Alternatives and similar repositories for systemd-sandboxing

Users that are interested in systemd-sandboxing are comparing it to the libraries listed below

• Kicksecure / apparmor-profile-everything
  deprecated - maybe replaced by: `apparmor.d`
  ☆84Updated last year
• Kicksecure / sandbox-app-launcher
  An app launcher to start apps in a restrictive sandbox https://www.kicksecure.com/wiki/sandbox-app-launcher
  ☆41Updated 3 months ago
• Cropi / usbguard-notifier
  A tool for detecting usbguard policy and device presence changes
  ☆48Updated 3 weeks ago
• lenovo / thinklmi
  Utility for easy access to BIOS WMI settings
  ☆41Updated 8 months ago
• anthraxx / usbctl
  Linux-hardened deny_new_usb control
  ☆21Updated 4 years ago
• electrickite / luks-tpm2
  Utility to manage LUKS keys sealed by a TPM 2.0
  ☆51Updated last year
• valoq / bwscripts
  Bubblewrap example scripts
  ☆62Updated 2 months ago
• edera-dev / linux-openpax
  Linux kernel source tree with OpenPaX patch
  ☆92Updated last month
• saravanan30erd / solokey-full-disk-encryption
  Use SoloKey to unlock a LUKS encrypted partition
  ☆31Updated 2 years ago
• synacktiv / shh
  Systemd Hardening Helper - Mirror of https://github.com/desbma/shh
  ☆123Updated last week
• system-transparency / system-transparency
  Mirror only. Official repository at https://git.glasklar.is/system-transparency/core/system-transparency
  ☆87Updated 2 months ago
• ximion / btrfsd
  Tiny Btrfs maintenance daemon
  ☆22Updated 10 months ago
• latchset / luksmeta
  ☆25Updated 3 years ago
• rhuefi / qemu-ovmf-secureboot
  Script to generate an OVMF vars file with default secure boot key enrolled.
  ☆89Updated 2 years ago
• julian-klode / sicherboot
  Unmaintained systemd-boot integration with secure boot support; consider https://github.com/Foxboron/sbctl instead.
  ☆33Updated 4 years ago
• mricon / patatt
  Patch attestation utility
  ☆29Updated last year
• GrapheneOS / infrastructure
  Shared server infrastructure
  ☆60Updated this week
• flatpak / xdg-dbus-proxy
  ☆66Updated 8 months ago
• kpcyrd / archlinux-userland-fs-cmp
  Forensic tool to read all installed packages from a mounted Arch Linux drive and compare the filesystem to a trusted source
  ☆34Updated last year
• blitz / nix-coreboot
  An example of how to package Coreboot in Nix
  ☆18Updated 4 years ago
• mjec / khefin
  A simple way to generate password-proteceted secrets from a FIDO2 authenticator with the hmac-secret extension
  ☆54Updated 2 years ago
• krathalan / apparmor-profiles
  Krathalan's AppArmor profiles for Arch Linux
  ☆39Updated 6 months ago
• systemd / mkosi-initrd
  Build initrd images using mkosi and distro packages
  ☆40Updated last year
• kpcyrd / libredefender
  Imagine the information security compliance guideline says you need an antivirus but you run Arch Linux
  ☆123Updated last year
• mk-fg / systemd-cgroup-nftables-policy-manager
  Tool to add/update nftables cgroupv2 rules for systemd-managed unit cgroups (slices, services, scopes)
  ☆14Updated last week
• Dasharo / dasharo-issues
  The Dasharo issue tracker
  ☆26Updated this week
• system76 / coreboot-collector
  Utility for collecting valuable information for coreboot
  ☆23Updated last month
• mk-fg / apparmor-profiles
  My local AppArmor profiles for apps that can use those
  ☆69Updated 3 months ago
• Dasharo / docs
  Scalable, modular, and easy to combine BIOS firmware technology without boundaries on processor architecture.
  ☆42Updated this week
• StarLabsLtd / coreboot-configurator
  A simple GUI to change settings in coreboot's CBFS, via the nvramtool utility.
  ☆89Updated last year