nspawn: Don't clear idmapping if we're not doing an idmapped mount

We only need to clear the existing idmapping if we're going to be
replacing it with another idmapping. Otherwise we should keep the
existing idmapping in place.

diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
index af794b00172a7f937cc122feccdadefc52a9539f..4cc638877d8edb195ffc17a2e892d74acdd543f6 100644 (file)
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@@ -829,7 +829,7 @@ static int mount_bind(const char *dest, CustomMount *m, uid_t uid_shift, uid_t u
                         m->source,
                         OPEN_TREE_CLONE|OPEN_TREE_CLOEXEC,
                         &(struct mount_attr) {
-                                .attr_clr = MOUNT_ATTR_IDMAP,
+                                .attr_clr = idmapping != REMOUNT_IDMAPPING_NONE ? MOUNT_ATTR_IDMAP : 0,
                         });
         if (ERRNO_IS_NEG_NOT_SUPPORTED(fd_clone))
                 /* We can only clear idmapped mounts with open_tree_attr(), but there might not be one in