Skip to content

Commit

Permalink
[sonic-cfggen]: Use unix socket when reading from DB only if we are u…
Browse files Browse the repository at this point in the history
…sing sudo. (sonic-net#7002)

Closes issue sonic-net#6982.
The issue was root caused as we were using the unix_socket for reading from DB as a default mechanism (sonic-net#5250). The redis unix socket is created as follows.

admin@str--acs-1:~$ ls -lrt /var/run/redis/redis.sock 
srwxrw---- 1 root redis 0 Mar  6 01:57 /var/run/redis/redis.sock
So it used to work fine for the user "root" or if user is part of redis group ( admin was made part of redis group by default )

Check if the user is with sudo permissions then use the redis unix socket, else fallback to tcp socket.
  • Loading branch information
judyjoseph authored and raphaelt-nvidia committed May 13, 2021
1 parent 433a4f4 commit 0c80f47
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions src/sonic-config-engine/sonic-cfggen
Original file line number Diff line number Diff line change
Expand Up @@ -350,10 +350,11 @@ def main():
deep_update(data, json.loads(args.additional_data))

if args.from_db:
use_unix_sock = True if os.getuid() == 0 else False
if args.namespace is None:
configdb = ConfigDBPipeConnector(use_unix_socket_path=True, **db_kwargs)
configdb = ConfigDBPipeConnector(use_unix_socket_path=use_unix_sock, **db_kwargs)
else:
configdb = ConfigDBPipeConnector(use_unix_socket_path=True, namespace=args.namespace, **db_kwargs)
configdb = ConfigDBPipeConnector(use_unix_socket_path=use_unix_sock, namespace=args.namespace, **db_kwargs)

configdb.connect()
deep_update(data, FormatConverter.db_to_output(configdb.get_config()))
Expand Down

0 comments on commit 0c80f47

Please sign in to comment.