Suricata

Hey,
during Debian packaging of Suricata 8 I discovered, that with landlock active, the hyperscan cache folder /var/lib/suricata/cache/sgh is not auto-added to the list of writeable landlock folders. This leads to the following warning when starting Suricata for the first time:

Warning: mpm-hs: Failed to create Hyperscan cache folder, make sure the  parent folder is writeable or adjust sgh-mpm-caching-path setting (/var/lib/suricata/cache/sgh) [SCHSCacheRuleset:util-mpm-hs.c:840]

Because other important folders are added automatically to landlock, I think this behaviour can be improved upstream by one of this ways:
- Either explicitly pre-defining /var/lib/suricata in the suricata.yaml landlock write folder list (commented out)
- Or patching Suricata to automatically add this folder to the landlock write folders like it is for /var/log/suricata or /var/lib/suricata/rules

For the first option, which we use in Debian for now, I did some small patch: https://github.com/e-cite/suricata/commit/c421c5e1be82013cbb420b42cf2bbdefcadddcf6
For the second option, I have no idea how to do that in the code and would need some help for that. But probably this would be the better way to optimize this.

Thanks and regards!
Andreas