image: T5455: Add migration of SSH known_hosts files during image upgrade

During upgrade, the script now checks if any `known_hosts` files exist.
If so, it prompts the user to save these SSH fingerprints, and upon
confirmation, copies the files to the new image persistence directory.

Author: alexandr-san4ez

src/op_mode/image_installer.py

@@ -19,6 +19,7 @@
 
 from argparse import ArgumentParser, Namespace
 from pathlib import Path
+from pwd import getpwall
 from shutil import copy, chown, rmtree, copytree, disk_usage
 from glob import glob
 from sys import exit
@@ -715,6 +716,20 @@ def copy_ssh_host_keys() -> bool:
     return False
 
 
+def copy_ssh_known_hosts() -> bool:
+    """Ask user to copy SSH `known_hosts` files
+
+    Returns:
+        bool: user's decision
+    """
+    known_hosts_files = get_known_hosts_files()
+    msg = (
+        'Would you like to save the SSH known hosts (fingerprints) '
+        'from your current configuration?'
+    )
+    return known_hosts_files and ask_yes_no(msg, default=True)
+
+
 def console_hint() -> str:
     pid = getppid() if 'SUDO_USER' in environ else getpid()
     try:
@@ -1010,6 +1025,41 @@ def install_image() -> None:
         exit(1)
 
 
+def get_known_hosts_files() -> list:
+    """Collect all existing `known_hosts` files for root and users under /home"""
+
+    files = []
+
+    # for root
+    base_files = ('/root/.ssh/known_hosts', '/etc/ssh/ssh_known_hosts')
+    for file_path in base_files:
+        root_known_hosts = Path(file_path)
+        if root_known_hosts.exists():
+            files.append(root_known_hosts)
+
+    # for each non-system user
+    for user in getpwall():
+        home_dir = Path(user.pw_dir)
+        # skip system users
+        if home_dir.exists() and home_dir.as_posix().startswith('/home'):
+            known_hosts = home_dir / '.ssh' / 'known_hosts'
+            if known_hosts.exists():
+                files.append(known_hosts)
+
+    return files
+
+
+def migrate_known_hosts(target_dir: str):
+    """Copy `known_hosts` for root and all users to the new image directory"""
+
+    known_hosts_files = get_known_hosts_files()
+    for known_hosts_file in known_hosts_files:
+        # copy file to target directory
+        target_known_hosts = Path(f'{target_dir}{known_hosts_file}')
+        target_known_hosts.parent.mkdir(parents=True, exist_ok=True)
+        copy(known_hosts_file, target_known_hosts)
+
+
 @compat.grub_cfg_update
 def add_image(image_path: str, vrf: str = None, username: str = '',
               password: str = '', no_prompt: bool = False, force: bool = False) -> None:
@@ -1115,6 +1165,11 @@ def add_image(image_path: str, vrf: str = None, username: str = '',
             for host_key in host_keys:
                 copy(host_key, target_ssh_dir)
 
+        target_ssh_known_hosts_dir: str = f'{root_dir}/boot/{image_name}/rw'
+        if no_prompt or copy_ssh_known_hosts():
+            print('Copying SSH known hosts')
+            migrate_known_hosts(target_ssh_known_hosts_dir)
+
         # copy system image and kernel files
         print('Copying system image files')
         for file in Path(f'{DIR_ISO_MOUNT}/live').iterdir():