVox Server process runs directly as the non-root `puppet` user (UID 1001) with the root group (GID 0).
 This can lead to permission issues with bind mount volumes, which you may want to use for the OpenVox SSL and CA directories. For example:
 
 ```shell
diff --git a/openvoxserver/prep_release_container.sh b/openvoxserver/prep_release_container.sh
index 7436ed3..862ae39 100755
--- a/openvoxserver/prep_release_container.sh
+++ b/openvoxserver/prep_release_container.sh
@@ -82,8 +82,8 @@ else
 fi
 
 chown -R puppet:puppet /etc/puppetlabs/code
-chown -R puppet:puppet /etc/puppetlabs/puppet/ssl
-chown -R puppet:puppet /etc/puppetlabs/puppetserver/ca
+chown -R puppet:puppet /etc/puppetlabs/puppet
+chown -R puppet:puppet /etc/puppetlabs/puppetserver
 chown -R puppet:puppet /opt/puppetlabs/server/data/puppetserver
 chown -R puppet:puppet /var/log/puppetlabs/puppetserver
 chown -R puppet:puppet /var/run/puppetlabs/puppetserver