[TACACS] Fix TACACS config revert to old config when device reboot issue.

[liuh-80]

Fix TACACS config revert to old config when device reboot issue.

Why I did it

Fix following bug:

1. When SONiC OS upgrade, old TACACS config will save to /etc/sonic/old_config/tacacs.json
2. After device reboot, TACACS config service (https://github.com/sonic-net/sonic-buildimage/blob/master/files/build_templates/tacacs-config.service) will restore TACACS config from /etc/sonic/old_config/tacacs.json, but this file will keep no change after restore TACACS config.
3. If TACACS service changed by user, because of Update README.md #2, if device reboot again, the TACACS config been reverted back to old config in /etc/sonic/old_config/tacacs.json

Note: the TACACS config does not revert immediately after reboot, it will delay 5min 30sec:
https://github.com/sonic-net/sonic-buildimage/blob/master/files/build_templates/tacacs-config.timer

Work item tracking

• Microsoft ADO (number only):32338799

How I did it

Move /etc/sonic/old_config/tacacs.json to /etc/sonic/old_config/tacacs.json_backup

How to verify it

Pass all test case.
Manually verify with following steps:

admin@vlab-01:~$ show tacacs
TACPLUS global auth_type login
TACPLUS global timeout 5 (default)
TACPLUS global passkey testing123

TACPLUS_SERVER address 10.250.0.102
priority 1
tcp_port 49

admin@vlab-01:~$ echo '

{
"TACPLUS": {"global": { "auth_type": "login", "passkey": "12345" } }
}' > /etc/sonic/old_config/tacacs.json
admin@vlab-01:~$ cat /etc/sonic/old_config/tacacs.json

{
"TACPLUS": {"global": { "auth_type": "login", "passkey": "12345" } }
}

// then reboot device and wait for 6 minutes, because the TACACS config service will delay 5min 30sec after reboot:
https://github.com/sonic-net/sonic-buildimage/blob/master/files/build_templates/tacacs-config.timer

admin@vlab-01:$ ls /etc/sonic/old_config/tacacs.json
ls: cannot access '/etc/sonic/old_config/tacacs.json': No such file or directory
admin@vlab-01:$ show tacacs
TACPLUS global auth_type login
TACPLUS global timeout 5 (default)
TACPLUS global passkey 12345

TACPLUS_SERVER address 10.250.0.102
priority 1
tcp_port 49

Which release branch to backport (provide reason below if selected)

• 201811
• 201911
• 202006
• 202012
• 202106
• 202111
• 202205
• 202211
• 202305

Tested branch (Please provide the tested image version)

Description for the changelog

Fix TACACS config revert to old config when device reboot issue.

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

[mssonicbld]

/azp run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[liuh-80]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[qiluo-msft]

Change tacacs config file name, so tacacs config will not be revert when device reboot

Should we just remove tacacs-config.service completely and simplified tacacs just as simple as part of the config_db.json? #Closed

[liuh-80]

Complete remove the service is danger, because remove this service may cause SONiC missing TACACS config.
The OS upgrade scenario does not cover by sonic-mgmt test.

[qiluo-msft]

apply_tacacs()

Actually we should check running config first, if running config already has TACACS key, no need to read old_config file at all.

---

Refers to: files/image_config/config-setup/config-setup:136 in 5407540. [](commit_id = 5407540, deletion_comment = False)