diff --git a/cr-dump.c b/cr-dump.c
index 37a5847fc..6b0036bb7 100644
--- a/cr-dump.c
+++ b/cr-dump.c
@@ -1326,9 +1326,8 @@ static int collect_pstree(pid_t pid, const struct cr_options *opts)
 			 * Some tasks could have been reparented to
 			 * namespaces' reaper. Check this.
 			 */
-			if (opts->namespaces_flags & CLONE_NEWPID)
-				if (check_subtree(root_item))
-					goto try_again;
+			if (check_subtree(root_item))
+				goto try_again;
 
 			break;
 		}
@@ -1522,7 +1521,7 @@ static int dump_zombies()
 {
 	struct pstree_item *item;
 	int oldfd, ret = -1;
-	int pidns = opts.namespaces_flags & CLONE_NEWPID;
+	int pidns = current_ns_mask & CLONE_NEWPID;
 
 	if (pidns) {
 		oldfd = set_proc_fd(pidns_proc);
@@ -1614,7 +1613,7 @@ static int dump_one_task(struct pstree_item *item)
 		goto err;
 	}
 
-	if (opts.namespaces_flags & CLONE_NEWPID && root_item == item) {
+	if (current_ns_mask & CLONE_NEWPID && root_item == item) {
 		pidns_proc = parasite_get_proc_fd_seized(parasite_ctl);
 		if (pidns_proc < 0) {
 			pr_err("Can't get proc fd (pid: %d)\n", pid);
@@ -1751,15 +1750,15 @@ int cr_dump_tasks(pid_t pid, const struct cr_options *opts)
 	if (cpu_init())
 		goto err;
 
-	if (network_lock())
-		goto err;
-
 	if (write_img_inventory())
 		goto err;
 
 	if (collect_pstree(pid, opts))
 		goto err;
 
+	if (network_lock())
+		goto err;
+
 	if (collect_file_locks(opts))
 		goto err;
 
@@ -1775,7 +1774,7 @@ int cr_dump_tasks(pid_t pid, const struct cr_options *opts)
 	 * If netns isn't dumped, crtools will fail only
 	 * if an unsupported socket will be really dumped.
 	 */
-	if ((opts->namespaces_flags & CLONE_NEWNET) && ret)
+	if ((current_ns_mask & CLONE_NEWNET) && ret)
 		goto err;
 
 	ret = -1;
@@ -1798,8 +1797,8 @@ int cr_dump_tasks(pid_t pid, const struct cr_options *opts)
 	if (dump_pstree(root_item))
 		goto err;
 
-	if (opts->namespaces_flags)
-		if (dump_namespaces(&root_item->pid, opts->namespaces_flags) < 0)
+	if (current_ns_mask)
+		if (dump_namespaces(&root_item->pid, current_ns_mask) < 0)
 			goto err;
 
 	ret = cr_dump_shmem();
diff --git a/cr-restore.c b/cr-restore.c
index 55399e03e..6f84ff01b 100644
--- a/cr-restore.c
+++ b/cr-restore.c
@@ -1162,21 +1162,21 @@ static int restore_root_task(struct pstree_item *init, struct cr_options *opts)
 	 */
 
 	if (init->pid.virt == INIT_PID) {
-		if (!(opts->namespaces_flags & CLONE_NEWPID)) {
+		if (!(current_ns_mask & CLONE_NEWPID)) {
 			pr_err("This process tree can only be restored "
 				"in a new pid namespace.\n"
 				"crtools should be re-executed with the "
 				"\"--namespace pid\" option.\n");
 			return -1;
 		}
-	} else	if (opts->namespaces_flags & CLONE_NEWPID) {
+	} else	if (current_ns_mask & CLONE_NEWPID) {
 		pr_err("Can't restore pid namespace without the process init\n");
 		return -1;
 	}
 
 	futex_set(&task_entries->nr_in_progress, stage_participants(CR_STATE_FORKING));
 
-	ret = fork_with_pid(init, opts->namespaces_flags);
+	ret = fork_with_pid(init, current_ns_mask);
 	if (ret < 0)
 		return -1;
 
@@ -1211,7 +1211,7 @@ out:
 		struct pstree_item *pi;
 		pr_err("Someone can't be restored\n");
 
