Is there a way on linux today to launch a docker container or systemd service in a minimal vm for isolation? Something like clear containers? Itd be great to have something like the virtualised lsass on linux.
Follow
@firstyear I don’t know if this is the type of thing you need, but I’ve discovered some long term things in Linux I didn’t realize:
Namespaces. (Which other things such as docker use)
You can isolate networks etc for a process tree. I use this to have isolated and multiple VPNs on a single box for multiple users.
I think you can namespace other resources too (such as memory) but haven’t experimented with that part.
