diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index a83423c9f23d..eec9d0c5ac21 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -26,12 +26,12 @@ import (
 	"github.com/containers/common/pkg/config"
 	"github.com/containers/common/pkg/machine"
 	"github.com/containers/common/pkg/netns"
-	"github.com/containers/common/pkg/util"
 	"github.com/containers/podman/v4/libpod/define"
 	"github.com/containers/podman/v4/libpod/events"
 	"github.com/containers/podman/v4/pkg/errorhandling"
 	"github.com/containers/podman/v4/pkg/namespaces"
 	"github.com/containers/podman/v4/pkg/rootless"
+	"github.com/containers/podman/v4/pkg/util"
 	"github.com/containers/podman/v4/utils"
 	"github.com/containers/storage/pkg/lockfile"
 	"github.com/opencontainers/runtime-spec/specs-go"
@@ -134,6 +134,7 @@ func (r *RootlessNetNS) Do(toRun func() error) error {
 		if err != nil {
 			return errors.Wrap(err, "could not get runtime directory")
 		}
+
 		newXDGRuntimeDir := r.getPath(xdgRuntimeDir)
 		// 1. Mount the netns into the new run to keep them accessible.
 		// Otherwise cni setup will fail because it cannot access the netns files.
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 11ec750b171b..8208990caebb 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -135,15 +135,9 @@ func SetXdgDirs() error {
 		return nil
 	}
 
-	// Set up XDG_RUNTIME_DIR
-	runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
-
-	if runtimeDir == "" {
-		var err error
-		runtimeDir, err = util.GetRuntimeDir()
-		if err != nil {
-			return err
-		}
+	runtimeDir, err := util.GetRuntimeDir()
+	if err != nil {
+		return err
 	}
 	if err := os.Setenv("XDG_RUNTIME_DIR", runtimeDir); err != nil {
 		return errors.Wrapf(err, "cannot set XDG_RUNTIME_DIR")
diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go
index 50e4b1b7b170..d99f3403099c 100644
--- a/pkg/util/utils_supported.go
+++ b/pkg/util/utils_supported.go
@@ -61,6 +61,11 @@ func GetRuntimeDir() (string, error) {
 			}
 			runtimeDir = filepath.Join(resolvedHome, "rundir")
 		}
+		runtimeDir, err := filepath.EvalSymlinks(runtimeDir)
+		if err != nil {
+			rootlessRuntimeDirError = fmt.Errorf("cannot resolve runtime dir: %w", err)
+			return
+		}
 		rootlessRuntimeDir = runtimeDir
 	})
 
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index fb785177cd54..a375405f5e84 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -754,4 +754,23 @@ EOF
     done
 }
 
+@test "podman rootless netns work with symlink" {
+    # regression test for https://github.com/containers/podman/issues/14606
+    is_rootless || skip "only meaningful for rootless"
+    if ! readlink /var/run; then
+        skip "/var/run is not a symlink: cannot test this bug"
+    fi
+    NEW_XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR
+    if [[ "${XDG_RUNTIME_DIR:0:8}" != "/var/run" ]]; then
+        if [[ "${XDG_RUNTIME_DIR:0:4}" != "/run" ]]; then
+            skip "XDG_RUNTIME_DIR: \"$XDG_RUNTIME_DIR\" does not point to /run/...: cannot test this bug"
+        fi
+        NEW_XDG_RUNTIME_DIR="/var$XDG_RUNTIME_DIR"
+    fi
+
+    # This only failed with netavark, CNI already worked before the fix.
+    XDG_RUNTIME_DIR="$NEW_XDG_RUNTIME_DIR" run_podman run --network bridge --rm $IMAGE ip a
+    is "$output" ".*eth0.*" "container interface exists in netns"
+}
+
 # vim: filetype=sh