systemd nowadays has a lot of sandboxing built in [0]! You can achieve jails using just systemd and no separate container manager.
systemd nowadays has a lot of sandboxing built in [0]! You can achieve jails using just systemd and no separate container manager.