2 files changed, 12 insertions, 3 deletions

diff --git a/src/core/execute.c b/src/core/execute.c
index 92da22081b..b866747719 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2983,7 +2983,7 @@ static int compile_bind_mounts(
                         continue;
 
                 if (exec_directory_is_private(context, t) &&
-                    !(context->root_directory || context->root_image)) {
+                    !exec_context_with_rootfs(context)) {
                         char *private_root;
 
                         /* So this is for a dynamic user, and we need to make sure the process can access its own
@@ -3014,7 +3014,7 @@ static int compile_bind_mounts(
                         }
 
                         if (exec_directory_is_private(context, t) &&
-                            (context->root_directory || context->root_image))
+                            exec_context_with_rootfs(context))
                                 /* When RootDirectory= or RootImage= are set, then the symbolic link to the private
                                  * directory is not created on the root directory. So, let's bind-mount the directory
                                  * on the 'non-private' place. */
@@ -5658,7 +5658,7 @@ bool exec_context_get_effective_mount_apivfs(const ExecContext *c) {
                 return c->mount_apivfs;
 
         /* Default to "yes" if root directory or image are specified */
-        if (c->root_image || !empty_or_root(c->root_directory))
+        if (exec_context_with_rootfs(c))
                 return true;
 
         return false;
diff --git a/src/core/execute.h b/src/core/execute.h
index c21154bda2..c4345005c1 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -23,6 +23,7 @@ typedef struct Manager Manager;
 #include "namespace.h"
 #include "nsflags.h"
 #include "numa-util.h"
+#include "path-util.h"
 #include "time-util.h"
 
 #define EXEC_STDIN_DATA_MAX (64U*1024U*1024U)
@@ -325,6 +326,14 @@ static inline bool exec_context_restrict_namespaces_set(const ExecContext *c) {
         return (c->restrict_namespaces & NAMESPACE_FLAGS_ALL) != NAMESPACE_FLAGS_ALL;
 }
 
+static inline bool exec_context_with_rootfs(const ExecContext *c) {
+        assert(c);
+
+        /* Checks if RootDirectory= or RootImage= are used */
+
+        return !empty_or_root(c->root_directory) || c->root_image;
+}
+
 typedef enum ExecFlags {
         EXEC_APPLY_SANDBOXING  = 1 << 0,
         EXEC_APPLY_CHROOT      = 1 << 1,