Allow / as source of -v

We discussed this at the docker plumbers meetup and for tools and working on the system for things like boot2docker and coreos this is needed. You can already bypass this check so we felt it is ok to start allowing this feature. Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael) Upstream-commit: e39b8eade1f42503b6b7217e72eff4c8fdc13cb6 Component: engine
2014-06-26 10:50:18 -07:00
parent 6b9f5d4f5c
commit cb56a2df49
3 changed files with 14 additions and 11 deletions
--- a/components/engine/integration-cli/docker_cli_run_test.go
+++ b/components/engine/integration-cli/docker_cli_run_test.go
@ -960,3 +960,14 @@ func TestRootWorkdir(t *testing.T) {

 	logDone("run - workdir /")
 }
+
+func TestAllowBindMountingRoot(t *testing.T) {
+	s, _, err := cmd(t, "run", "-v", "/:/host", "busybox", "ls", "/host")
+	if err != nil {
+		t.Fatal(s, err)
+	}
+
+	deleteAllContainers()
+
+	logDone("run - bind mount / as volume")
+}
--- a/components/engine/runconfig/parse.go
+++ b/components/engine/runconfig/parse.go
@ -132,8 +132,8 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf
 	// add any bind targets to the list of container volumes
 	for bind := range flVolumes.GetMap() {
 		if arr := strings.Split(bind, ":"); len(arr) > 1 {
-			if arr[0] == "/" {
-				return nil, nil, cmd, fmt.Errorf("Invalid bind mount: source can't be '/'")
+			if arr[1] == "/" {
+				return nil, nil, cmd, fmt.Errorf("Invalid bind mount: desination can't be '/'")
 			}
 			// after creating the bind mount we want to delete it from the flVolumes values because
 			// we do not want bind mounts being committed to image configs
--- a/components/engine/server/server.go
+++ b/components/engine/server/server.go
@ -2055,19 +2055,11 @@ func (srv *Server) ContainerStart(job *engine.Job) engine.Status {
 	if len(job.Environ()) > 0 {
 		hostConfig := runconfig.ContainerHostConfigFromJob(job)
 		// Validate the HostConfig binds. Make sure that:
-		// 1) the source of a bind mount isn't /
-		//         The bind mount "/:/foo" isn't allowed.
-		// 2) Check that the source exists
-		//        The source to be bind mounted must exist.
+		// the source exists
 		for _, bind := range hostConfig.Binds {
 			splitBind := strings.Split(bind, ":")
 			source := splitBind[0]

-			// refuse to bind mount "/" to the container
-			if source == "/" {
-				return job.Errorf("Invalid bind mount '%s' : source can't be '/'", bind)
-			}
-
 			// ensure the source exists on the host
 			_, err := os.Stat(source)
 			if err != nil && os.IsNotExist(err) {