History and Evolution

Timeline at a glance

The project began with a practical operator problem, not with a branding goal. On real hosts, there was a gap between two extremes:

• chroot was too weak for reliable process-domain isolation
• many small VMs were often too heavy for everyday service partitioning

The first step was therefore a pragmatic experiment: can NetBSD offer kernel-enforced service boundaries that feel native to the system and remain operationally simple?

Early prototype work showed that this was possible, and that a layered approach made the most sense: kernel policy enforcement, userland control tools, and an operations layer for repeatable workflows.

As implementation and documentation matured, architecture became clearer and more explicit. The model moved from “proof it can run” toward “define stable contracts and safe operations”.

The next big chapter was reality under stress. Load testing forced hard design choices, especially around deep hot-path resource hooks. That phase was important because it reduced accidental complexity:

• keep the robust identity and policy core
• avoid fragile depth until behavior is proven under load

Community feedback then shaped the naming and communication layer. The earlier “Jails” label was repeatedly interpreted as a direct FreeBSD port promise. Renaming to Cells clarified intent:

• same isolation class, but NetBSD-native integration choices
• no 1:1 semantic promise of FreeBSD Jail internals

Roots in the “why NetBSD” mindset

The Cells direction aligns with the same mindset documented in the homeserver series: understand systems end-to-end, reduce accidental complexity, and keep infrastructure explainable.

What this means for current documentation

This documentation reflects the current stable direction:

• kernel trust anchor: secmodel_cell on top of kauth
• clear control-plane split: cellctl, cellmgr, cellui
• deterministic operations via desired/runtime state and reconcile
• explicit call-out of limits and non-goals for shared-kernel isolation

References

• https://www.petermann-digital.de/blog/netbsd-secmodel_jail/
• https://www.petermann-digital.de/blog/netbsd-secmodel_jail-update/
• https://www.petermann-digital.de/blog/jails-for-netbsd/
• https://www.petermann-digital.de/blog/netbsd-cells/
• https://www.petermann-digital.de/blog/netbsd-homeserver/
• https://www.petermann-digital.de/blog/netbsd-homeserver-build/