[tacacs]: Restore from TACACS backup if present, upon load-minigraph during update-graph action. (#6407)
Why I did it During upgrade, if config is loaded from minigraph, it would miss TACACS credentials. This leads to device losing remote user accessibility - How I did it During update graph, when config is loaded from minigraph, look for TACACS credentials back-up and load that if available - How to verify it Remove /etc/sonic/config-db.json, save TACACS credentials in /etc/sonic/tacacs.json and do a Image upgrade. Do image upgrade and boot into new image. Verify remote user access is available. NOTE: This change is available in master via PR #6285
This commit is contained in:
parent
abdbda9435
commit
b2e3ba800e
@ -1,6 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
CONFIG_DB_INDEX=4
|
||||
TACACS_JSON_BACKUP=tacacs.json
|
||||
|
||||
reload_minigraph()
|
||||
{
|
||||
@ -15,6 +16,11 @@ reload_minigraph()
|
||||
acl-loader update full /etc/sonic/acl.json
|
||||
fi
|
||||
config qos reload
|
||||
if [ -r /etc/sonic/old_config/${TACACS_JSON_BACKUP} ]; then
|
||||
sonic-cfggen -j /etc/sonic/old_config/${TACACS_JSON_BACKUP} --write-to-db
|
||||
else
|
||||
echo "Missing tacacs json to restore tacacs credentials"
|
||||
fi
|
||||
DEVICE_TYPE=`sonic-cfggen -m -v DEVICE_METADATA.localhost.type`
|
||||
if [ "${DEVICE_TYPE}" != "MgmtToRRouter" ]; then
|
||||
pfcwd start_default
|
||||
|
Loading…
Reference in New Issue
Block a user