console_conf: identity: allow use of prepared host keys fingerprints

In strict snap confinement, sshd config or host keys are not accessible.
If strict confinement is detected, instead allow reuse of
the host keys fingerprints already prepared by invoking process.
Prepared fingerprints are stored in: /run/console-conf/host-fingerprints.txt

Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>

console_conf/controllers/identity.py

@@ -19,6 +19,7 @@ import os
 import pwd
 import shlex
 import sys
+from pathlib import Path
 
 from console_conf.ui.views import IdentityView, LoginView
 from subiquitycore.snapd import SnapdConnection
@@ -116,10 +117,21 @@ def write_login_details(fp, username, ips):
         )
     else:
         first_ip = ips[0]
+        key_info = None
+        if os.getenv("SNAP_CONFINEMENT", "classic") == "strict":
+            # if we run in confinement, we have no direct accesss to host
+            # keys info use prepared finger prints if exist
+            host_fingerprints_path = "/run/console-conf/host-fingerprints.txt"
+            host_fingerprints = Path(host_fingerprints_path)
+            if host_fingerprints.is_file():
+                fingerprints = open(host_fingerprints_path, "r")
+                key_info = fingerprints.read()
+        else:
+            key_info = host_key_info()
         fp.write(
             login_details_tmpl.format(
                 sshcommands=sshcommands,
-                host_key_info=host_key_info(),
+                host_key_info=key_info,
                 tty_name=tty_name,
                 first_ip=first_ip,
                 version=version,