diff --git a/init/init_test.cpp b/init/init_test.cpp
index 0fc3ffcf2..7e8513bfc 100644
--- a/init/init_test.cpp
+++ b/init/init_test.cpp
@@ -180,9 +180,11 @@ TEST(init, OverrideService) {
     std::string init_script = R"init(
 service A something
     class first
+    user nobody
 
 service A something
     class second
+    user nobody
     override
 
 )init";
@@ -610,6 +612,31 @@ TEST(init, LazilyLoadedActionsCanBeTriggeredByTheNextTrigger) {
     EXPECT_EQ(2, num_executed);
 }
 
+TEST(init, RejectsNoUserStartingInV) {
+    std::string init_script =
+            R"init(
+service A something
+    class first
+)init";
+
+    TemporaryFile tf;
+    ASSERT_TRUE(tf.fd != -1);
+    ASSERT_TRUE(android::base::WriteStringToFd(init_script, tf.fd));
+
+    ServiceList service_list;
+    Parser parser;
+    parser.AddSectionParser("service",
+                            std::make_unique<ServiceParser>(&service_list, nullptr, std::nullopt));
+
+    ASSERT_TRUE(parser.ParseConfig(tf.path));
+
+    if (GetIntProperty("ro.vendor.api_level", 0) > __ANDROID_API_U__) {
+        ASSERT_EQ(1u, parser.parse_error_count());
+    } else {
+        ASSERT_EQ(0u, parser.parse_error_count());
+    }
+}
+
 TEST(init, RejectsCriticalAndOneshotService) {
     if (GetIntProperty("ro.product.first_api_level", 10000) < 30) {
         GTEST_SKIP() << "Test only valid for devices launching with R or later";
@@ -619,6 +646,7 @@ TEST(init, RejectsCriticalAndOneshotService) {
             R"init(
 service A something
   class first
+  user root
   critical
   oneshot
 )init";
diff --git a/init/service_parser.cpp b/init/service_parser.cpp
index d89664c5b..d46e1f754 100644
--- a/init/service_parser.cpp
+++ b/init/service_parser.cpp
@@ -25,6 +25,7 @@
 
 #include <android-base/logging.h>
 #include <android-base/parseint.h>
+#include <android-base/properties.h>
 #include <android-base/strings.h>
 #include <hidl-util/FQName.h>
 #include <processgroup/processgroup.h>
@@ -678,8 +679,13 @@ Result<void> ServiceParser::EndSection() {
     }
 
     if (service_->proc_attr_.parsed_uid == std::nullopt) {
-        LOG(WARNING) << "No user specified for service '" << service_->name()
-                     << "'. Defaults to root.";
+        if (android::base::GetIntProperty("ro.vendor.api_level", 0) > __ANDROID_API_U__) {
+            return Error() << "No user specified for service '" << service_->name()
+                           << "'. Defaults to root.";
+        } else {
+            LOG(WARNING) << "No user specified for service '" << service_->name()
+                         << "'. Defaults to root.";
+        }
     }
 
     if (interface_inheritance_hierarchy_) {
diff --git a/rootdir/init.usb.rc b/rootdir/init.usb.rc
index 0730ccecf..dde784e25 100644
--- a/rootdir/init.usb.rc
+++ b/rootdir/init.usb.rc
@@ -18,6 +18,7 @@ service adbd /system/bin/adbd --root_seclabel=u:r:su:s0
     disabled
     updatable
     seclabel u:r:adbd:s0
+    user root
 
 on property:vendor.sys.usb.adb.disabled=*
     setprop sys.usb.adb.disabled ${vendor.sys.usb.adb.disabled}