diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/up b/root/etc/s6-overlay/s6-rc.d/init-base/up
deleted file mode 100644
index 0738317..0000000
--- a/root/etc/s6-overlay/s6-rc.d/init-base/up
+++ /dev/null
@@ -1 +0,0 @@
-# This file doesn't do anything, it's just the end of the base image init process
diff --git a/root/etc/s6-overlay/s6-rc.d/init-adduser/dependencies.d/init-tamper-check b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-config
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-adduser/dependencies.d/init-tamper-check
rename to root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-config
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/type b/root/etc/s6-overlay/s6-rc.d/init-config-end/type
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/type
rename to root/etc/s6-overlay/s6-rc.d/init-config-end/type
diff --git a/root/etc/s6-overlay/s6-rc.d/init-downstream/up b/root/etc/s6-overlay/s6-rc.d/init-config-end/up
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-downstream/up
rename to root/etc/s6-overlay/s6-rc.d/init-config-end/up
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/base b/root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-os-end
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/base
rename to root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-os-end
diff --git a/root/etc/s6-overlay/s6-rc.d/init-downstream/type b/root/etc/s6-overlay/s6-rc.d/init-config/type
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-downstream/type
rename to root/etc/s6-overlay/s6-rc.d/init-config/type
diff --git a/root/etc/s6-overlay/s6-rc.d/init-config/up b/root/etc/s6-overlay/s6-rc.d/init-config/up
new file mode 100644
index 0000000..e80acfe
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-config/up
@@ -0,0 +1 @@
+# This file doesn't do anything, it's just the start of the downstream image init process
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-adduser b/root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/base
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-adduser
rename to root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/base
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-envfile b/root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/init-adduser
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-envfile
rename to root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/init-adduser
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-migrations b/root/etc/s6-overlay/s6-rc.d/init-mods-end/dependencies.d/init-mods
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-migrations
rename to root/etc/s6-overlay/s6-rc.d/init-mods-end/dependencies.d/init-mods
diff --git a/root/etc/s6-overlay/s6-rc.d/init-tamper-check/type b/root/etc/s6-overlay/s6-rc.d/init-mods-end/type
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-tamper-check/type
rename to root/etc/s6-overlay/s6-rc.d/init-mods-end/type
diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-end/up b/root/etc/s6-overlay/s6-rc.d/init-mods-end/up
new file mode 100644
index 0000000..092149d
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-mods-end/up
@@ -0,0 +1 @@
+# This file doesn't do anything, it's just the end of the mod init process
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-script-check b/root/etc/s6-overlay/s6-rc.d/init-mods/dependencies.d/init-config-end
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-script-check
rename to root/etc/s6-overlay/s6-rc.d/init-mods/dependencies.d/init-config-end
diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods/type b/root/etc/s6-overlay/s6-rc.d/init-mods/type
new file mode 100644
index 0000000..bdd22a1
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-mods/type
@@ -0,0 +1 @@
+oneshot
diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods/up b/root/etc/s6-overlay/s6-rc.d/init-mods/up
new file mode 100644
index 0000000..040d801
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-mods/up
@@ -0,0 +1 @@
+# This file doesn't do anything, it's just the start of the mod init process
diff --git a/root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-tamper-check b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/base
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-base/dependencies.d/init-tamper-check
rename to root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/base
diff --git a/root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/init-downstream b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-adduser
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-custom-files/dependencies.d/init-downstream
rename to root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-adduser
diff --git a/root/etc/s6-overlay/s6-rc.d/init-downstream/dependencies.d/init-base b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-custom-files
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-downstream/dependencies.d/init-base
rename to root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-custom-files
diff --git a/root/etc/s6-overlay/s6-rc.d/init-tamper-check/dependencies.d/init-script-check b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-envfile
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/init-tamper-check/dependencies.d/init-script-check
rename to root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-envfile
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-base b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-migrations
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/user/contents.d/init-base
rename to root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-migrations
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-tamper-check b/root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-script-check
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/user/contents.d/init-tamper-check
rename to root/etc/s6-overlay/s6-rc.d/init-os-end/dependencies.d/init-script-check
diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/type b/root/etc/s6-overlay/s6-rc.d/init-os-end/type
new file mode 100644
index 0000000..bdd22a1
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-os-end/type
@@ -0,0 +1 @@
+oneshot
diff --git a/root/etc/s6-overlay/s6-rc.d/init-os-end/up b/root/etc/s6-overlay/s6-rc.d/init-os-end/up
new file mode 100644
index 0000000..092149d
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-os-end/up
@@ -0,0 +1 @@
+# This file doesn't do anything, it's just the end of the mod init process
diff --git a/root/etc/s6-overlay/s6-rc.d/init-tamper-check/run b/root/etc/s6-overlay/s6-rc.d/init-tamper-check/run
deleted file mode 100755
index 04aec81..0000000
--- a/root/etc/s6-overlay/s6-rc.d/init-tamper-check/run
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/usr/bin/with-contenv bash
-
-if ([ -d "/config/custom-cont-init.d" ] && [ -n "$(find /config/custom-cont-init.d ! -user root)" ]); then
-    echo "**** Potential tampering with custom scripts detected ****"
-    randstr=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-8};echo;)
-    mv "/config/custom-cont-init.d" "/config/custom-cont-init.d.${randstr}"
-    echo "**** Folder /config/custom-cont-init.d is moved to /config/custom-cont-init.d.${randstr} ****"
-    echo "**** The folder '/config/custom-cont-init.d' and its contents need to all be owned by root to prevent root escalation inside the container!!! ****"
-    mkdir -p /config/custom-cont-init.d
-    chown 0:0 /config/custom-cont-init.d
-elif ([ -d "/config/custom-cont-init.d" ] && [ -n "$(find /config/custom-cont-init.d -perm -o+w)" ]); then
-    echo "**** The folder '/config/custom-cont-init.d' or some of its contents have write permissions for others, which is a security risk. ****"
-    echo "**** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****"
-fi
diff --git a/root/etc/s6-overlay/s6-rc.d/init-tamper-check/up b/root/etc/s6-overlay/s6-rc.d/init-tamper-check/up
deleted file mode 100644
index 80c298e..0000000
--- a/root/etc/s6-overlay/s6-rc.d/init-tamper-check/up
+++ /dev/null
@@ -1 +0,0 @@
-/etc/s6-overlay/s6-rc.d/init-tamper-check/run
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config-end b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config-end
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-custom-files b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-custom-files
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods-end b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mods-end
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-os-end b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-os-end
new file mode 100644
index 0000000..e69de29