diff --git a/dangerzone/container.py b/dangerzone/container.py
index 5977ba2..b09bd81 100644
--- a/dangerzone/container.py
+++ b/dangerzone/container.py
@@ -5,6 +5,7 @@ import sys
 import pipes
 import shutil
 import json
+import os
 
 # What is the container runtime for this platform?
 if platform.system() == "Darwin":
@@ -66,6 +67,18 @@ def exec_vm(args, vm_info):
     return exec(args)
 
 
+def mount_vm(path, vm_info):
+    basename = os.path.basename(path)
+    normalized_path = f"/home/user/mnt/{basename}"
+    exec_vm(["/usr/bin/sshfs", f"hostbox:{path}", normalized_path], vm_info)
+    return normalized_path
+
+
+def unmount_vm(normalized_path, vm_info):
+    exec_vm(["/usr/bin/fusermount3", normalized_path], vm_info)
+    exec_vm(["/bin/rmdir", normalized_path], vm_info)
+
+
 def exec_container(args, vm_info):
     if container_tech == "dangerzone-vm" and vm_info is None:
         print("--vm-info-path required on this platform")
@@ -113,6 +126,21 @@ def ls(vm_info_path, container_name):
 @click.option("--container-name", default="docker.io/flmcode/dangerzone")
 def documenttopixels(vm_info_path, document_filename, pixel_dir, container_name):
     """docker run --network none -v [document_filename]:/tmp/input_file -v [pixel_dir]:/dangerzone [container_name] document-to-pixels"""
+
+    vm_info = load_vm_info(vm_info_path)
+
+    document_dir = os.path.dirname(document_filename)
+    if vm_info:
+        normalized_document_dir = mount_vm(document_dir, vm_info)
+        normalized_document_filename = os.path.join(
+            normalized_document_dir, os.path.basename(document_filename)
+        )
+        normalized_pixel_dir = mount_vm(pixel_dir, vm_info)
+    else:
+        normalized_document_dir = document_dir
+        normalized_document_filename = document_filename
+        normalized_pixel_dir = pixel_dir
+
     args = ["run", "--network", "none"]
 
     # docker uses --security-opt, podman doesn't
@@ -121,13 +149,19 @@ def documenttopixels(vm_info_path, document_filename, pixel_dir, container_name)
 
     args += [
         "-v",
-        f"{document_filename}:/tmp/input_file",
+        f"{normalized_document_filename}:/tmp/input_file",
         "-v",
-        f"{pixel_dir}:/dangerzone",
+        f"{normalized_pixel_dir}:/dangerzone",
         container_name,
         "document-to-pixels",
     ]
-    sys.exit(exec_container(args, load_vm_info(vm_info_path)))
+    ret = exec_container(args, load_vm_info(vm_info_path))
+
+    if vm_info:
+        unmount_vm(normalized_document_dir, vm_info)
+        unmount_vm(normalized_pixel_dir, vm_info)
+
+    sys.exit(ret)
 
 
 @container_main.command()
@@ -139,23 +173,36 @@ def documenttopixels(vm_info_path, document_filename, pixel_dir, container_name)
 @click.option("--ocr-lang", required=True)
 def pixelstopdf(vm_info_path, pixel_dir, safe_dir, container_name, ocr, ocr_lang):
     """docker run --network none -v [pixel_dir]:/dangerzone -v [safe_dir]:/safezone [container_name] -e OCR=[ocr] -e OCR_LANGUAGE=[ocr_lang] pixels-to-pdf"""
-    sys.exit(
-        exec_container(
-            [
-                "run",
-                "--network",
-                "none",
-                "-v",
-                f"{pixel_dir}:/dangerzone",
-                "-v",
-                f"{safe_dir}:/safezone",
-                "-e",
-                f"OCR={ocr}",
-                "-e",
-                f"OCR_LANGUAGE={ocr_lang}",
-                container_name,
-                "pixels-to-pdf",
-            ],
-            load_vm_info(vm_info_path),
-        )
+    vm_info = load_vm_info(vm_info_path)
+
+    if vm_info:
+        normalized_pixel_dir = mount_vm(pixel_dir, vm_info)
+        normalized_safe_dir = mount_vm(safe_dir, vm_info)
+    else:
+        normalized_pixel_dir = pixel_dir
+        normalized_safe_dir = safe_dir
+
+    ret = exec_container(
+        [
+            "run",
+            "--network",
+            "none",
+            "-v",
+            f"{normalized_pixel_dir}:/dangerzone",
+            "-v",
+            f"{normalized_safe_dir}:/safezone",
+            "-e",
+            f"OCR={ocr}",
+            "-e",
+            f"OCR_LANGUAGE={ocr_lang}",
+            container_name,
+            "pixels-to-pdf",
+        ],
+        vm_info,
     )
+
+    if vm_info:
+        unmount_vm(normalized_pixel_dir, vm_info)
+        unmount_vm(normalized_safe_dir, vm_info)
+
+    sys.exit(ret)
diff --git a/install/vm-builder/etc/init.d/dangerzone b/install/vm-builder/etc/init.d/dangerzone
index 682d9e4..8d83747 100755
--- a/install/vm-builder/etc/init.d/dangerzone
+++ b/install/vm-builder/etc/init.d/dangerzone
@@ -8,6 +8,10 @@ start() {
     # Create user
     /usr/sbin/adduser -D -u 1001 user
 
+	# Make folder for user mounts
+	mkdir /home/user/mnt
+	chown user:user /home/user/mnt
+
 	# Move containers into home dir
 	mkdir -p /home/user/.local/share
 	mv /etc/container-data /home/user/.local/share/containers