diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs
index 2e50b55e92..860a5f0c29 100644
--- a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs
+++ b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs
@@ -80,8 +80,8 @@ impl Container {
         let mut inner = self.inner.write().await;
         let toml_config = self.resource_manager.config().await;
         let config = &self.config;
-        amend_spec(&mut spec, toml_config.runtime.disable_guest_seccomp).context("load spec")?;
-
+        let sandbox_pidns = amend_spec(&mut spec, toml_config.runtime.disable_guest_seccomp)
+            .context("load spec")?;
         // handler rootfs
         let rootfs = self
             .resource_manager
@@ -143,7 +143,7 @@ impl Container {
             storages,
             oci: Some(spec),
             guest_hooks: None,
-            sandbox_pidns: false,
+            sandbox_pidns,
             rootfs_mounts: vec![],
         };
 
@@ -373,7 +373,7 @@ impl Container {
     }
 }
 
-fn amend_spec(spec: &mut oci::Spec, disable_guest_seccomp: bool) -> Result<()> {
+fn amend_spec(spec: &mut oci::Spec, disable_guest_seccomp: bool) -> Result<bool> {
     // hook should be done on host
     spec.hooks = None;
 
@@ -390,6 +390,8 @@ fn amend_spec(spec: &mut oci::Spec, disable_guest_seccomp: bool) -> Result<()> {
             resource.network = None;
         }
 
+        // Host pidns path does not make sense in kata. Let's just align it with
+        // sandbox namespace whenever it is set.
         let mut ns: Vec<oci::LinuxNamespace> = Vec::new();
         for n in linux.namespaces.iter() {
             match n.r#type.as_str() {
@@ -399,9 +401,27 @@ fn amend_spec(spec: &mut oci::Spec, disable_guest_seccomp: bool) -> Result<()> {
         }
 
         linux.namespaces = ns;
+
+        return Ok(handle_pid_namespace(&linux.namespaces));
     }
 
-    Ok(())
+    Ok(false)
+}
+
+// handle_pid_namespace checks if Pid namespace for a container needs to be shared with its sandbox
+// pid namespace.
+fn handle_pid_namespace(namespaces: &[oci::LinuxNamespace]) -> bool {
+    for n in namespaces.iter() {
+        match n.r#type.as_str() {
+            oci::PIDNAMESPACE => {
+                if !n.path.is_empty() {
+                    return true;
+                }
+            }
+            _ => continue,
+        }
+    }
+    false
 }
 
 #[cfg(test)]