Windows has a somewhat new feature where you can spin up a temporary windows sandbox in quick order. The idea being you start a clean win 11 env quickly and isolated from the rest of your system, and as soon as it is closed, everything within the sandbox is purged.
IMO, this is a perfect use case for running the tiny11 script within this sandbox environment for us "precautious" users. I did give this a shot, using the tiny11 core script, however there seemed to be a ton of issues, even though the script did ultimately build a 5 GB win 11 trimmed ISO.
Overall, there are too many log errors to list directly, so I've just attached the entire tiny11.log here. Not sure which of them might just be expected/normal.
One of the first hurdles (and perhaps the main crux?) was that attempting to mount the downloaded win 11 ISO directly within the sandbox would show a README file with the following contents:
This disc contains a "UDF" file system and requires an operating system
that supports the ISO-13346 "UDF" file system specification.
I assumed this to be a limitation of the sandbox env and didn't dig into it very far. Instead, I essentially copied the contents of the ISO to a folder on the host, and mapped that folder to the sandbox using a custom msb config file (see here):
I then used the windows subst command to mount the mapped sandbox folder to a drive letter, since that is what the current script accepts as an input, although I'm sure the script could be modified to avoid us having to perform this step.
Now running the tiny11Coremaker.ps1 script from powershell (after setting exec policy) seems to start running just fine, but you will see dozens of errors popup as it runs the various commands.
One error in particular was related to DISM out-of-memory errors, so I increased the size of the sandbox like so (see here):
There are still plenty of other errors remaining though (see above log file).
In the end, tiny11.iso is generated, however mounting it to a fresh hyper-v VM, while the windows installer does load, it's been stuck at Getting files ready for installation (2%) for hours:
I figured it's not supported to run within the windows sandbox out of the box, but sure would be nice if it did work for those of us who like to run within pristine, isolated, and secure environments.
UPDATE 1:
I re-opened the VM later in the day, after a few host reboots and noticed that the VM was at the OOBE setup pages. Went through the prompts and everything does seem to be working, however I hesitate to say the trimming script did what it needed to do because after OOBE, it immediately started to install updates, which I thought should be disabled? And after updates, finished, I'm seeing edge installed and working, which I also thought would be uninstalled (as well as other components). At the moment, the new win 11 VM is at 27 GB used space, which far exceeds what I expected it to be.
Either way, looks like we could still use some clarification if the script can be configured to work within a windows sandbox.
Windows has a somewhat new feature where you can spin up a temporary windows sandbox in quick order. The idea being you start a clean win 11 env quickly and isolated from the rest of your system, and as soon as it is closed, everything within the sandbox is purged.
IMO, this is a perfect use case for running the tiny11 script within this sandbox environment for us "precautious" users. I did give this a shot, using the tiny11 core script, however there seemed to be a ton of issues, even though the script did ultimately build a 5 GB win 11 trimmed ISO.
Overall, there are too many log errors to list directly, so I've just attached the entire tiny11.log here. Not sure which of them might just be expected/normal.
One of the first hurdles (and perhaps the main crux?) was that attempting to mount the downloaded win 11 ISO directly within the sandbox would show a
READMEfile with the following contents:I assumed this to be a limitation of the sandbox env and didn't dig into it very far. Instead, I essentially copied the contents of the ISO to a folder on the host, and mapped that folder to the sandbox using a custom
msbconfig file (see here):I then used the windows subst command to mount the mapped sandbox folder to a drive letter, since that is what the current script accepts as an input, although I'm sure the script could be modified to avoid us having to perform this step.
Now running the
tiny11Coremaker.ps1script from powershell (after setting exec policy) seems to start running just fine, but you will see dozens of errors popup as it runs the various commands.One error in particular was related to DISM out-of-memory errors, so I increased the size of the sandbox like so (see here):
There are still plenty of other errors remaining though (see above log file).
In the end,
tiny11.isois generated, however mounting it to a fresh hyper-v VM, while the windows installer does load, it's been stuck atGetting files ready for installation (2%)for hours:I figured it's not supported to run within the windows sandbox out of the box, but sure would be nice if it did work for those of us who like to run within pristine, isolated, and secure environments.
UPDATE 1:
I re-opened the VM later in the day, after a few host reboots and noticed that the VM was at the OOBE setup pages. Went through the prompts and everything does seem to be working, however I hesitate to say the trimming script did what it needed to do because after OOBE, it immediately started to install updates, which I thought should be disabled? And after updates, finished, I'm seeing edge installed and working, which I also thought would be uninstalled (as well as other components). At the moment, the new win 11 VM is at 27 GB used space, which far exceeds what I expected it to be.
Either way, looks like we could still use some clarification if the script can be configured to work within a windows sandbox.