don't include linux/prctl.h On some libc implementations (at least musl) linux/prctl.h conflicts with sys/prctl.h as they both define the same structs. Fixes the build on alpine linux; reported by omni on IRC, thanks! ok thomas

dropping unused includes

fix landlock usage: handled_access_fs must list all actions The ruleset's handled_access_fs has to list all the defined actions because otherwise missing ones are implicitly permitted. Thus, the previous version ended up allowing "almost everything" except reading files. Original diff from Mickaël Salaün, thanks! ok thomas

s/ENOTSUP/EOPNOTSUPP/ linux defines these errors to the same values, but the landlock doc uses `EOPNOTSUPP' consistently. Spotted initially by brynet@ and reminded by Mickaël Salaün, thanks! ok thomas

portable: add support for landlock landlock is a new set of linux APIs that is conceptually similar to unveil(2): the idea is to restrict what a process can do on a specified part of the filesystem. There are some differences in the behaviour: the major one being that the landlock ruleset is inherited across execve(2). This just restricts the libexec helpers by completely revoking ANY filesystem access; after all they are the biggest attack surface. got send/fetch/clone *may* end up spawning ssh(1), so at the moment is not possible to landlock the main process. From Omar Polo.