Split LinuxDerivationBuilder

This restores doing seccomp/personality initialization even when
sandboxing is disabled.

https://hydra.nixos.org/build/298482132

src/libstore/unix/build/linux-derivation-builder.cc

@@ -154,6 +154,18 @@ static void doBind(const Path & source, const Path & target, bool optional = fal
 }
 
 struct LinuxDerivationBuilder : DerivationBuilderImpl
+{
+    using DerivationBuilderImpl::DerivationBuilderImpl;
+
+    void enterChroot() override
+    {
+        setupSeccomp();
+
+        linux::setPersonality(drv.platform);
+    }
+};
+
+struct ChrootLinuxDerivationBuilder : LinuxDerivationBuilder
 {
     /**
      * Pipe for synchronising updates to the builder namespaces.
@@ -190,7 +202,7 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl
      */
     std::optional<Path> cgroup;
 
-    using DerivationBuilderImpl::DerivationBuilderImpl;
+    using LinuxDerivationBuilder::LinuxDerivationBuilder;
 
     void deleteTmpDir(bool force) override
     {
@@ -772,11 +784,7 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl
         if (rmdir("real-root") == -1)
             throw SysError("cannot remove real-root directory");
 
-        // FIXME: move to LinuxDerivationBuilder
-        setupSeccomp();
-
-        // FIXME: move to LinuxDerivationBuilder
-        linux::setPersonality(drv.platform);
+        LinuxDerivationBuilder::enterChroot();
     }
 
     void setUser() override