samples/landlock: Enable users to log sandbox denials

By default, denials from within the sandbox are not logged.  Indeed, the
sandboxer's security policy might not be fitted to the set of sandboxed
processes that could be spawned (e.g. from a shell).

For test purpose, parse the LL_FORCE_LOG environment variable to log
every sandbox denials, including after launching the initial sandboxed
program thanks to LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON.

Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-20-mic@digikod.net


[mic: Remove inappropriate hunk]
Signed-off-by: Mickaël Salaün <mic@digikod.net>