plugin_unsafe_dir_owner
Diagnostic `nanook::plugin::unsafe_dir_owner`
Summary
plugin dir `{0}` is owned by uid {1}, expected {2}
Help
chown {2} {0}, or set [plugins].strict = false to disable the check
Details
When this fires
safety::DirCheck::run_platform saw a [plugins].dirs entry whose owning uid doesn't match the running uid. Default posture ([plugins].strict = true) refuses dirs the agent's user doesn't own, since anyone who can write into that dir can trivially substitute a malicious cdylib. The error underlines the offending dir entry in your TOML and prints both uids. Hits at agent startup, before any cdylib is opened.
What to check
chown the dir to the uid running nanook (often nanook:nanook or whatever your unit file uses). If the dir is system-wide and read-only, drop the agent's privileges to match. For dev loops, [plugins].strict = false disables both this check and the world-writable one.