Revert "core/execute: RuntimeDirectory= or friends requires mount namespace"

This reverts commit 652bb2637aee54e3503a22d2928a929ecd7a84b3.

Fixes #7761.

diff --git a/src/core/execute.c b/src/core/execute.c
index 3f3d732..de72786 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1789,12 +1789,7 @@ static bool exec_needs_mount_namespace(
             !strv_isempty(context->inaccessible_paths))
                 return true;
 
-        if (context->n_bind_mounts > 0 ||
-            !strv_isempty(context->directories[EXEC_DIRECTORY_RUNTIME].paths) ||
-            !strv_isempty(context->directories[EXEC_DIRECTORY_STATE].paths) ||
-            !strv_isempty(context->directories[EXEC_DIRECTORY_CACHE].paths) ||
-            !strv_isempty(context->directories[EXEC_DIRECTORY_LOGS].paths) ||
-            !strv_isempty(context->directories[EXEC_DIRECTORY_CONFIGURATION].paths))
+        if (context->n_bind_mounts > 0)
                 return true;
 
         if (context->mount_flags != 0)
@@ -1814,6 +1809,13 @@ static bool exec_needs_mount_namespace(
         if (context->mount_apivfs && (context->root_image || context->root_directory))
                 return true;
 
+        if (context->dynamic_user &&
+            (!strv_isempty(context->directories[EXEC_DIRECTORY_RUNTIME].paths) ||
+             !strv_isempty(context->directories[EXEC_DIRECTORY_STATE].paths) ||
+             !strv_isempty(context->directories[EXEC_DIRECTORY_CACHE].paths) ||
+             !strv_isempty(context->directories[EXEC_DIRECTORY_LOGS].paths)))
+                return true;
+
         return false;
 }