FICHA · AUR

shh

Automatic systemd service hardening guided by strace profiling

  • systemd hardening CLI
  • CLI
  • Launchable
  • Runs in terminal
official+codex · reviewed · Jun 4, 2026 description in en

Description

Systemd service confinement can be generated from strace-guided profiling to reduce what a service may access. This tool is for administrators hardening known services after observing normal behavior. Incorrect profiles can break production services or miss rare paths, so test units and rollback plans are required.

How to run

shh

Commands: shh

Permissions

Permissions not analysed for this source yet.