from the documentation it sounds like it uses namespaces where available, just like containers. chroot otherwise.

I was actually wondering what advantage this has over a container or chroot. The answer is that it actually is one of those under the hood?

I've tested JuNest extensively (with the idea of getting new gcc compiler features on a cluster running an old red hat version).

Unfortunately, JuNest adds a lot more overhead than containers. Specifically, when it comes to high-throughput network applications. At 10GBit an application running on JuNest used several cores at 100%, while without JuNest (underlying red hat) the app was at 10% cpu load (network i/o bound).

All that load was due to PRoot.

Have you tried with Linux namespaces instead of PRoot?

https://github.com/fsquillace/junest#linux-namespaces-based

Yes, it is. Either a magic user-space chroot, a normal chroot or user namespaces.