[Tests] Testcase to ensure deny_remote can't be bypassed with a cup of "sudo tee"

[mcdope]

(for some required knowledge see #39, maybe also #8, and the associated PRs)

We need a testcase for the functional testing to ensure deny_remote can't be bypassed by remote users with stuff like used in #39.

For this a ssh session needs to be done after configuring (deny_remote enabled), testing some sudo command doesn't work, then trying the same like in #39 and verifying that it doesn't work. But guess we can't use vi there since it's interactive....

[mcdope]

Currently the testing REQUIRES deny_remote to be disabled. So this would need to download the generated deb back to the github runner, installing & configuring it there again and then running the test. But that wont work because the missing usb gadget support on the github runner. The test would need to create a user on the runner, configure it for pamusb, connect to our runner, which then connects back by ssh (not using pamusb) and tries to use the "sudo tea".

... annoying.

[mcdope]

Maybe if we use docker container for testing instead of remote host we could use a serial console, which would then allow keeping deny_remote disabled while also having a ssh host to connect to and try the cup of tea...