snap-update-ns fails to construct a layout in /etc/test-snapd/foo when /etc/test-snapd exists

I tried the following layout:

layout:
    /etc/test-snapd/test-snapd-core16:
        type: tmpfs

With the host /etc modified to contain a non-empty structure in /etc/test-snapd/

This failed as follows:

    cannot update snap namespace: cannot write to "/etc/test-snapd/test-snapd-core16" because it would affect the host in "/etc/test-snapd"

Looking at the debug log I found some useful bits that are worth reproducing here:

    trespassing.go:183: DEBUG: trespassing violated "/etc" while striving to "/etc/test-snapd/test-snapd-core16"
    trespassing.go:183: DEBUG: trespassing violated "/etc/test-snapd" while striving to "/etc/test-snapd/test-snapd-core16"

Between the two errors you can see the system constructing a writable mimic at /etc/. I suspect the problem is that both /etc and /etc/test-snapd *existed* up front so after constructing the mimic /etc/test-snapd was also a view into the ext4 directory. This prevents the system from creating /etc/test-snapd/test-snapd-core16 without affecting the real /etc/test-snapd.

I think the ensurePath logic needs to be adjusted to go deeper into the tree if that is possible. Here I would expect the perfect solution would be to craft a writable mimic at /etc/test-snapd rather than at /etc.