Firejail is a “container” - FreeBSD (and maybe Net and Open) have had “jails” for decades, and IBM has has had containers even longer, and Solaris has had them since Solaris 10 (maybe circa 2007?)… Pretty sure a “chroot” is a type of container too…
My understanding, having come from primarily Solaris Containers (also called Zones) - in many cases they might be using he same kernel the “global zone” that “booted” the container - unless - you’re using Branded Zones, e.g. Solaris 8 and 9 on Solaris 10, or Solaris 10 containers on Solaris 11. Solaris / Sun / Oracle HyperVisor (hardware based virtualization - like ESX, or ProxMox, or KVM or XEN) runs (or can run) on ALL “T” series Oracle / Sun servers (and blades) - it gets confusing because you can’t always know whether a host is a Solaris zone, a “Global” zone, a dedicated LDOM (hardware virtualized) or running on bare metal…
I think Docker emerged out of LXC / LXD - and in many caes, the containers were using the same kernel as the hosting container daemon… Not sure how closely Docker follows that model, I’d suggest not too closely, as you can e.g. run a Red Hat Linux 8 docker container on Ubuntu 20.04, and don’t think Red Hat would be happy not using an “EL” kernel like on CentOS and Red Hat and Oracle Linux…
In my day to day job, I constantly get people expecting me to be a guru on Docker, but I’m not - the best I can do is maybe prune some orphaned containers… Most times - what’s inside docker containers (in many cases they seem to spawn multiple instances - and I don’t know why) is a mysterious black box and I don’t have the means to poke inside it. It’s all DevOPSy stuff - that “developers” have deployed - but as is often the case, the developers move on (or customer stops paying the developer for ongoing support), don’t provide any documentation, and BAU / Infrastructure get saddled with day to day support.
Connecting from the host or global container on FreeBSD and Solaris is relatively straightforward.
FreeBSD (and FreeNAS / TrueNAS) :
x@baphomet ~ jls
JID IP Address Hostname Path
1 rslsync /mnt/BARGEARSE/iocage/jails/rslsync/root
x@baphomet ~ sudo jexec 1 /bin/tcsh
root@rslsync:/ #
On Solaris - maybe something like “zoneadm list -cv
”, to get a list of running containers, then (as root) “zlogin $CONTAINER
”.
My last “adventure” with ProxMox (well over 5 years ago - maybe even 10?) I tried out their containers - seemed like a nice idea - a Web UI to manage containers…