kamil Modern container and sandbox system APIs (equivalent in functionality to namespaces, cgroups, etc)
Yes, that would be great.
As I said in another topic, the possibility to run Docker containers on NetBSD would be incredible, especially if a NetBSD node could be integrated in a Kubernetes cluster, just like Windows-powered nodes. I think NetBSD is a great fit for containers both as host OS and as a container OS.
Also, since NetBSD can run Linux binaries through the syscalls translation, it could even become possible to run Linux containers on a NetBSD host. But, hey, I'm daydreaming now. 😄
kamil systemd-nspawn a homegrown replacement
nspawn is a great feature, but to be honest, kamil, I'd prefer that the nspawn features would be ported to the chroot command. Since UNIX systems already has such facility, I think improving it would be a better strategy than rewrite another tool that is doing the same (no, well, actually it's not doing the same thing, but the result is mostly that).
Since you have more knowledge and visibility of the NetBSD's chroot implementation than I am, do you think that improving it by introducing the same capabilities of nspawn (without destroying backwards compatibility, I guess) would be possibile, or it would be better to write a specific tool, like systemd developers did?