Announcing Lochs: FreeBSD Containers for Linux
Today we're open-sourcing Lochs — a tool that brings FreeBSD's jail containerization to Linux, powered by real-time syscall translation. No VMs, no overhead.
AnnouncementBSDulator Phase 3: VNET Networking is Live
We've completed virtual network isolation using Linux namespaces to emulate FreeBSD's VNET. Full host-to-jail and jail-to-jail connectivity now works.
EngineeringHow BSDulator Translates 500+ Syscalls
A technical deep dive into ptrace-based syscall interception, ABI translation, and the challenges of mapping FreeBSD's kernel interface to Linux.
Deep DiveThe TLS Bug That Took Three Days to Find
Thread Local Storage initialization timing is everything. Writing the thread pointer too early causes BSS zeroing to wipe critical data. Here's how we debugged it.
War StoryJID Synchronization: When Parent Overwrites Child
Structure alignment between simplified and actual jail structures caused incorrect data interpretation. Fixing it required rethinking our entire state management approach.
EngineeringBuilding Docker Compose for FreeBSD Jails
How we implemented multi-container orchestration with YAML parsing, dependency resolution, and automatic network creation in prison.yml.
FeatureWhy FreeBSD Jails Deserve a Second Look
VNET virtual networking, Capsicum capability-based security, and native ZFS integration — FreeBSD's security model has advantages Docker can't match.
OpinionLochs vs Docker: What's Actually Different?
They solve similar problems with fundamentally different approaches. Here's an honest comparison of security models, performance, and developer experience.
Comparison