fix: add recovery user home dir to selinux policy

ic-os/components/guestos/selinux/ic-node/ic-node.fc

@@ -17,6 +17,8 @@
 /var/lib/admin                              -d gen_context(system_u:object_r:user_home_dir_t,s0)
 /var/lib/readonly                           -d gen_context(system_u:object_r:user_home_dir_t,s0)
 /var/lib/backup                             -d gen_context(system_u:object_r:user_home_dir_t,s0)
+/var/lib/recovery                           -d gen_context(system_u:object_r:user_home_dir_t,s0)
 /var/lib/admin/.ssh(/.*)?                      gen_context(system_u:object_r:ssh_home_t,s0)
 /var/lib/readonly/.ssh(/.*)?                   gen_context(system_u:object_r:ssh_home_t,s0)
 /var/lib/backup/.ssh(/.*)?                     gen_context(system_u:object_r:ssh_home_t,s0)
+/var/lib/recovery/.ssh(/.*)?                   gen_context(system_u:object_r:ssh_home_t,s0)

ic-os/components/ssh/setup-ssh-user-keys/setup-ssh-user-keys-guestos.sh

@@ -18,15 +18,15 @@ copy_ssh_keys() {
 
 # Create home directories
 echo "Creating user home directories"
-for ACCOUNT in backup readonly admin; do
+for ACCOUNT in backup readonly admin recovery; do
     HOMEDIR=$(getent passwd "${ACCOUNT}" | cut -d: -f6)
     echo "Creating home directory for ${ACCOUNT}: ${HOMEDIR}"
     mkdir -p "${HOMEDIR}"
 done
 
 # Setup SSH keys
 echo "Setting up SSH keys for accounts"
-for ACCOUNT in backup readonly admin; do
+for ACCOUNT in backup readonly admin recovery; do
     HOMEDIR=$(getent passwd "${ACCOUNT}" | cut -d: -f6)
     GROUP=$(id -ng "${ACCOUNT}")
 

rs/ic_os/config/types/src/lib.rs

@@ -156,7 +156,7 @@ pub struct ICOSSettings {
     /// wrapper from the `ic_sev` crate, as this cannot be faked by a malicious HostOS.
     #[serde(default)]
     pub enable_trusted_execution_environment: bool,
-    /// This ssh keys directory contains individual files named `admin`, `backup`, `readonly`.
+    /// This ssh keys directory contains individual files named `admin`, `backup`, `readonly`, `recovery`.
     /// The contents of these files serve as `authorized_keys` for their respective role account.
     /// This means that, for example, `accounts_ssh_authorized_keys/admin`
     /// is transferred to `~admin/.ssh/authorized_keys` on the target system.