Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces. It currently implements hostname, filesystem, PID, IPC, and networking stack isolation, and it runs on any recent Linux system. It includes a sandbox profile for Mozilla Firefox. Firejail also expands the restricted shell facility found in bash by adding Linux namespace support. It supports sandboxing specific users upon login. The software also includes a small monitoring utility, firemon.
confinedrv creates a new device node /sdx under /dev/mapper which mirrors the given base drive with certain partitions faded out and other partitions limited to read-only or read-write access. It is commonly used to safely boot an existing OS installation with Qemu or any other virtualization software from the same hard disk as the host operating system has been booted from.
kvm-simple-init can perform the following actions on a KVM machine: start, stop, kill, and restart. It focuses on simplicity, and is fully implemented in just a few hundred lines of shell script. It is intended for people who do not want to run libvirt just for running a few VMs, or people who prefer to manage flat configuration files using their preferred configuration management system. It does not provide complicated configuration file format or parameters. Only two pieces of information are needed: a QEMU monitor port for the machine and the full KVM command line needed to start the machine (gives full configuration freedom). kvm-simple-init can be used directly as a system init script for starting all KVM machines on a host machine. Just drop it in /etc/init.d, and enable it with the tools provided by your UNIX distribution. kvm-simple-init was inspired by the init script of FreeBSD jails.
Q-Tubes is a Web-based QEMU/KVM machine manager in Python built around the Pyramid Web framework. Its goal is to allow management of QEMU/KVM networks across single host instances, and ultimately across server farms. It supports minimal VM instances with disk support and basic network configuration (no user-space network yet), and basic VDE switch configurations. It provides a WSGI interface for deployment behind WSGI-aware servers, or provides its own basic server (python-waitress) for simple instances. The application is under steady development and has a moderate number of (Python) dependencies. Installation in a virtualenv is strongly recommended. It requires QEMU/KVM, VDE, and Python 2.7 or later.
UCS is a reliable, pre-configured Linux server operating system featuring: Active Directory-like domain services compatible with Microsoft Active Directory; a mature and easy-to-use Web-based management system for user, rights, and infrastructure management; a scalable underlying concept suited for single server scenarios as well as to run and manage thousands of clients and servers for thousands of users within one single UCS domain; an app center providing single-click installation and integration of many business applications from 3rd parties and Univention; management capabilities to manage Linux- and UNIX-based clients; and command line, scripting interfaces, and APIs for automatization and extension. Its purpose is to provide Microsoft Server-like services on the cloud or on the premises, to run and operate corporate IT environments with Windows- and Linux-based clients, and to extend those environments with proven enterprise software.
Collax V-Cube+ is a HA cluster management suite based on a 64bit Linux system and KVM to provide server virtualization. It offers solutions for single virtualization hosts, as well as high availability management on two or more nodes, allowing embedded HA storage using DRBD and iSCSI. By using live snapshots, automatic live migration, and incremental backups, the availability of virtual machines is increased tremendously in case of hardware and software maintenance or even hardware failures. Virtual network switches and the protocols GVRP, LLDP, and RSTP help to set up a virtual DMZ.
WebVirtMgr is a libvirt-based Web interface for managing virtual machines. It allows you to create and configure new domains, and adjust a domain's resource allocation. A VNC viewer over a SSH tunnel presents a full graphical console to the guest domain. KVM is currently the only hypervisor supported.
Nuxis is an integrated solution for virtualization management. Some of its features are centralized management of nodes/physical machines and virtual machines, management of virtual networks, storage management, ISO management, monitoring and statistics charts, backup/restore of appliance configurations, import from and export to other virtualization systems using the OVF format, access control, support for multiple operating systems on 32-bit and 64-bit architectures, including Linux and Windows, paravirtualized hardware acceleration drivers, live migrate, PXE boot, Web management, storage management with LVM, and more.