Recently got it working for OpenCode and updated my post.
Someone pointed out to me that having the .git directory mounted read/write in the sandbox could be a problem. So I'm considering only mounting src/ and project metadata (including git) being read only.
You really need to use the `--new-session` parameter, by the way. It's unfortunate that this isn't the default with bwrap.
Hey man- sorry for the lack of recognition. Timing is a bit of luck. Good writeup!
w/r/t .git being mounted read write- yeah, there's risk here. It's a tradeoff. I want my agents to be able to commit code- which means they need to be able to write to the dir.
Thanks for the --new-session parameter suggestion. Great add!
Recently got it working for OpenCode and updated my post.
Someone pointed out to me that having the .git directory mounted read/write in the sandbox could be a problem. So I'm considering only mounting src/ and project metadata (including git) being read only.
You really need to use the `--new-session` parameter, by the way. It's unfortunate that this isn't the default with bwrap.