[[!template id=project

title="support jails-like features"

contact="""
[tech-kern](mailto:tech-kern@NetBSD.org)
"""

mentors="""
[Jean-Yves Migeon](mailto:jym@NetBSD.org)
"""

category="kernel"
difficulty="hard"

description="""
Today a number of OS provide some form of kernel-level virtualization that offer
better isolation mechanisms that the traditional (yet more portable)
&chroot(2). Currently, NetBSD lacks functionality in this field; there have been
multiple attempts ([gaols](http://2008.asiabsdcon.org/papers/P3A-paper.pdf),
[mult](http://2008.asiabsdcon.org/papers/P5A-paper.pdf)) to implement a
jails-like system, but none so far has been integrated in base.

The purpose of this project is to study the various implementations found
elsewhere (FreeBSD Jails, Solaris Zones, Linux Containers/VServers, ...), and
eventually see their plus/minus points. An additional step would be to see how
this can be implemented the various architectural improvements NetBSD gained,
especially rump(3) and kauth(9).

Caution: this is a research project.
"""
]]