Errors or typos? Topics missing? Hard to read? Let us know or open an issue on GitHub.
See also:
mount, How to share data with an instance
In Multipass, a mount is a directory mapping from the host to an instance, making its contents, and changes therein, available on both ends.
In Multipass, there are two types of mounts: classic (default) and native.
Classic mounts
Classic mounts use SSHFS (SSH File System) to achieve file/directory sharing. This option is available across all our backends.
SSHFS is based on SSH, which pays a performance penalty to achieve secure communication.
Native mounts
Native mounts use driver-dependent technologies to achieve the high performance. They are only available in the following cases:
- On Hyper-V, where they are implemented with SMB/CIFS.
- On QEMU, where they are implemented with 9P.
- On LXD, using that backend’s own mounts, which also rely on 9P.
See also: Driver (backend) - Feature disparities
Security considerations
Because mounts are performed as root – unless installed via snap, see below – they allow write access to the whole host operating system. But since only privileged users (members of sudo, wheel, admin groups) can use Multipass, this isn’t a concern on Linux.
If Multipass is installed via snap package, snap confinement prevents mounts outside of the /home directory (and to hidden files/folders in the /home directory) and possibly, removable media (depending on connected interfaces). Still, a user (A) with access to Multipass could still access mounts that a different user (B) was able to establish to B’s home directory (that is, outside of A’s home).
Because mounts are performed as root, they allow write access to the whole host operating system. But since only privileged users (members of sudo, wheel, admin groups) can use Multipass, this isn’t a concern on macOS.
Because mounts are performed as privileged users (SYSTEM on Windows), they allow write access to the whole host operating system.
For historical reasons, mounts are disabled by default on Windows, even though in the current version of Multipass users need to authenticate with the daemon before it will service their requests.