This program likes passing files around by name. Before entering capability mode, we:
1, Open the temporary files directory
2, Make a cap_fileargs service for all the input files
3, Make another cap_fileargs service for the output files. Sort can write to the specified output file, as well as a temporary outfile in the same directory, in case the output file is also an input file
4, Open the outfile directory, with rename and unlink rights, so the program can rename the temporary outfile to be the real one
5, If --compress-program is specified, open a cap_exec service so that the program can call the provided compression program

Most of the changes are centered around openfile() in file.c. The rest are minor, like changing unlink() calls to unlinkat()s and such.

Unfortunately sort(1)'s test suite is currently for NetBSD's version of the program and isn't compatible with this one. When testing manually, important options to look at include -S (limits memory buffer size, so the program is forced to use temp files) and --compress-program (only used when creating temp files - compresses the temp data using the provided program).

Depends on D24327