Can you clarify what "full-blown standalone Linux" means? It sounds like running a separate kernel, but since we're talking containers rather than VMs, this can't be it.
It uses: X-namespaces (network, pid, user, ...) and cgroups to separate those userspaces from each other.
I have community server running debian in which there are 10+ LXC containers running in which people are given normal root access, one container per user.
It uses: X-namespaces (network, pid, user, ...) and cgroups to separate those userspaces from each other.
I have community server running debian in which there are 10+ LXC containers running in which people are given normal root access, one container per user.