Sure that's because the package manager is container-aware (and NixOS is very cool -- don't get me wrong), but the distinction is that on Solaris all system tools are Zone-aware (including things like DTrace which would require specifically an in-kernel container concept because you need to be able to aggregate by container and there isn't any in-kernel data to aggregate on in Linux -- and no, cgroup IDs aren't sufficient).