@@ -960,3 +960,14 @@ func TestRootWorkdir(t *testing.T) {

 	logDone("run - workdir /")

 }

+

+func TestAllowBindMountingRoot(t *testing.T) {

+	s, _, err := cmd(t, "run", "-v", "/:/host", "busybox", "ls", "/host")

+	if err != nil {

+		t.Fatal(s, err)

+	}

+

+	deleteAllContainers()

+

+	logDone("run - bind mount / as volume")

+}

@@ -132,8 +132,8 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf

 	// add any bind targets to the list of container volumes

 	for bind := range flVolumes.GetMap() {

 		if arr := strings.Split(bind, ":"); len(arr) > 1 {

-			if arr[0] == "/" {

-				return nil, nil, cmd, fmt.Errorf("Invalid bind mount: source can't be '/'")

+			if arr[1] == "/" {

+				return nil, nil, cmd, fmt.Errorf("Invalid bind mount: desination can't be '/'")

 			}

 			// after creating the bind mount we want to delete it from the flVolumes values because

 			// we do not want bind mounts being committed to image configs

@@ -2055,19 +2055,11 @@ func (srv *Server) ContainerStart(job *engine.Job) engine.Status {

 	if len(job.Environ()) > 0 {

 		hostConfig := runconfig.ContainerHostConfigFromJob(job)

 		// Validate the HostConfig binds. Make sure that:

-		// 1) the source of a bind mount isn't /

-		//         The bind mount "/:/foo" isn't allowed.

-		// 2) Check that the source exists

-		//        The source to be bind mounted must exist.

+		// the source exists

 		for _, bind := range hostConfig.Binds {

 			splitBind := strings.Split(bind, ":")

 			source := splitBind[0]

-			// refuse to bind mount "/" to the container

-			if source == "/" {

-				return job.Errorf("Invalid bind mount '%s' : source can't be '/'", bind)

-			}

-

 			// ensure the source exists on the host

 			_, err := os.Stat(source)

 			if err != nil && os.IsNotExist(err) {