diff --git a/pkg/server/container_create.go b/pkg/server/container_create.go
index 427501339..4c25dcad2 100644
--- a/pkg/server/container_create.go
+++ b/pkg/server/container_create.go
@@ -555,10 +555,17 @@ func (c *criContainerdService) addOCIBindMounts(g *generate.Generator, mounts []
 		switch mount.GetPropagation() {
 		case runtime.MountPropagation_PROPAGATION_PRIVATE:
 			options = append(options, "rprivate")
+			// Since default root propogation in runc is rprivate ignore
+			// setting the root propagation
 		case runtime.MountPropagation_PROPAGATION_BIDIRECTIONAL:
 			options = append(options, "rshared")
+			g.SetLinuxRootPropagation("rshared") // nolint: errcheck
 		case runtime.MountPropagation_PROPAGATION_HOST_TO_CONTAINER:
 			options = append(options, "rslave")
+			if g.Spec().Linux.RootfsPropagation != "rshared" &&
+				g.Spec().Linux.RootfsPropagation != "rslave" {
+				g.SetLinuxRootPropagation("rslave") // nolint: errcheck
+			}
 		default:
 			glog.Warningf("Unknown propagation mode for hostPath %q", mount.HostPath)
 			options = append(options, "rprivate")