landlock: use "landlock.fs." prefix in filesystem commands

Since Landlock ABI v4 it is possible to restrict actions related to the
network and potentially more areas will be added in the future.

So use `landlock.fs.` as the prefix in the current filesystem-related
commands (and later `landlock.net.` for the network-related commands) to
keep them organized and to match what is used in the kernel.

Examples of filesystem and network access flags:

* `LANDLOCK_ACCESS_FS_EXECUTE`: Execute a file.
* `LANDLOCK_ACCESS_FS_READ_DIR`: Open a directory or list its content.
* `LANDLOCK_ACCESS_NET_BIND_TCP`: Bind a TCP socket to a local port.
* `LANDLOCK_ACCESS_NET_CONNECT_TCP`: Connect an active TCP socket to a
  remote port.

Relates to #6078.

1 files changed, 28 insertions, 28 deletions

diff --git a/etc/inc/landlock-common.inc b/etc/inc/landlock-common.inc
index 694d447b5..e147963a6 100644
--- a/etc/inc/landlock-common.inc
+++ b/etc/inc/landlock-common.inc
@@ -2,38 +2,38 @@
 # Persistent customizations should go in a .local file.
 include landlock-common.local
 
-landlock.read /          # whole system read
-landlock.read /proc
-landlock.makeipc /       # sockets etc.
+landlock.fs.read /          # whole system read
+landlock.fs.read /proc
+landlock.fs.makeipc /       # sockets etc.
 
 # write access
-landlock.write ${HOME}
-landlock.write ${RUNUSER}
-landlock.write /dev
-landlock.write /proc
-landlock.write /run/shm
-landlock.write /tmp
+landlock.fs.write ${HOME}
+landlock.fs.write ${RUNUSER}
+landlock.fs.write /dev
+landlock.fs.write /proc
+landlock.fs.write /run/shm
+landlock.fs.write /tmp
 
 # exec access
 ## misc
-landlock.execute /opt
-landlock.execute /run/firejail # appimage and various firejail features
+landlock.fs.execute /opt
+landlock.fs.execute /run/firejail # appimage and various firejail features
 ## bin
-landlock.execute /bin
-landlock.execute /sbin
-landlock.execute /usr/bin
-landlock.execute /usr/sbin
-landlock.execute /usr/games
-landlock.execute /usr/local/bin
-landlock.execute /usr/local/sbin
-landlock.execute /usr/local/games
+landlock.fs.execute /bin
+landlock.fs.execute /sbin
+landlock.fs.execute /usr/bin
+landlock.fs.execute /usr/sbin
+landlock.fs.execute /usr/games
+landlock.fs.execute /usr/local/bin
+landlock.fs.execute /usr/local/sbin
+landlock.fs.execute /usr/local/games
 ## lib
-landlock.execute /lib
-landlock.execute /lib32
-landlock.execute /libx32
-landlock.execute /lib64
-landlock.execute /usr/lib
-landlock.execute /usr/lib32
-landlock.execute /usr/libx32
-landlock.execute /usr/lib64
-landlock.execute /usr/local/lib
+landlock.fs.execute /lib
+landlock.fs.execute /lib32
+landlock.fs.execute /libx32
+landlock.fs.execute /lib64
+landlock.fs.execute /usr/lib
+landlock.fs.execute /usr/lib32
+landlock.fs.execute /usr/libx32
+landlock.fs.execute /usr/lib64
+landlock.fs.execute /usr/local/lib