check for root privileges to access eeprom on Dell N3248TE-ON

[justindthomas]

Why I did it

Accessing a variety of configuration using show involves populating an Eeprom object representing the system eeprom that requires root level privileges to read. The current platform code throws an exception and requires the user to elevate privileges unnecessarily. Here's an example:

jdt@sonic:/$ show interface status
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/sonic_eeprom/eeprom_base.py", line 244, in read_eeprom_bytes
    F = self.open_eeprom()
        ^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/sonic_eeprom/eeprom_base.py", line 232, in open_eeprom
    return io.open(eeprom_file, "rb")
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/sys/class/i2c-adapter/i2c-2/2-0050/eeprom'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/sonic_platform/eeprom.py", line 29, in __init__
    self.eeprom_data = self.read_eeprom()
                       ^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/sonic_eeprom/eeprom_tlvinfo.py", line 258, in read_eeprom
    h = self.read_eeprom_bytes(self._TLV_INFO_HDR_LEN)
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/sonic_eeprom/eeprom_base.py", line 267, in read_eeprom_bytes
    raise IOError("Failed to read eeprom : %s" % (str(e)))
OSError: Failed to read eeprom : [Errno 13] Permission denied: '/sys/class/i2c-adapter/i2c-2/2-0050/eeprom'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/bin/intfutil", line 896, in <module>
    main()
  File "/usr/local/bin/intfutil", line 876, in main
    interface_stat.display_intf_status()
  File "/usr/local/bin/intfutil", line 448, in display_intf_status
    self.get_intf_status()
  File "/usr/local/lib/python3.11/dist-packages/utilities_common/multi_asic.py", line 157, in wrapped_run_on_all_asics
    func(self,  *args, **kwargs)
  File "/usr/local/bin/intfutil", line 535, in get_intf_status
    self.table += self.generate_intf_status()
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/bin/intfutil", line 479, in generate_intf_status
    port_oper_speed_get(self.db, key),
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/bin/intfutil", line 204, in port_oper_speed_get
    optics_type = port_optics_get(db, intf_name, PORT_OPTICS_TYPE)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/bin/intfutil", line 224, in port_optics_get
    if is_rj45_port(intf_name):
       ^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/utilities_common/platform_sfputil_helper.py", line 120, in is_rj45_port
    platform_chassis = sonic_platform.platform.Platform().get_chassis()
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/sonic_platform/platform.py", line 24, in __init__
    self._chassis = Chassis()
                    ^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/sonic_platform/chassis.py", line 93, in __init__
    self._eeprom = Eeprom()
                   ^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/sonic_platform/eeprom.py", line 32, in __init__
    raise RuntimeError("Eeprom is not Programmed")
RuntimeError: Eeprom is not Programmed

After adjusting the eeprom.py file to check for root privileges on this operation (and to populate the field with "N/A" if unprivileged), the output is as follows:

