Reply to post: Re: Container == process

2017 – the year of containers! It wasn't? Oops. Maybe next year


Re: Container == process

A chroot is simply changing the root filesystem for the process (shell) that you are running. A container is a process that runs child processes with a different root filesystem and limits access to system calls and resources based on dynamic criteria. Nothing more, nothing less. It's similar in nature to a debugger really. The trick for "containing stuffs" is mimicking the system calls without allowing process to escape and perform functions that will expose global resources.

In FreeBSD ALL process run in Jails. The main process runs in Jail 0.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019