diff --git a/internal/model/types/container.go b/internal/model/types/container.go
index 1c7e533..0b7a439 100644
--- a/internal/model/types/container.go
+++ b/internal/model/types/container.go
@@ -267,7 +267,7 @@ func (co *Container) GetPodSecurityContext(context *corev1.PodSecurityContext) (
 	}
 
 	// the user id for the root user is always 0
-	if user == "root" {
+	if strings.Split(user, ":")[0] == "root" {
 		klog.Infof("user is root so setting user to 0")
 		user = "0"
 	}
diff --git a/internal/model/types/container_test.go b/internal/model/types/container_test.go
index c033c68..980c4b4 100644
--- a/internal/model/types/container_test.go
+++ b/internal/model/types/container_test.go
@@ -483,6 +483,22 @@ func TestGetRunasUser(t *testing.T) {
 			outsc: corev1.PodSecurityContext{RunAsUser: makeIntPointer(1000)},
 			err:   false,
 		},
+		{ // 8
+			in: &Container{Labels: map[string]string{
+				"com.joyrex2001.kubedock.runas-user": "root",
+			}},
+			insc:  &corev1.PodSecurityContext{RunAsUser: makeIntPointer(500)},
+			outsc: corev1.PodSecurityContext{RunAsUser: makeIntPointer(0)},
+			err:   false,
+		},
+		{ // 9
+			in: &Container{Labels: map[string]string{
+				"com.joyrex2001.kubedock.runas-user": "root:root",
+			}},
+			insc:  &corev1.PodSecurityContext{RunAsUser: makeIntPointer(500)},
+			outsc: corev1.PodSecurityContext{RunAsUser: makeIntPointer(0)},
+			err:   false,
+		},
 	}
 	for i, tst := range tests {
 		res, err := tst.in.GetPodSecurityContext(tst.insc)