@@ -4,6 +4,7 @@ import (

 	"context"

 	"fmt"

 	"io"

+	"runtime"

 	"strings"

 	"time"

@@ -16,7 +17,7 @@ import (

 	"github.com/docker/docker/pkg/pools"

 	"github.com/docker/docker/pkg/signal"

 	"github.com/docker/docker/pkg/term"

-	specs "github.com/opencontainers/runtime-spec/specs-go"

+	"github.com/opencontainers/runtime-spec/specs-go"

 	"github.com/pkg/errors"

 	"github.com/sirupsen/logrus"

 )

@@ -217,12 +218,23 @@ func (d *Daemon) ContainerExecStart(ctx context.Context, name string, stdin io.R

 		ec.StreamConfig.NewNopInputPipe()

 	}

-	p := &specs.Process{

-		Args:     append([]string{ec.Entrypoint}, ec.Args...),

-		Env:      ec.Env,

-		Terminal: ec.Tty,

-		Cwd:      ec.WorkingDir,

+	p := &specs.Process{}

+	if runtime.GOOS != "windows" {

+		container, err := d.containerdCli.LoadContainer(ctx, ec.ContainerID)

+		if err != nil {

+			return err

+		}

+		spec, err := container.Spec(ctx)

+		if err != nil {

+			return err

+		}

+		p = spec.Process

 	}

+	p.Args = append([]string{ec.Entrypoint}, ec.Args...)

+	p.Env = ec.Env

+	p.Cwd = ec.WorkingDir

+	p.Terminal = ec.Tty

+

 	if p.Cwd == "" {

 		p.Cwd = "/"

 	}

@@ -117,3 +117,18 @@ func TestExec(t *testing.T) {

 	assert.Assert(t, is.Contains(out, "PWD=/tmp"), "exec command not running in expected /tmp working directory")

 	assert.Assert(t, is.Contains(out, "FOO=BAR"), "exec command not running with expected environment variable FOO")

 }

+

+func TestExecUser(t *testing.T) {

+	skip.If(t, versions.LessThan(testEnv.DaemonAPIVersion(), "1.39"), "broken in earlier versions")

+	skip.If(t, testEnv.OSType == "windows", "FIXME. Probably needs to wait for container to be in running state.")

+	defer setupTest(t)()

+	ctx := context.Background()

+	client := testEnv.APIClient()

+

+	cID := container.Run(t, ctx, client, container.WithTty(true), container.WithUser("1:1"))

+

+	result, err := container.Exec(ctx, client, cID, []string{"id"})

+	assert.NilError(t, err)

+

+	assert.Assert(t, is.Contains(result.Stdout(), "uid=1(daemon) gid=1(daemon)"), "exec command not running as uid/gid 1")

+}

@@ -143,3 +143,10 @@ func WithRestartPolicy(policy string) func(c *TestContainerConfig) {

 		c.HostConfig.RestartPolicy.Name = policy

 	}

 }

+

+// WithUser sets the user

+func WithUser(user string) func(c *TestContainerConfig) {

+	return func(c *TestContainerConfig) {

+		c.Config.User = user

+	}

+}