diff --git a/src/cmd/create.go b/src/cmd/create.go
index 494cd2178..2c6fe3fe3 100644
--- a/src/cmd/create.go
+++ b/src/cmd/create.go
@@ -464,6 +464,14 @@ func createContainer(container, image, release, authFile string, showCommandToEn
 		"--volume", runtimeDirectoryMountArg,
 	}...)
 
+	if podman.CheckVersion("3.2.0") {
+		if runtime, _ := podman.GetRuntimeName(); runtime == "crun" {
+			createArgs = append(createArgs, []string{
+				"--group-add", "keep-groups",
+			}...)
+		}
+	}
+
 	createArgs = append(createArgs, avahiSocketMount...)
 	createArgs = append(createArgs, kcmSocketMount...)
 	createArgs = append(createArgs, mediaMount...)
diff --git a/src/pkg/podman/podman.go b/src/pkg/podman/podman.go
index 4711b8b5c..345a938a6 100644
--- a/src/pkg/podman/podman.go
+++ b/src/pkg/podman/podman.go
@@ -213,6 +213,31 @@ func GetImages(args ...string) ([]Image, error) {
 	return images, nil
 }
 
+// GetRuntimeName returns OCI Runtime of Podman in a string
+func GetRuntimeName() (string, error) {
+	var stdout bytes.Buffer
+
+	logLevelString := LogLevel.String()
+	args := []string{"--log-level", logLevelString, "info", "--format", "json"}
+
+	if err := shell.Run("podman", nil, &stdout, nil, args...); err != nil {
+		return "", err
+	}
+
+	var podmanInfo struct {
+		Host struct {
+			OCIRuntime struct {
+				Name string `json:"name"`
+			} `json:"ociRuntime"`
+		} `json:"host"`
+	}
+	if err := json.Unmarshal(stdout.Bytes(), &podmanInfo); err != nil {
+		return "", err
+	}
+
+	return podmanInfo.Host.OCIRuntime.Name, nil
+}
+
 // GetVersion returns version of Podman in a string
 func GetVersion() (string, error) {
 	if podmanVersion != "" {