Goodbye pledge "tmppath", hello unveil("/tmp", "rwc")! ​

Some observant #OpenBSD users may have noticed developers removing the pledge(2) "tmppath" promise from all base utilities that were using it along with a handful of ports, because this promise, well.. it kinda sucks, and it predates a much better solution: unveil(2).

More info & some backstory in Theo de Raadt's commit.

deraadt@ modified src/{sys,lib}/*: pledge "tmppath" goes away because it sucks. The history is kind of
sad: unveil(2) was invented by Bob Beck and myself because a couple of us struggled and couldn't expand the "tmppath" mechanism to general use.
unveil(2) ended up being kind of "upside down" different, and so we never deleted "tmppath" because the refactorings seemed complicated.
However over the last two weeks, we're removed all the "tmppath" in base pretty easily, and the 18 ports using it have also been fixed.
The majority of situations now use unveil "/tmp" "rwc", unveil "/" "r" or similar, and then pledge "rpath wpath cpath", and this is generally needed to satisfy the mkstemp(3) family of functions in libc.
Use of "tmppath" will now cause pledge(2) to return EINVAL. There is no backwards compatible way of mimic the behaviour correctly using kernel-internal unveil hackery.
Prompted by a report from David Leadbeater; and extensive conversations with beck and semarie.