diff --git a/scripts/test-iso-build.sh b/scripts/test-iso-build.sh
index 711f311..cde5243 100755
--- a/scripts/test-iso-build.sh
+++ b/scripts/test-iso-build.sh
@@ -44,12 +44,20 @@ log "Profile: $PROFILE_DIR"
 
 # Note: Network enabled for package downloads during build
 # Production builds should use pre-cached packages for --network=none
-$RUNTIME run \
+#
+# mkarchiso needs to mount /dev for chroot - requires root privileges
+# Using sudo for podman, or --privileged for docker
+if [ "$RUNTIME" = "podman" ]; then
+    # Podman rootless can't mount /dev - need sudo
+    RUNTIME_CMD="sudo podman"
+else
+    RUNTIME_CMD="$RUNTIME"
+fi
+
+$RUNTIME_CMD run \
     --name debate-test-build \
     --rm \
     --privileged \
-    --tmpfs=/tmp:exec,mode=1777 \
-    --tmpfs=/var/tmp:exec,mode=1777 \
     -v "$PROFILE_DIR:/build/profile:ro" \
     -v "$OUTPUT_DIR:/build/output:rw" \
     -e SOURCE_DATE_EPOCH=1704067200 \