fix(passwordless_login): login with ssh key only

for security reason login with password is disabled for user created
during device onboarding
user created will able to login only using ssh key passed via
service info config.

Signed-off: Sayan Paul <[email protected]>

client-linuxapp/src/serviceinfo.rs

@@ -52,6 +52,25 @@ fn set_perm_mode(path: &Path, mode: u32) -> Result<()> {
     Ok(())
 }
 
+fn set_passwordless_login(user: &str) -> Result<()> {
+    let user_info = passwd::Passwd::from_name(user);
+    if user_info.is_none() {
+        bail!("User {} for passwordless login missing", user);
+    }
+    log::info!("Setting passwordless login for user: {}", user);
+    Command::new("passwd")
+        .arg("-d")
+        .arg(user)
+        .spawn()
+        .context("Error spawning passwordless setup command")?
+        .wait()
+        .context(format!(
+            "Error setting up passwordless login for user {}",
+            user
+        ))?;
+    Ok(())
+}
+
 fn install_ssh_key(user: &str, key: &str) -> Result<()> {
     let user_info = passwd::Passwd::from_name(user);
     if user_info.is_none() {
@@ -608,6 +627,8 @@ async fn process_serviceinfo_in(si_in: &ServiceInfo, si_out: &mut ServiceInfo) -
         }
         install_ssh_key(sshkey_user.as_ref().unwrap(), sshkey_key.as_ref().unwrap())
             .context("Error installing SSH key")?;
+        set_passwordless_login(sshkey_user.as_ref().unwrap())
+            .context("Error setting up passwordless login")?;
     }
 
     // Perform RHSM