diff --git a/conf.c b/conf.c
index 9f7df2c..35d037e 100644
--- a/conf.c
+++ b/conf.c
@@ -1556,7 +1556,8 @@ void conf(struct ctx *c, int argc, char **argv)
 		if (*netns) {
 			pasta_open_ns(c, netns);
 		} else {
-			pasta_start_ns(c, argc - optind, argv + optind);
+			pasta_start_ns(c, uid, gid,
+				       argc - optind, argv + optind);
 		}
 	}
 
diff --git a/isolation.c b/isolation.c
index 3a4ec9f..4e6637d 100644
--- a/isolation.c
+++ b/isolation.c
@@ -265,23 +265,10 @@ void isolate_user(uid_t uid, gid_t gid, bool use_userns, const char *userns,
 		close(ufd);
 
 	} else if (use_userns) { /* Create and join a new userns */
-		char uidmap[BUFSIZ];
-		char gidmap[BUFSIZ];
-
 		if (unshare(CLONE_NEWUSER) != 0) {
 			err("Couldn't create user namespace: %s", strerror(errno));
 			exit(EXIT_FAILURE);
 		}
-
-		/* Configure user and group mappings */
-		snprintf(uidmap, BUFSIZ, "0 %u 1", uid);
-		snprintf(gidmap, BUFSIZ, "0 %u 1", gid);
-
-		if (write_file("/proc/self/uid_map", uidmap) ||
-		    write_file("/proc/self/setgroups", "deny") ||
-		    write_file("/proc/self/gid_map", gidmap)) {
-			warn("Couldn't configure user namespace");
-		}
 	}
 
 	/* Joining a new userns gives us full capabilities; drop the
diff --git a/pasta.c b/pasta.c
index d135f1b..1824c6e 100644
--- a/pasta.c
+++ b/pasta.c
@@ -180,15 +180,19 @@ static int pasta_setup_ns(void *arg)
 /**
  * pasta_start_ns() - Fork command in new namespace if target ns is not given
  * @c:		Execution context
+ * @uid:	UID we're running as in the init namespace
+ * @gid:	GID we're running as in the init namespace
  * @argc:	Number of arguments for spawned command
  * @argv:	Command to spawn and arguments
  */
-void pasta_start_ns(struct ctx *c, int argc, char *argv[])
+void pasta_start_ns(struct ctx *c, uid_t uid, gid_t gid,
+		    int argc, char *argv[])
 {
 	struct pasta_setup_ns_arg arg = {
 		.exe = argv[0],
 		.argv = argv,
 	};
+	char uidmap[BUFSIZ], gidmap[BUFSIZ];
 	char ns_fn_stack[NS_FN_STACK_SIZE];
 	char *sh_argv[] = { NULL, NULL };
 	char sh_arg0[PATH_MAX + 1];
@@ -197,6 +201,15 @@ void pasta_start_ns(struct ctx *c, int argc, char *argv[])
 	if (!c->debug)
 		c->quiet = 1;
 
+	/* Configure user and group mappings */
+	snprintf(uidmap, BUFSIZ, "0 %u 1", uid);
+	snprintf(gidmap, BUFSIZ, "0 %u 1", gid);
+
+	if (write_file("/proc/self/uid_map", uidmap) ||
+	    write_file("/proc/self/setgroups", "deny") ||
+	    write_file("/proc/self/gid_map", gidmap)) {
+		warn("Couldn't configure user mappings");
+	}
 
 	if (argc == 0) {
 		arg.exe = getenv("SHELL");
diff --git a/pasta.h b/pasta.h
index 02df1f6..a8b9893 100644
--- a/pasta.h
+++ b/pasta.h
@@ -7,7 +7,8 @@
 #define PASTA_H
 
 void pasta_open_ns(struct ctx *c, const char *netns);
-void pasta_start_ns(struct ctx *c, int argc, char *argv[]);
+void pasta_start_ns(struct ctx *c, uid_t uid, gid_t gid,
+		    int argc, char *argv[]);
 void pasta_ns_conf(struct ctx *c);
 void pasta_child_handler(int signal);
 int pasta_netns_quit_init(struct ctx *c);