Alternatives and similar repositories for systemd-sandboxing:

Users that are interested in systemd-sandboxing are comparing it to the libraries listed below

• desbma / shh
  Systemd Hardening Helper - Automatic systemd service hardening guided by strace profiling
  ☆36Updated this week
• synacktiv / shh
  Systemd Hardening Helper - Mirror of https://github.com/desbma/shh
  ☆116Updated 2 weeks ago
• edera-dev / linux-openpax
  Linux kernel source tree with OpenPaX patch
  ☆83Updated 4 months ago
• Cropi / usbguard-notifier
  A tool for detecting usbguard policy and device presence changes
  ☆48Updated 7 months ago
• saravanan30erd / solokey-full-disk-encryption
  Use SoloKey to unlock a LUKS encrypted partition
  ☆31Updated 2 years ago
• Kicksecure / apparmor-profile-everything
  deprecated - maybe replaced by: `apparmor.d`
  ☆87Updated last year
• Kicksecure / sandbox-app-launcher
  An app launcher to start apps in a restrictive sandbox https://www.kicksecure.com/wiki/sandbox-app-launcher
  ☆41Updated last month
• system-transparency / stboot
  Paused mirror. Official repository at https://git.glasklar.is/system-transparency/core/stboot
  ☆112Updated last year
• StarLabsLtd / coreboot-configurator
  A simple GUI to change settings in coreboot's CBFS, via the nvramtool utility.
  ☆86Updated last year
• valoq / bwscripts
  Bubblewrap example scripts
  ☆60Updated this week
• electrickite / sbkeys
  Simple script to generate Secure Boot keys
  ☆14Updated 3 years ago
• brandsimon / verity-squash-root
  Build signed efi binaries which mount a dm-verity verified squashfs image as rootfs on boot.
  ☆24Updated 5 months ago
• mk-fg / apparmor-profiles
  My local AppArmor profiles for apps that can use those
  ☆67Updated last month
• anthraxx / usbctl
  Linux-hardened deny_new_usb control
  ☆21Updated 4 years ago
• krathalan / apparmor-profiles
  Krathalan's AppArmor profiles for Arch Linux
  ☆39Updated 4 months ago
• GrapheneOS / infrastructure
  Shared server infrastructure
  ☆54Updated 2 weeks ago
• authselect / authselect
  Select authentication and indentity profile to use on the system.
  ☆52Updated last month
• jirutka / apk-autoupdate
  Automatic updates for Alpine Linux and other systems using apk-tools
  ☆59Updated 3 months ago
• tych0 / huldufolk
  the userspace side of Linux' CONFIG_STATIC_USERMODEHELPER
  ☆16Updated 11 months ago
• Foxboron / age-plugin-tpm
  TPM 2.0 plugin for age
  ☆88Updated 3 weeks ago
• mricon / patatt
  Patch attestation utility
  ☆29Updated last year
• hughsie / passim
  A local caching server
  ☆96Updated this week
• osresearch / linux-builder
  Scripts to build the Linux kernel from a config file and initrd from a list of programs
  ☆22Updated 2 years ago
• latchset / luksmeta
  ☆25Updated 3 years ago
• blitz / nix-coreboot
  An example of how to package Coreboot in Nix
  ☆18Updated 3 years ago
• Kicksecure / tirdad
  TCP ISN CPU Information Leak Protection. TCP Initial Sequence Numbers Randomization to prevent TCP ISN based CPU Information Leaks.
  ☆48Updated last month
• electrickite / luks-tpm2
  Utility to manage LUKS keys sealed by a TPM 2.0
  ☆50Updated last year
• kpcyrd / pacman-bintrans
  Experimental pacman integration for Reproducible Builds and Binary Transparency (with sigstore/rekor)
  ☆85Updated 7 months ago
• meithecatte / cursedfs
  Make a disk image formatted with both ext2 and FAT at once
  ☆382Updated last year
• dburgener / cascade
  A high level language for SELinux policy
  ☆57Updated last week