Bump landlock from 0.4.4 to 0.4.5 in /lbx-init

[dependabot]

Bumps landlock from 0.4.4 to 0.4.5.

Release notes

Sourced from landlock's releases.

v0.4.5

See crate's metadata and related documentation.

What's Changed

See summary in CHANGELOG.md

• Bump dependencies and add SoftRequirement test for scope() by @​l0kod in landlock-lsm/rust-landlock#118
• Update to Linux 6.15 and add errata interface by @​l0kod in landlock-lsm/rust-landlock#119
• Rename set_no_new_privs() to no_new_privs() by @​l0kod in landlock-lsm/rust-landlock#122
• Fix bare matches!() assertions in ruleset tests by @​l0kod in landlock-lsm/rust-landlock#123
• Improve errata test debuggability by @​l0kod in landlock-lsm/rust-landlock#124
• Bump GitHub actions by @​l0kod in landlock-lsm/rust-landlock#125
• Update dependencies by @​l0kod in landlock-lsm/rust-landlock#126
• Add ABI v7: log flags by @​l0kod in landlock-lsm/rust-landlock#120
• Bump to v0.4.5 by @​l0kod in landlock-lsm/rust-landlock#127

Full Changelog: landlock-lsm/rust-landlock@v0.4.4...v0.4.5

Changelog

Sourced from landlock's changelog.

v0.4.5

New API

• Added support for Landlock ABI 7: control audit logging behavior with log_same_exec(), log_new_exec() (domain-specific), and log_subdomains() (shared between RulesetCreated and RestrictSelf) ([PR #120](landlock-lsm/rust-landlock#120)).
• Added RestrictSelf builder for calling landlock_restrict_self() without creating a Landlock domain (e.g., muting subdomain audit logs).
• Extended RestrictionStatus with three new public fields (log_same_exec, log_new_exec, log_subdomains) reporting the effective audit-logging flag state after restrict_self() and apply().
• Added Erratum bitflags enum and Erratum::current() for querying fixed kernel bugs before building a ruleset ([PR #119](landlock-lsm/rust-landlock#119)).

Deprecated API

Deprecate the set_no_new_privs() method and replace it with no_new_privs() ([PR #122](landlock-lsm/rust-landlock#122)).

Dependencies

• Bumped MSRV to Rust 1.71.

Testing

• Extended CI to test against Linux 6.15.
• Added errata tests verifying the From<ABI> mapping matches CI kernel errata.
• Added SoftRequirement test coverage for scope() and restrict_self flags.
• Added try_compat_binary() unit tests for the binary compat dispatch.

Example

• Synced the sandboxer example with the kernel's sandboxer.c:

... (truncated)

Commits

• 6b13cc4 lib: Bump to v0.4.5
• bd31957 src: Update audit documentation
• 43128a1 sandboxer: Sync with kernel's sandboxer.c
• 5487d8f restrict_self: Add RestrictSelf builder for domain-less flag application
• 1ab0f9f ci,src: Handle Landlock ABI v7
• a1a8a63 cargo: Update dependencies
• 1ca46f5 ci: Bump actions
• f10ab05 errata: Improve errata_up_to_date debuggability
• 7c90836 tests: Fix bare matches!() assertions
• b6eb422 ruleset: Rename set_no_new_privs() and extract NNP helper
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Looks like landlock is up-to-date now, so this is no longer needed.