Build failure: landlock 0.4.5 API incompatibility (BitFlags<AccessFs> migration)

[Svtter]

Summary

crab-sandbox fails to compile with the latest landlock = "0.4" (resolves to 0.4.5). The landlock crate made a breaking change within the 0.4.x series: AccessFs methods now return BitFlags<AccessFs> instead of AccessFs, and RulesetHandle has been removed.

Errors

error[E0432]: unresolved import `landlock::RulesetHandle`
error[E0599]: no method named `add_rules` found for struct `RulesetCreated`  (needs `RulesetCreatedAttr` trait in scope)
error[E0308]: mismatched types — expected `AccessFs`, found `BitFlags<AccessFs, u64>`
error[E0599]: no associated function `from_all` found for `AccessFs` (needs `Access` trait in scope)

Root Cause

Cargo.toml declares landlock = "0.4", which now resolves to 0.4.5. The landlock crate changed:

1. from_all() / from_read() / from_write() on AccessFs now return BitFlags<AccessFs> instead of AccessFs
2. RulesetHandle type removed entirely
3. add_rules() method requires RulesetCreatedAttr trait to be in scope
4. from_all() requires Access trait to be in scope

Fix

See the associated PR. Changes are confined to crates/sandbox/src/backend/landlock.rs:

• Import Access, BitFlags, RulesetCreatedAttr from landlock
• Remove unused RulesetHandle import
• Change path_access_to_landlock return type to BitFlags<AccessFs>
• Remove incorrect .into() calls

Environment

• OS: Debian 6.1.153-1 (x86_64)
• Rust: 1.96.0
• landlock crate resolved: 0.4.5