@@ -711,10 +711,6 @@ func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes.

 		if !sysInfo.CgroupNamespaces {

 			warnings = append(warnings, "Your kernel does not support cgroup namespaces.  Cgroup namespace setting discarded.")

 		}

-

-		if hostConfig.Privileged && !cgroups.IsCgroup2UnifiedMode() {

-			return warnings, fmt.Errorf("privileged mode is incompatible with private cgroup namespaces on cgroup v1 host.  You must run the container in the host cgroup namespace when running privileged mode")

-		}

 	}

 	return warnings, nil

@@ -339,10 +339,7 @@ func WithNamespaces(daemon *Daemon, c *container.Container) coci.SpecOpts {

 			if !cgroupNsMode.Valid() {

 				return fmt.Errorf("invalid cgroup namespace mode: %v", cgroupNsMode)

 			}

-

-			// for cgroup v2: unshare cgroupns even for privileged containers

-			// https://github.com/containers/libpod/pull/4374#issuecomment-549776387

-			if cgroupNsMode.IsPrivate() && (cgroups.IsCgroup2UnifiedMode() || !c.HostConfig.Privileged) {

+			if cgroupNsMode.IsPrivate() {

 				nsCgroup := specs.LinuxNamespace{Type: "cgroup"}

 				setNamespace(s, nsCgroup)

 			}

@@ -114,9 +114,8 @@ func TestCgroupNamespacesRunPrivilegedAndPrivate(t *testing.T) {

 	skip.If(t, testEnv.IsRemoteDaemon())

 	skip.If(t, !requirement.CgroupNamespacesEnabled())

-	// Running with both privileged and cgroupns=private is not allowed

-	errStr := "privileged mode is incompatible with private cgroup namespaces on cgroup v1 host.  You must run the container in the host cgroup namespace when running privileged mode"

-	testCreateFailureWithCgroupNs(t, "private", errStr, container.WithPrivileged(true), container.WithCgroupnsMode("private"))

+	containerCgroup, daemonCgroup := testRunWithCgroupNs(t, "private", container.WithPrivileged(true), container.WithCgroupnsMode("private"))

+	assert.Assert(t, daemonCgroup != containerCgroup)

 }

 func TestCgroupNamespacesRunInvalidMode(t *testing.T) {