From b955051244ce72ec5879d49e76dbf2b5ea0edeee Mon Sep 17 00:00:00 2001
From: DaanDeMeyer <daan.j.demeyer@gmail.com>
Date: Mon, 14 Jul 2025 08:13:45 +0200
Subject: [PATCH] nspawn: Don't clear idmapping if we're not doing an idmapped
 mount

We only need to clear the existing idmapping if we're going to be
replacing it with another idmapping. Otherwise we should keep the
existing idmapping in place.
---
 src/nspawn/nspawn-mount.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
index af794b00172..4cc638877d8 100644
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@@ -829,7 +829,7 @@ static int mount_bind(const char *dest, CustomMount *m, uid_t uid_shift, uid_t u
                         m->source,
                         OPEN_TREE_CLONE|OPEN_TREE_CLOEXEC,
                         &(struct mount_attr) {
-                                .attr_clr = MOUNT_ATTR_IDMAP,
+                                .attr_clr = idmapping != REMOUNT_IDMAPPING_NONE ? MOUNT_ATTR_IDMAP : 0,
                         });
         if (ERRNO_IS_NEG_NOT_SUPPORTED(fd_clone))
                 /* We can only clear idmapped mounts with open_tree_attr(), but there might not be one in
-- 
2.47.3