diff --git a/Dockerfile b/Dockerfile
index baee652..f6da01e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,13 +4,14 @@ LABEL Maintainer="Wolfgang Hottgenroth <woho@hottis.de>"
 LABEL ImageName="bind-hidden-primary"
 
 RUN \
-  apk add --no-cache bind bind-tools bash git openssh-client-default && \
+  apk add --no-cache bind bind-tools bash git openssh-client-default sudo && \
   mkdir -p /etc/named && \
   mkdir -p /etc/named/zones && \
   mkdir -p /etc/named-dist && \
   mkdir -p /var/log/named && \
   chown -R named:named /etc/named/zones /var/log/named && \
-  sed -i s,/etc/bind,/etc/named/zones, /etc/passwd
+  sed -i s,/etc/bind,/etc/named/zones, /etc/passwd && \
+  echo 'named ALL=(ALL) NOPASSWD: /bin/chown, /bin/chmod' >> /etc/sudoers && \
 
 COPY named.conf /etc/named/
 COPY whiskeylimahotel.de.zone /etc/named-dist/
diff --git a/start.sh b/start.sh
index b6f8961..c2fb2ba 100755
--- a/start.sh
+++ b/start.sh
@@ -3,6 +3,12 @@ set -ex
 
 echo "Starting BIND initialization..."
 
+# Fix permissions for mounted volume
+echo "Fixing permissions for /etc/named/zones"
+sudo chown -R named:named /etc/named/zones
+sudo chmod -R 750 /etc/named/zones
+ls -la /etc/named/zones
+
 INITIALLY_INSTALLED_FLAG="/etc/named/zones/initialized"
 # Copy template files to working directories if they don't exist
 if [ ! -f $INITIALLY_INSTALLED_FLAG ]; then