The mount-control interface

The mount-control interface allows the mounting and unmounting of both transient (non-persistent) and persistent filesystem mount points. The interface does not itself create or maintain mount points, but instead permits the snapped application or service to create and maintain its own.

This interface gives privileged access to the device.

Requires snapd version 2.54+.

Interface documentation: See Interface management and Supported interfaces for further details on how interfaces are used.

Developer details

Auto-connect: no
Super-privileged: yes

Attributes:

persistent (plug): defines whether the mount can be persistent or not.
Either true or false. Defaults to false.
type (plug): lists one or more acceptable filesystems for this mount.
Example: [ext2, ext3, ext4]
what (plug): absolute path of what to mount using a matching wildcard.
Example: /dev/sd*
where (plug): either an absolute destination path for the mount, or a starting reference to $SNAP_COMMON or $SNAP_DATA optionally followed by a path. Wildcards are also supported.
Example: /media/$USER/**
options (plug, required): a list of one or more permitted options.
Example: [rw, sync]
namespace (plug): either snap, for locations within the snap, host, for locations outside the snap, or auto to set the namespace according to the where pattern. Defaults to auto.

See AppArmor globbing syntax for details on how the pattern matching and wildcards work.

It’s the responsibility of the snapped application or service to create and maintain a mount point, using either of the following:

the mount command
the mount() system call
an accompanying snapctl mount

The snapctl mount command is the only option for creating a persistent mount point via its --persistent mount option.

Accepted filesystems

The following filesystems are accepted:

aufs, autofs, btrfs, ext2, ext3, ext4, hfs, iso9660, jfs, msdos, ntfs, ramfs, reiserfs, squashfs, tmpfs, ubifs, udf, ufs, vfat, zfs and xfs.

Permitted mount options

The following mount options are permitted:

async, atime, bind, diratime, dirsync, iversion, lazytime, nofail, noiversion, nomand, noatime, nodev, nodiratime, noexec, nolazytime, norelatime, nosuid, nostrictatime, nouser, relatime, strictatime, sync, ro and rw.

Code examples

plugs:
 mntctl:
  interface: mount-control
  mount:
  - what: /dev/sd*
    where: /media/**
    type: [ext2, ext3, ext4]
    options: [rw, sync]
  - what: /usr/**
    where: $SNAP_COMMON/**
    options: [bind]
  - what: /dev/sda{0,1}
    where: $SNAP_COMMON/**
    options: [ro]
  - what: /dev/sdb[0-1]
    where: $SNAP_COMMON/{foo,other,**}
    options: [sync]
apps:
 app:
  plugs: [mntctl]

The test code can be found in the snapd repository: https://github.com/snapcore/snapd/blob/master/interfaces/builtin/mount_control_test.go

The source code for the interface is in the snapd repository: https://github.com/snapcore/snapd/blob/master/interfaces/builtin/mount_control.go

Last updated 1 year, 24 days ago.

Help improve this document in the forum.