Thanks for writing this up. I do have a number of suggestions to bring this more in line with the other rewritten ujust scripts.

For most of the ujust toggle scripts, we've been switching over to ujust set-* [on|off|status] in place of ujust toggle-*; I think it would be good to follow that pattern here. See ujust set-unconfined-userns for a simple example of this. This also makes it easier to invoke the script from another script or from other Python code.

In this case, I think it would make sense to have "random" or "stable" as arguments that can be passed directly in place of just "on". That way, the script can be run non-interactively, e.g. as ujust set-mac-randomization stable or ujust set-mac-randomization off. A "status" argument is also useful and should print something indicating the current status, while "help" or "--help" should print usage info.

If the script is called without arguments, it should prompt the user which mode ("stable", "random", or "off") to select. The inquirer Python module is installed on secureblue and provides a nice interface for "select from these multiple options" prompts like this.

Additionally, for other similar ujust scripts, we're using the sandbox module (defined in files/system/usr/libexec/secureblue) to separate the unprivileged and privileged parts of ujust scripts, and run the privileged part with minimal permissions using systemd sandboxing. (The privileged script goes in the inner subdirectory.)

In this case, I think only writing or deleting the conf file needs to be handled by the privileged script, and it should just need write access to /etc/NetworkManager/conf.d; toggling the network connection can be done unprivileged, and all interactive prompts should be unprivileged too.

Left a few nits. Looking good!