diff --git a/pkg/server/container_create.go b/pkg/server/container_create.go
index c4f730d0d..cb5b1f9a5 100644
--- a/pkg/server/container_create.go
+++ b/pkg/server/container_create.go
@@ -662,7 +662,7 @@ func setOCIBindMountsPrivileged(g *generate.Generator) {
 	spec := g.Spec()
 	// clear readonly for /sys and cgroup
 	for i, m := range spec.Mounts {
-		if spec.Mounts[i].Destination == "/sys" && !spec.Root.Readonly {
+		if spec.Mounts[i].Destination == "/sys" {
 			clearReadOnly(&spec.Mounts[i])
 		}
 		if m.Type == "cgroup" {
diff --git a/pkg/server/container_create_test.go b/pkg/server/container_create_test.go
index 1baeb5d47..a0a3871ff 100644
--- a/pkg/server/container_create_test.go
+++ b/pkg/server/container_create_test.go
@@ -605,7 +605,6 @@ func TestGenerateContainerMounts(t *testing.T) {
 func TestPrivilegedBindMount(t *testing.T) {
 	for desc, test := range map[string]struct {
 		privileged         bool
-		readonlyRootFS     bool
 		expectedSysFSRO    bool
 		expectedCgroupFSRO bool
 	}{
@@ -618,16 +617,9 @@ func TestPrivilegedBindMount(t *testing.T) {
 			expectedSysFSRO:    false,
 			expectedCgroupFSRO: false,
 		},
-		"sysfs should mount as 'ro' if root filrsystem is readonly": {
-			privileged:         true,
-			readonlyRootFS:     true,
-			expectedSysFSRO:    true,
-			expectedCgroupFSRO: false,
-		},
 	} {
 		t.Logf("TestCase %q", desc)
 		g := generate.New()
-		g.SetRootReadonly(test.readonlyRootFS)
 		c := newTestCRIService()
 		c.addOCIBindMounts(&g, nil, "")
 		if test.privileged {