[tacacs]: Restore from TACACS backup if present, upon load-minigraph during update-graph action. (#6407)

Why I did it
During upgrade, if config is loaded from minigraph, it would miss TACACS credentials. This leads to device losing remote user accessibility

- How I did it
During update graph, when config is loaded from minigraph, look for TACACS credentials back-up and load that if available

- How to verify it
Remove /etc/sonic/config-db.json, save TACACS credentials in /etc/sonic/tacacs.json and do a Image upgrade. Do image upgrade and boot into new image. Verify remote user access is available.

NOTE: This change is available in master via PR #6285
This commit is contained in:
Renuka Manavalan 2021-01-11 13:57:20 -08:00 committed by GitHub
parent abdbda9435
commit b2e3ba800e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,6 +1,7 @@
#!/bin/bash
CONFIG_DB_INDEX=4
TACACS_JSON_BACKUP=tacacs.json
reload_minigraph()
{
@ -15,6 +16,11 @@ reload_minigraph()
acl-loader update full /etc/sonic/acl.json
fi
config qos reload
if [ -r /etc/sonic/old_config/${TACACS_JSON_BACKUP} ]; then
sonic-cfggen -j /etc/sonic/old_config/${TACACS_JSON_BACKUP} --write-to-db
else
echo "Missing tacacs json to restore tacacs credentials"
fi
DEVICE_TYPE=`sonic-cfggen -m -v DEVICE_METADATA.localhost.type`
if [ "${DEVICE_TYPE}" != "MgmtToRRouter" ]; then
pfcwd start_default