seccomp
Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs
| Name | Category | Description |
|---|---|---|
| bind | net-dns | BIND - Berkeley Internet Name Domain - Name Server |
| bind | net-dns | BIND - Berkeley Internet Name Domain - Name Server |
| bind-tools | net-dns | bind tools: dig, nslookup, host, nsupdate, dnssec-keygen |
| chrony | net-misc | NTP client and server programs |
| clsync | app-admin | Live sync tool based on inotify, written in GNU C |
| containerd | app-emulation | A daemon to control runC |
| cri-o | app-emulation | OCI-based implementation of Kubernetes Container Runtime Interface |
| docker | app-emulation | The core functions you need to create Docker images and run Docker containers |
| docker-runc | app-emulation | runc container cli tools (docker fork) |
| elogind | sys-auth | The systemd project's logind, extracted to a standalone package |
| file | sys-apps | identify a file's format by scanning binary data for patterns |
| firejail | sys-apps | Security sandbox for any type of processes |
| firejail-lts | sys-apps | Security sandbox for any type of processes; LTS branch |
| gnome-desktop | gnome-base | Libraries for the gnome desktop that are not part of the UI |
| gnutls | net-libs | A TLS 1.2 and SSL 3.0 implementation for the GNU project |
| img | app-emulation | Standalone daemon-less unprivileged Dockerfile and OCI container image builder |
| kscreenlocker | kde-plasma | Library and components for secure lock screen architecture |
| libreswan | net-vpn | IPsec implementation for Linux, fork of Openswan |
| lldpd | net-misc | Implementation of IEEE 802.1ab (LLDP) |
| lxc | app-emulation | LinuX Containers userspace utilities |