[ macOS support ]Ok, I've spent the last couple of days figuring this out, and I think I have something that works. One drawback is that destroying sandboxes will take a long time, as we need to wait until 'diskutil unmount' will complete for /System mounts, even though the are read-only. On my Mac Studio this takes around 100 seconds, but if you try to force the unmount at any point this appears to be the main cause of SIGBUS errors in subsequent sandboxes.
If you build from current trunk: $ cargo install --git https://github.com/jperkin/boband let me know how it goes. You will need MacFUSE and bindfs installed. Feel free to keep it off-list if necessary, you'll probably need a few iterations of setting things up with bootstrap kits and mandatory variables etc.
Thanks, -- Jonathan Perkin pkgsrc.smartos.org Open Source Complete Cloud www.tritondatacenter.com