diff --git a/Sources/Plugins/MachineAPIServer/Resources/create-user.sh b/Sources/Plugins/MachineAPIServer/Resources/create-user.sh
index 0a4a4bcae..2447e7836 100755
--- a/Sources/Plugins/MachineAPIServer/Resources/create-user.sh
+++ b/Sources/Plugins/MachineAPIServer/Resources/create-user.sh
@@ -42,5 +42,6 @@ fi
 chown -R "${CONTAINER_UID}:${CONTAINER_GID}" "${CONTAINER_HOME}"
 
 mkdir -p /etc/sudoers.d
-echo "${CONTAINER_USER} ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/${CONTAINER_USER}"
-chmod 440 "/etc/sudoers.d/${CONTAINER_USER}"
+SUODOERS_FILE="${CONTAINER_USER//./_}"
+echo "${CONTAINER_USER} ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/${SUODOERS_FILE}"
+chmod 440 "/etc/sudoers.d/${SUDOERS_FILE}"
diff --git a/Tests/CLITests/Subcommands/Machine/TestCLIMachine.swift b/Tests/CLITests/Subcommands/Machine/TestCLIMachine.swift
index 7fc205b77..ff25e979f 100644
--- a/Tests/CLITests/Subcommands/Machine/TestCLIMachine.swift
+++ b/Tests/CLITests/Subcommands/Machine/TestCLIMachine.swift
@@ -381,10 +381,11 @@ class TestCLIMachineRuntime: CLITest {
         try waitForMachineStatus(name, status: "running")
 
         let username = NSUserName()
+        let sanitizedUsername = username.replacingOccurrences(of: ".", with: "_")
         let output = try doMachineRun(
             name: name,
             root: true,
-            command: ["cat", "/etc/sudoers.d/\(username)"]
+            command: ["cat", "/etc/sudoers.d/\(sanitizedUsername)"]
         )
         let content = output.trimmingCharacters(in: .whitespacesAndNewlines)
         #expect(