qyliss changed the topic of #spectrum to: A compartmentalized operating system | https://spectrum-os.org/ | Logs: https://logs.spectrum-os.org/spectrum/
<qyliss> hyperfekt: did you have working sandboxing in crosvm?
<qyliss> seccomping, I mean
<qyliss> Progress! Got crosvm to start, sandboxed with minijail (the default, upstream ships seccomp policies). It ran a kernel until it panicked because it didn't have a rootfs.
<qyliss> So next step is to generate a root file system with Nix
<qyliss> Which I will hopefully need to do almost nothing for