2 files changed, 13 insertions, 9 deletions

diff --git a/cmd/podman/exec.go b/cmd/podman/exec.go
index 0cd6f98b7..ed11b3c4b 100644
--- a/cmd/podman/exec.go
+++ b/cmd/podman/exec.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"fmt"
+	"os"
 	"strings"
 
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
@@ -84,6 +85,18 @@ func execCmd(c *cli.Context) error {
 		return errors.Wrapf(err, "unable to exec into %s", args[0])
 	}
 
+	pid, err := ctr.PID()
+	if err != nil {
+		return err
+	}
+	became, ret, err := rootless.JoinNS(uint(pid))
+	if err != nil {
+		return err
+	}
+	if became {
+		os.Exit(ret)
+	}
+
 	// ENVIRONMENT VARIABLES
 	env := defaultEnvVariables
 	for _, e := range c.StringSlice("env") {
diff --git a/libpod/oci.go b/libpod/oci.go
index 240f53885..e1c0d1261 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -691,15 +691,6 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty
 	logrus.Debugf("Starting runtime %s with following arguments: %v", r.path, args)
 
 	execCmd := exec.Command(r.path, args...)
-	if rootless.IsRootless() {
-		args = append([]string{"--preserve-credentials", "--user=/proc/self/fd/3", r.path}, args...)
-		f, err := rootless.GetUserNSForPid(uint(c.state.PID))
-		if err != nil {
-			return nil, err
-		}
-		execCmd = exec.Command("nsenter", args...)
-		execCmd.ExtraFiles = append(execCmd.ExtraFiles, f)
-	}
 	execCmd.Stdout = os.Stdout
 	execCmd.Stderr = os.Stderr
 	execCmd.Stdin = os.Stdin