#include <err.h>
#include <fcntl.h>
#include <libgen.h>
#include <stdlib.h>
#include <stdio.h>
#include <sys/capsicum.h>
#include <unistd.h>


int main(int argc, char **argv)
{
	cap_rights_t rights;
	int fd, dir_fd, error, unlink_fd;
	char frompath[] = "/tmp/from.XXXXXXX";

	fd = mkstemp(frompath);
	if (fd < 0) {
		err(1, "Failed to create from");
	}
	close(fd);

	dir_fd = open("/tmp", O_RDONLY);
	if (dir_fd < 0) {
		err(1, "Failed to open /tmp");
	}

	cap_rights_init(&rights, CAP_LOOKUP);
	error = cap_rights_limit(dir_fd, &rights);
	if (error != 0) {
		err(1, "cap_rights_limit() failed");
	}

	unlink_fd = open("/tmp", O_RDONLY);
	if (unlink_fd < 0) {
		err(1, "Failed to open /tmp");
	}

	cap_rights_init(&rights, CAP_UNLINKAT);
	error = cap_rights_limit(unlink_fd, &rights);
	if (error != 0) {
		err(1, "cap_rights_limit() failed");
	}

	cap_enter();

	error = unlinkat(dir_fd, basename(frompath), 0);
	if (error != 0) {
		warn("Got expected error on unlink");
	}

	error = unlinkat(unlink_fd, basename(frompath), 0);
	if (error != 0) {
		err(1, "Got error cleaning up tmp file");
	}

	return (0);
}