[sonic-cfggen]: Use unix socket when reading from DB only if we are u…

…sing sudo. (sonic-net#7002) Closes issue sonic-net#6982. The issue was root caused as we were using the unix_socket for reading from DB as a default mechanism (sonic-net#5250). The redis unix socket is created as follows. admin@str--acs-1:~$ ls -lrt /var/run/redis/redis.sock srwxrw---- 1 root redis 0 Mar 6 01:57 /var/run/redis/redis.sock So it used to work fine for the user "root" or if user is part of redis group ( admin was made part of redis group by default ) Check if the user is with sudo permissions then use the redis unix socket, else fallback to tcp socket.
raphaelt-nvidia · May 13, 2021 · 0c80f47 · 0c80f47
1 parent 433a4f4
commit 0c80f47
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/src/sonic-config-engine/sonic-cfggen b/src/sonic-config-engine/sonic-cfggen
@@ -350,10 +350,11 @@ def main():
         deep_update(data, json.loads(args.additional_data))
 
     if args.from_db:
+        use_unix_sock = True if os.getuid() == 0 else False
         if args.namespace is None:
-            configdb = ConfigDBPipeConnector(use_unix_socket_path=True, **db_kwargs)
+            configdb = ConfigDBPipeConnector(use_unix_socket_path=use_unix_sock, **db_kwargs)
         else:
-            configdb = ConfigDBPipeConnector(use_unix_socket_path=True, namespace=args.namespace, **db_kwargs)
+            configdb = ConfigDBPipeConnector(use_unix_socket_path=use_unix_sock, namespace=args.namespace, **db_kwargs)
 
         configdb.connect()
         deep_update(data, FormatConverter.db_to_output(configdb.get_config()))