-		if (opts->namespaces_flags & CLONE_NEWPID) {
+		if (current_ns_mask & CLONE_NEWPID) {
 			/* Kill init */
 			if (root_item->pid.real > 0)
 				kill(root_item->pid.real, SIGKILL);
diff --git a/crtools.c b/crtools.c
index 825e3650d..753a654dd 100644
--- a/crtools.c
+++ b/crtools.c
@@ -32,15 +32,15 @@ static int parse_ns_string(const char *ptr)
 		if (ptr[3] != ',' && ptr[3] != '\0')
 			goto bad_ns;
 		if (!strncmp(ptr, "uts", 3))
-			opts.namespaces_flags |= CLONE_NEWUTS;
+			opts.rst_namespaces_flags |= CLONE_NEWUTS;
 		else if (!strncmp(ptr, "ipc", 3))
-			opts.namespaces_flags |= CLONE_NEWIPC;
+			opts.rst_namespaces_flags |= CLONE_NEWIPC;
 		else if (!strncmp(ptr, "mnt", 3))
-			opts.namespaces_flags |= CLONE_NEWNS;
+			opts.rst_namespaces_flags |= CLONE_NEWNS;
 		else if (!strncmp(ptr, "pid", 3))
-			opts.namespaces_flags |= CLONE_NEWPID;
+			opts.rst_namespaces_flags |= CLONE_NEWPID;
 		else if (!strncmp(ptr, "net", 3))
-			opts.namespaces_flags |= CLONE_NEWNET;
+			opts.rst_namespaces_flags |= CLONE_NEWNET;
 		else
 			goto bad_ns;
 		ptr += 4;
diff --git a/include/crtools.h b/include/crtools.h
index dc395898f..71f99c3ea 100644
--- a/include/crtools.h
+++ b/include/crtools.h
@@ -103,7 +103,7 @@ struct cr_options {
 	bool			tcp_established_ok;
 	bool			evasive_devices;
 	bool			link_remap_ok;
-	unsigned int		namespaces_flags;
+	unsigned int		rst_namespaces_flags;
 	bool			log_file_per_pid;
 	char			*output;
 	char			*root;
diff --git a/namespaces.c b/namespaces.c
index f4cc8f95c..07fe22bce 100644
--- a/namespaces.c
+++ b/namespaces.c
@@ -229,7 +229,7 @@ int dump_namespaces(struct pid *ns_pid, unsigned int ns_flags)
 
 	pr_info("Dumping %d(%d)'s namespaces\n", ns_pid->virt, ns_pid->real);
 
-	if ((opts.namespaces_flags & CLONE_NEWPID) && ns_pid->virt != 1) {
+	if ((ns_flags & CLONE_NEWPID) && ns_pid->virt != 1) {
 		pr_err("Can't dump a pid namespace without the process init\n");
 		return -1;
 	}
diff --git a/net.c b/net.c
index b725aa0f1..03c168fa8 100644
--- a/net.c
+++ b/net.c
@@ -382,7 +382,7 @@ int network_lock(void)
 	pr_info("Lock network\n");
 
 	/* Each connection will be locked on dump */
-	if  (!(opts.namespaces_flags & CLONE_NEWNET))
+	if  (!(current_ns_mask & CLONE_NEWNET))
 		return 0;
 
 	return run_scripts("network-lock");
@@ -392,7 +392,7 @@ void network_unlock(void)
 {
 	pr_info("Unlock network\n");
 
-	if  (!(opts.namespaces_flags & CLONE_NEWNET)) {
+	if  (!(current_ns_mask & CLONE_NEWNET)) {
 		cpt_unlock_tcp_connections();
 		rst_unlock_tcp_connections();
 
diff --git a/parasite-syscall.c b/parasite-syscall.c
index bbbda15da..0941c3912 100644
--- a/parasite-syscall.c
+++ b/parasite-syscall.c
@@ -298,7 +298,7 @@ static int parasite_init(struct parasite_ctl *ctl, pid_t pid, int nr_threads)
 	if (sock == -1) {
 		int rst = -1;
 
-		if (opts.namespaces_flags & CLONE_NEWNET) {
+		if (current_ns_mask & CLONE_NEWNET) {
 			pr_info("Switching to %d's net for tsock creation\n", pid);
 
 			if (switch_ns(pid, &net_ns_desc, &rst))
diff --git a/sk-tcp.c b/sk-tcp.c
index 825f8b8a8..ab2b91c49 100644
--- a/sk-tcp.c
+++ b/sk-tcp.c
@@ -17,6 +17,7 @@
 #include "sk-inet.h"
 #include "netfilter.h"
 #include "image.h"
+#include "namespaces.h"
 
 #include "protobuf.h"
 #include "protobuf/tcp-stream.pb-c.h"
@@ -103,7 +104,7 @@ static int tcp_repair_establised(int fd, struct inet_sk_desc *sk)
 		goto err1;
 	}
 
-	if (!(opts.namespaces_flags & CLONE_NEWNET)) {
+	if (!(current_ns_mask & CLONE_NEWNET)) {
 		ret = nf_lock_connection(sk);
 		if (ret < 0)
 			goto err2;
@@ -122,7 +123,7 @@ static int tcp_repair_establised(int fd, struct inet_sk_desc *sk)
 	return 0;
 
 err3:
-	if (!(opts.namespaces_flags & CLONE_NEWNET))
+	if (!(current_ns_mask & CLONE_NEWNET))
 		nf_unlock_connection(sk);
 err2:
 	close(sk->rfd);
diff --git a/sockets.c b/sockets.c
index f5edd17e4..db12300ab 100644
--- a/sockets.c
+++ b/sockets.c
@@ -425,7 +425,7 @@ int collect_sockets(int pid)
 		} r;
 	} req;
 
-	if (opts.namespaces_flags & CLONE_NEWNET) {
+	if (current_ns_mask & CLONE_NEWNET) {
 		pr_info("Switching to %d's net for collecting sockets\n", pid);
 
 		if (switch_ns(pid, &net_ns_desc, &rst))