I was going through an article to build containers from scratch without using docker just by making use of linux system calls like chroot, unshare, nsenter, etc.
Does docker internally a wrapper around these system calls, it seems like docker exec is not using nsenter as per this answer
If docker is using these calls which golang binary is it using to have these system calls.
Or docker is a wrapper around lxc but it don't seems to me as per this answer
Can anyone point me out the exact low level stuff (system calls/lxc,etc) that docker is currently using to build a container.
Docker is not a wrapper around LXC. Back in the old days it did use an LXC-based mechanism for starting containers, but that was replaced by a native implementation.
As Docker is an open source project, you can see exactly what it's doing by browsing through the source (which has since been renamed "moby").
The actual creation of containers is handled by the libcontainer component.