checkroot is an openSUSE equivalent of debsums. It enables retrieval of fingerprint updates online, allowing trusted verification of a root filesystem. This prevents a cracker from hiding his traces from "rpm --verify -a". If the verification fails, checkroot can download the package header containing the md5sums online. Alternatively, all md5sums can be fetched online (if you mistrust some of the fingerprints/private keys the locally stored md5sums are signed with).
debcheckroot is a tool that retrieves file checksums online or from read only media. It provides trusted verification of your root file system at least as far as you can trust your Internet connection or your verification medium (DVD, BD, etc.). Unlike debsums, it doesn't rely on locally stored md5sums which can be modified by an attacker along with the files themselves. It also provides cleaner and better structured output, and can spot files added to your system by someone else.
confinedrv creates a new device node /sdx under /dev/mapper which mirrors the given base drive with certain partitions faded out and other partitions limited to read-only or read-write access. It is commonly used to safely boot an existing OS installation with Qemu or any other virtualization software from the same hard disk as the host operating system has been booted from.