diff --git a/Dockerfile.apt b/Dockerfile.apt
index 928aadb..bc20343 100644
--- a/Dockerfile.apt
+++ b/Dockerfile.apt
@@ -15,7 +15,7 @@ ARG PKGS="udev git net-tools sudo curl locales procps openssh-server lsb-release
 COPY files/dpkg-nodoc /etc/dpkg/dpkg.cfg.d/01_nodoc
 COPY files/apt-no-recommends /etc/apt/apt.conf.d/99synaptic
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 # hadolint ignore=DL3008
 RUN apt-get update \
  && apt-get install --yes --no-install-recommends $PKGS \
@@ -31,8 +31,8 @@ RUN apt-get update \
            /lib/systemd/system/systemd*udev* \
            /lib/systemd/system/getty.target \
           /etc/default/locale /etc/locale.gen \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__"; \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
      find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries https://github.com/moby/moby/issues/4040#issuecomment-339022455
diff --git a/Dockerfile.dnf b/Dockerfile.dnf
index 69b1d10..dbe1bfa 100644
--- a/Dockerfile.dnf
+++ b/Dockerfile.dnf
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools sudo curl openssh-server openssh-clients which findutils glibc-langpack-en $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 RUN dnf -y update && dnf -y install ${PKGS} \
  && curl -L https://raw.githubusercontent.com/saltstack/salt-bootstrap/develop/bootstrap-salt.sh | \
     sh -s -- -XUdfP -x python$PYTHON_VERSION $SALT_INSTALL_METHOD $SALT_VERSION \
@@ -20,8 +20,8 @@ RUN dnf -y update && dnf -y install ${PKGS} \
  && rm -rf /var/cache/{salt,pacman} \
            /usr/lib/systemd/system/systemd*udev* \
            /usr/lib/systemd/system/getty.target \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__"; \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
      find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries (https://github.com/moby/moby/issues/4040#issuecomment-339022455)
diff --git a/Dockerfile.pac b/Dockerfile.pac
index dc1760e..7ab4319 100644
--- a/Dockerfile.pac
+++ b/Dockerfile.pac
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools sudo curl $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 RUN pacman --noconfirm -Sy archlinux-keyring \
  && pacman-db-upgrade \
  && pacman --noconfirm -Syu ${PKGS} \
@@ -23,8 +23,8 @@ RUN pacman --noconfirm -Sy archlinux-keyring \
  && rm -rf /var/cache/{salt,pacman} \
            /usr/lib/systemd/system/systemd*udev* \
            /usr/lib/systemd/system/getty.target \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__"; \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
      find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries (https://github.com/moby/moby/issues/4040#issuecomment-339022455)
diff --git a/Dockerfile.yum b/Dockerfile.yum
index 6d94b7d..45162c0 100644
--- a/Dockerfile.yum
+++ b/Dockerfile.yum
@@ -12,7 +12,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools sudo curl openssh-server openssh-clients which $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 # Centos 7 requires EPEL repo before being able to install python2-pip
 RUN if [[ "${DISTRO_NAME}" = "centos" && "${DISTRO_VERSION}" = "7" ]]; \
     then yum -y install epel-release; \
@@ -40,8 +40,9 @@ RUN if [[ "${DISTRO_NAME}" = "centos" && "${DISTRO_VERSION}" = "7" ]]; \
  && rm -rf /var/cache/{salt,yum} \
            /usr/lib/systemd/system/systemd*udev* \
            /usr/lib/systemd/system/getty.target \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__") | \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
+     find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries (https://github.com/moby/moby/issues/4040#issuecomment-339022455)
  && cp /bin/true /sbin/agetty \
diff --git a/Dockerfile.zyp b/Dockerfile.zyp
index 97ee2ba..afa78ae 100644
--- a/Dockerfile.zyp
+++ b/Dockerfile.zyp
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools net-tools-deprecated sudo curl glibc-locale openssh which python-xml $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 RUN zypper refresh && zypper install -y ${PKGS} \
  && systemctl enable sshd \
     # https://github.com/inspec/train/issues/377