From 70b16a5ab9a4160b74b3eefdc832307d4b9a4128 Mon Sep 17 00:00:00 2001
From: Michael Crosby <crosbymichael@gmail.com>
Date: Thu, 29 Sep 2016 15:20:21 -0700
Subject: [PATCH] Remove check for binding to /

In order to mount root filesystems inside the container's mount
namespace as part of the spec we need to have the ability to do a bind
mount to / as the destination.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
---
 libcontainer/rootfs_linux.go      | 3 ---
 libcontainer/rootfs_linux_test.go | 8 --------
 2 files changed, 11 deletions(-)

diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
index aeb4388578d..7f951c8eac6 100644
--- a/libcontainer/rootfs_linux.go
+++ b/libcontainer/rootfs_linux.go
@@ -306,9 +306,6 @@ func getCgroupMounts(m *configs.Mount) ([]*configs.Mount, error) {
 // checkMountDestination checks to ensure that the mount destination is not over the top of /proc.
 // dest is required to be an abs path and have any symlinks resolved before calling this function.
 func checkMountDestination(rootfs, dest string) error {
-	if libcontainerUtils.CleanPath(rootfs) == libcontainerUtils.CleanPath(dest) {
-		return fmt.Errorf("mounting into / is prohibited")
-	}
 	invalidDestinations := []string{
 		"/proc",
 	}
diff --git a/libcontainer/rootfs_linux_test.go b/libcontainer/rootfs_linux_test.go
index f70e10bebe0..f2453e2b2d3 100644
--- a/libcontainer/rootfs_linux_test.go
+++ b/libcontainer/rootfs_linux_test.go
@@ -32,14 +32,6 @@ func TestCheckMountDestFalsePositive(t *testing.T) {
 	}
 }
 
-func TestCheckMountRoot(t *testing.T) {
-	dest := "/rootfs"
-	err := checkMountDestination("/rootfs", dest)
-	if err == nil {
-		t.Fatal(err)
-	}
-}
-
 func TestNeedsSetupDev(t *testing.T) {
 	config := &configs.Config{
 		Mounts: []*configs.Mount{