More safety about writing output harvests/manifests to safe locations, including SOPS and diff.

2026-06-22 12:21:33 +10:00 · 2026-06-22 12:21:33 +10:00 · 21a3ef3447
commit 21a3ef3447
parent 3feba9a9f2
7 changed files with 384 additions and 56 deletions
--- a/tests/test_cli_helpers.py
+++ b/tests/test_cli_helpers.py
@ -243,3 +243,20 @@ def test_confirm_root_path_safety_force_skips_prompt(monkeypatch):
    )

    cli._confirm_root_path_safety(force=True)
+
+
+def test_unsafe_root_path_reasons_flags_non_root_owned_dir(tmp_path: Path, monkeypatch):
+    from enroll import cli
+
+    non_root_owned = tmp_path / "user-bin"
+    non_root_owned.mkdir()
+    if hasattr(os, "geteuid") and os.geteuid() == 0:
+        try:
+            os.chown(non_root_owned, 65534, -1)
+        except OSError:
+            pass
+
+    monkeypatch.setattr(cli, "_is_effective_root", lambda: True)
+    reasons = cli._unsafe_root_path_reasons(str(non_root_owned))
+
+    assert any("not owned by root" in reason for reason in reasons)