diff --git a/userspace/ksud/src/cli.rs b/userspace/ksud/src/cli.rs
index b8b77145..51772305 100644
--- a/userspace/ksud/src/cli.rs
+++ b/userspace/ksud/src/cli.rs
@@ -6,7 +6,7 @@ use android_logger::Config;
 #[cfg(target_os = "android")]
 use log::LevelFilter;
 
-use crate::{apk_sign, debug, defs, event, module};
+use crate::{apk_sign, debug, defs, event, module, utils};
 
 /// KernelSU userspace cli
 #[derive(Parser, Debug)]
@@ -147,13 +147,20 @@ pub fn run() -> Result<()> {
         Commands::PostFsData => event::on_post_data_fs(),
         Commands::BootCompleted => event::on_boot_completed(),
 
-        Commands::Module { command } => match command {
-            Module::Install { zip } => module::install_module(&zip),
-            Module::Uninstall { id } => module::uninstall_module(&id),
-            Module::Enable { id } => module::enable_module(&id),
-            Module::Disable { id } => module::disable_module(&id),
-            Module::List => module::list_modules(),
-        },
+        Commands::Module { command } => {
+            #[cfg(any(target_os = "linux", target_os = "android"))]
+            {
+                utils::switch_mnt_ns(1)?;
+                utils::unshare_mnt_ns()?;
+            }
+            match command {
+                Module::Install { zip } => module::install_module(&zip),
+                Module::Uninstall { id } => module::uninstall_module(&id),
+                Module::Enable { id } => module::enable_module(&id),
+                Module::Disable { id } => module::disable_module(&id),
+                Module::List => module::list_modules(),
+            }
+        }
         Commands::Install => event::install(),
         Commands::Sepolicy { command } => match command {
             Sepolicy::Patch { sepolicy } => crate::sepolicy::live_patch(&sepolicy),
diff --git a/userspace/ksud/src/utils.rs b/userspace/ksud/src/utils.rs
index 7a478f96..e72bd95b 100644
--- a/userspace/ksud/src/utils.rs
+++ b/userspace/ksud/src/utils.rs
@@ -96,3 +96,22 @@ pub fn get_zip_uncompressed_size(zip_path: &str) -> Result<u64> {
         .sum();
     Ok(total)
 }
+
+#[cfg(any(target_os = "linux", target_os = "android"))]
+pub fn switch_mnt_ns(pid: i32) -> Result<()> {
+    use anyhow::ensure;
+    use std::os::fd::AsRawFd;
+    let path = format!("/proc/{}/ns/mnt", pid);
+    let fd = std::fs::File::open(path)?;
+    let ret = unsafe { libc::setns(fd.as_raw_fd(), libc::CLONE_NEWNS) };
+    ensure!(ret == 0, "switch mnt ns failed");
+    Ok(())
+}
+
+#[cfg(any(target_os = "linux", target_os = "android"))]
+pub fn unshare_mnt_ns() -> Result<()> {
+    use anyhow::ensure;
+    let ret = unsafe { libc::unshare(libc::CLONE_NEWNS) };
+    ensure!(ret == 0, "unshare mnt ns failed");
+    Ok(())
+}