diff --git a/container/autoetc.go b/container/autoetc.go
index f494d75..23b1a86 100644
--- a/container/autoetc.go
+++ b/container/autoetc.go
@@ -4,6 +4,7 @@ import (
 	"encoding/gob"
 	"fmt"
 	"os"
+	"syscall"
 )
 
 func init() { gob.Register(new(AutoEtcOp)) }
@@ -21,7 +22,12 @@ func (f *Ops) Etc(host *Absolute, prefix string) *Ops {
 type AutoEtcOp struct{ Prefix string }
 
 func (e *AutoEtcOp) early(*setupState) error { return nil }
-func (e *AutoEtcOp) apply(*setupState) error {
+func (e *AutoEtcOp) apply(state *setupState) error {
+	if state.nonrepeatable&nrAutoEtc != 0 {
+		return msg.WrapErr(syscall.EINVAL, "autoetc is not repeatable")
+	}
+	state.nonrepeatable |= nrAutoEtc
+
 	const target = sysrootPath + FHSEtc
 	rel := e.hostRel() + "/"
 
diff --git a/container/autoroot.go b/container/autoroot.go
index b155145..215a7bb 100644
--- a/container/autoroot.go
+++ b/container/autoroot.go
@@ -56,6 +56,11 @@ func (r *AutoRootOp) early(state *setupState) error {
 }
 
 func (r *AutoRootOp) apply(state *setupState) error {
+	if state.nonrepeatable&nrAutoRoot != 0 {
+		return msg.WrapErr(syscall.EINVAL, "autoroot is not repeatable")
+	}
+	state.nonrepeatable |= nrAutoRoot
+
 	for _, op := range r.resolved {
 		msg.Verbosef("%s %s", op.prefix(), op)
 		if err := op.apply(state); err != nil {
diff --git a/container/ops.go b/container/ops.go
index efc925b..a08a12f 100644
--- a/container/ops.go
+++ b/container/ops.go
@@ -24,6 +24,11 @@ const (
 	intermediatePatternTmpfile = "tmp.*"
 )
 
+const (
+	nrAutoEtc = 1 << iota
+	nrAutoRoot
+)
+
 type (
 	Ops []Op
 
@@ -41,6 +46,7 @@ type (
 	}
 
 	setupState struct {
+		nonrepeatable uintptr
 		*Params
 	}
 )