This bug was initially created as a copy of Bug #1869028

I am copying this bug because: 
This same problem happens with systemd-timedated and systemd-hostnamed. I didn't even need to start the system with the drive attached to cause these to fail.

type=AVC msg=audit(1597520203.016:4706): avc:  denied  { remount } for  pid=13007 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0
type=AVC msg=audit(1597520385.823:4727): avc:  denied  { remount } for  pid=13277 comm="(imedated)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0

Description of problem:
cockpit fails with an exfat volume mounted

Version-Release number of selected component (if applicable):
cockpit-225-1.fc32.x86_64

How reproducible:
always

Steps to Reproduce:
1. Install Fedora 32 with cockpit
2. Mount an exfat volume under /mnt
3. Try to connect to cockpit

Actual results:
page is unavailable. Further investigation shows the service failed.

Expected results:
Cockpit works.

Additional info:
The errors are:
systemd[9510]: cockpit.service: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied
systemd[9510]: cockpit.service: Failed at step NAMESPACE spawning /usr/libexec/cockpit-tls: Permission denied

# systemctl -t service | grep cockpit
● cockpit.service                                       loaded failed failed  Cockpit Web Service                                                          
# umount /mnt
# systemctl restart cockpit
# systemctl -t service | grep cockpit
  cockpit.service                                       loaded active running Cockpit Web Service                                                          
# mount /dev/sdi1 /mnt
# systemctl restart cockpit
# systemctl -t service | grep cockpit
● cockpit.service                                       loaded failed failed  Cockpit Web Service