A while ago I started pacman and pacbub for file system isolation of pacman packages. pacpak and pacbub are dead now. They were the wrong approach for user space isolation. It all gets too hacky. It’s not KISS. I don’t like it anymore and would rather use GNU Guix for isolating users’ applications.
Note that if you want to fine-tune a sandbox for a single application, bubblewrap is great. However, what I wanted is that I can install the GNOME packages in one tree and then create other trees out of it, for example one with gnome-maps and one with gnome-2048, but without redownloading all files and wasting disk space. Inheriting from another filesystem tree is what gets ugly because pacman and Arch packages are not designed for that – it probably works somewhat except for the pacman database but it’s too hacky.
Guix is still pretty unstable and containerization support (e.g. `guix environment --container --ad-hoc coreutils`) currently is ugly too (compared to bubblewrap) but at least its basic design and intended use seem right for it.
I am sorry for choosing the wrong path with Flatpak+pacman and bubblewrap+pacman and being slow at that too. It would have been much more work than I had hoped for and I don’t want to maintain a cluster of hacks.