diff --git a/src/core/execute.c b/src/core/execute.c
index 5ed7ded7eb5..e19f3821184 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2029,6 +2029,12 @@ bool exec_needs_network_namespace(const ExecContext *context) {
         return context->private_network || context->network_namespace_path;
 }
 
+static bool exec_needs_ipc_namespace(const ExecContext *context) {
+        assert(context);
+
+        return context->private_ipc || context->ipc_namespace_path;
+}
+
 bool exec_needs_mount_namespace(
                 const ExecContext *context,
                 const ExecParameters *params,
@@ -2077,8 +2083,7 @@ bool exec_needs_mount_namespace(
             context->protect_control_groups ||
             context->protect_proc != PROTECT_PROC_DEFAULT ||
             context->proc_subset != PROC_SUBSET_ALL ||
-            context->private_ipc ||
-            context->ipc_namespace_path)
+            exec_needs_ipc_namespace(context))
                 return true;
 
         if (context->root_directory) {
@@ -3601,7 +3606,7 @@ static int apply_mount_namespace(
                         .protect_system = context->protect_system,
                         .protect_proc = context->protect_proc,
                         .proc_subset = context->proc_subset,
-                        .private_ipc = context->private_ipc || context->ipc_namespace_path,
+                        .private_ipc = exec_needs_ipc_namespace(context),
                         /* If NNP is on, we can turn on MS_NOSUID, since it won't have any effect anymore. */
                         .mount_nosuid = context->no_new_privileges && !mac_selinux_use(),
                 };
@@ -4847,7 +4852,7 @@ static int exec_child(
                         log_unit_warning(unit, "PrivateNetwork=yes is configured, but the kernel does not support network namespaces, ignoring.");
         }
 
-        if ((context->private_ipc || context->ipc_namespace_path) && runtime && runtime->ipcns_storage_socket[0] >= 0) {
+        if (exec_needs_ipc_namespace(context) && runtime && runtime->ipcns_storage_socket[0] >= 0) {
 
                 if (ns_type_supported(NAMESPACE_IPC)) {
                         r = setup_shareable_ns(runtime->ipcns_storage_socket, CLONE_NEWIPC);
@@ -6846,7 +6851,7 @@ static int exec_runtime_make(
         assert(id);
 
         /* It is not necessary to create ExecRuntime object. */
-        if (!exec_needs_network_namespace(c) && !c->private_ipc && !c->private_tmp) {
+        if (!exec_needs_network_namespace(c) && !exec_needs_ipc_namespace(c) && !c->private_tmp) {
                 *ret = NULL;
                 return 0;
         }
@@ -6865,7 +6870,7 @@ static int exec_runtime_make(
                         return -errno;
         }
 
-        if (c->private_ipc || c->ipc_namespace_path) {
+        if (exec_needs_ipc_namespace(c)) {
                 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, ipcns_storage_socket) < 0)
                         return -errno;
         }