diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index 7a8c6e056..b19eec942 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -1671,6 +1671,18 @@ mknod errno 0
             </para>
           </listitem>
         </varlistentry>
+        <varlistentry>
+          <term>
+            <option>lxc.monitor.unshare</option>
+          </term>
+          <listitem>
+            <para>
+              If not zero the mount namespace will be unshared from the host
+              before initializing the container (before running any pre-start
+              hooks). Default is 0.
+            </para>
+          </listitem>
+        </varlistentry>
         <varlistentry>
           <term>
             <option>lxc.group</option>
diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 1374d4a79..b0274ec4d 100644
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -347,6 +347,9 @@ struct lxc_conf {
 	struct lxc_list groups;
 	int nbd_idx;
 
+	/* unshare the mount namespace in the monitor */
+	int monitor_unshare;
+
 	/* set to true when rootfs has been setup */
 	bool rootfs_setup;
 
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index c2eaaa6ce..ce6786cea 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -103,6 +103,7 @@ static int config_haltsignal(const char *, const char *, struct lxc_conf *);
 static int config_rebootsignal(const char *, const char *, struct lxc_conf *);
 static int config_stopsignal(const char *, const char *, struct lxc_conf *);
 static int config_start(const char *, const char *, struct lxc_conf *);
+static int config_monitor(const char *, const char *, struct lxc_conf *);
 static int config_group(const char *, const char *, struct lxc_conf *);
 static int config_environment(const char *, const char *, struct lxc_conf *);
 static int config_init_cmd(const char *, const char *, struct lxc_conf *);
@@ -173,6 +174,7 @@ static struct lxc_config_t config[] = {
 	{ "lxc.start.auto",           config_start                },
 	{ "lxc.start.delay",          config_start                },
 	{ "lxc.start.order",          config_start                },
+	{ "lxc.monitor.unshare",      config_monitor              },
 	{ "lxc.group",                config_group                },
 	{ "lxc.environment",          config_environment          },
 	{ "lxc.init_cmd",             config_init_cmd             },
@@ -1141,6 +1143,17 @@ static int config_start(const char *key, const char *value,
 	return -1;
 }
 
+static int config_monitor(const char *key, const char *value,
+			  struct lxc_conf *lxc_conf)
+{
+	if(strcmp(key, "lxc.monitor.unshare") == 0) {
+		lxc_conf->monitor_unshare = atoi(value);
+		return 0;
+	}
+	SYSERROR("Unknown key: %s", key);
+	return -1;
+}
+
 static int config_group(const char *key, const char *value,
 		      struct lxc_conf *lxc_conf)
 {
@@ -2483,6 +2496,8 @@ int lxc_get_config_item(struct lxc_conf *c, const char *key, char *retv,
 		return lxc_get_conf_int(c, retv, inlen, c->start_delay);
 	else if (strcmp(key, "lxc.start.order") == 0)
 		return lxc_get_conf_int(c, retv, inlen, c->start_order);
+	else if (strcmp(key, "lxc.monitor.unshare") == 0)
+		return lxc_get_conf_int(c, retv, inlen, c->monitor_unshare);
 	else if (strcmp(key, "lxc.group") == 0)
 		return lxc_get_item_groups(c, retv, inlen);
 	else if (strcmp(key, "lxc.seccomp") == 0)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 69816da23..280484189 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -820,6 +820,18 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
 
 	conf->reboot = 0;
 
+	/* Unshare the mount namespace if requested */
+	if (conf->monitor_unshare) {
+		if (unshare(CLONE_NEWNS)) {
+			SYSERROR("failed to unshare mount namespace");
+			return false;
+		}
+		if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL)) {
+			SYSERROR("Failed to make / rslave at startup");
+			return false;
+		}
+	}
+
 reboot:
 	if (lxc_check_inherited(conf, daemonize, -1)) {
 		ERROR("Inherited fds found");