jdt@sonic:/sys/class/i2c-adapter$ show interfaces status
  Interface        Lanes    Speed    MTU    FEC            Alias    Vlan    Oper    Admin            Type    Asym PFC
-----------  -----------  -------  -----  -----  ---------------  ------  ------  -------  --------------  ----------
  Ethernet0            1       1G   9100    N/A       oneGigE1/1   trunk    down     down             N/A         N/A
  Ethernet1            2       1G   9100    N/A       oneGigE1/2   trunk      up       up             N/A         N/A
  Ethernet2            3       1G   9100    N/A       oneGigE1/3   trunk      up       up             N/A         N/A
  Ethernet3            4       1G   9100    N/A       oneGigE1/4   trunk      up       up             N/A         N/A
  Ethernet4            5       1G   9100    N/A       oneGigE1/5  routed    down     down             N/A         N/A
  Ethernet5            6       1G   9100    N/A       oneGigE1/6  routed    down     down             N/A         N/A
  Ethernet6            7       1G   9100    N/A       oneGigE1/7  routed    down     down             N/A         N/A
  Ethernet7            8       1G   9100    N/A       oneGigE1/8  routed    down     down             N/A         N/A
  Ethernet8            9       1G   9100    N/A       oneGigE1/9  routed    down     down             N/A         N/A
  Ethernet9           10       1G   9100    N/A      oneGigE1/10   trunk      up       up             N/A         N/A
 Ethernet10           11       1G   9100    N/A      oneGigE1/11   trunk      up       up             N/A         N/A
 Ethernet11           12       1G   9100    N/A      oneGigE1/12   trunk      up       up             N/A         N/A
 Ethernet12           13       1G   9100    N/A      oneGigE1/13   trunk    down       up             N/A         N/A
 Ethernet13           14       1G   9100    N/A      oneGigE1/14   trunk      up       up             N/A         N/A
 Ethernet14           15       1G   9100    N/A      oneGigE1/15   trunk      up       up             N/A         N/A
 Ethernet15           16       1G   9100    N/A      oneGigE1/16   trunk    down     down             N/A         N/A
 Ethernet16           17       1G   9100    N/A      oneGigE1/17   trunk      up       up             N/A         N/A
 Ethernet17           18       1G   9100    N/A      oneGigE1/18   trunk      up       up             N/A         N/A
 Ethernet18           19       1G   9100    N/A      oneGigE1/19   trunk      up       up             N/A         N/A
 Ethernet19           20       1G   9100    N/A      oneGigE1/20   trunk      up       up             N/A         N/A
 Ethernet20           21       1G   9100    N/A      oneGigE1/21   trunk      up       up             N/A         N/A
 Ethernet21           22       1G   9100    N/A      oneGigE1/22   trunk      up       up             N/A         N/A
 Ethernet22           23       1G   9100    N/A      oneGigE1/23   trunk      up       up             N/A         N/A
 Ethernet23           24       1G   9100    N/A      oneGigE1/24   trunk      up       up             N/A         N/A
 Ethernet24           25       1G   9100    N/A      oneGigE1/25  routed    down     down             N/A         N/A
 Ethernet25           26       1G   9100    N/A      oneGigE1/26   trunk      up       up             N/A         N/A
 Ethernet26           27       1G   9100    N/A      oneGigE1/27  routed    down     down             N/A         N/A
 Ethernet27           28       1G   9100    N/A      oneGigE1/28  routed    down     down             N/A         N/A
 Ethernet28           29       1G   9100    N/A      oneGigE1/29  routed    down     down             N/A         N/A
 Ethernet29           30       1G   9100    N/A      oneGigE1/30   trunk    down     down             N/A         N/A
 Ethernet30           31       1G   9100    N/A      oneGigE1/31  routed    down     down             N/A         N/A
 Ethernet31           32       1G   9100    N/A      oneGigE1/32  routed    down     down             N/A         N/A
 Ethernet32           33       1G   9100    N/A      oneGigE1/33  routed    down     down             N/A         N/A
 Ethernet33           34       1G   9100    N/A      oneGigE1/34  routed    down     down             N/A         N/A
 Ethernet34           35       1G   9100    N/A      oneGigE1/35  routed    down     down             N/A         N/A
 Ethernet35           36       1G   9100    N/A      oneGigE1/36   trunk      up       up             N/A         N/A
 Ethernet36           37       1G   9100    N/A      oneGigE1/37  routed    down     down             N/A         N/A
 Ethernet37           38       1G   9100    N/A      oneGigE1/38  routed    down     down             N/A         N/A
 Ethernet38           39       1G   9100    N/A      oneGigE1/39  routed    down     down             N/A         N/A
 Ethernet39           40       1G   9100    N/A      oneGigE1/40  routed    down     down             N/A         N/A
 Ethernet40           41       1G   9100    N/A      oneGigE1/41  routed    down     down             N/A         N/A
 Ethernet41           42       1G   9100    N/A      oneGigE1/42  routed    down     down             N/A         N/A
 Ethernet42           43       1G   9100    N/A      oneGigE1/43  routed    down     down             N/A         N/A
 Ethernet43           44       1G   9100    N/A      oneGigE1/44  routed    down     down             N/A         N/A
 Ethernet44           45       1G   9100    N/A      oneGigE1/45  routed    down     down             N/A         N/A
 Ethernet45           46       1G   9100    N/A      oneGigE1/46  routed    down     down             N/A         N/A
 Ethernet46           47       1G   9100    N/A      oneGigE1/47  routed    down     down             N/A         N/A
 Ethernet47           48       1G   9100    N/A      oneGigE1/48  routed    down     down             N/A         N/A
 Ethernet48           64      10G   9100    N/A      tenGigE1/49   trunk      up       up  SFP/SFP+/SFP28         N/A
 Ethernet49           63      10G   9100    N/A      tenGigE1/50   trunk    down       up  SFP/SFP+/SFP28         N/A
 Ethernet50           62      10G   9100    N/A      tenGigE1/51   trunk    down       up             N/A         N/A
 Ethernet51           61      10G   9100    N/A      tenGigE1/52   trunk    down     down             N/A         N/A
 Ethernet52  69,70,71,72     100G   9100    N/A  hundredGigE1/53  routed    down     down             N/A         N/A
 Ethernet56  73,74,75,76     100G   9100   none  hundredGigE1/54   trunk      up       up             N/A         N/A

Work item tracking

• Microsoft ADO (number only):

How I did it

I added these lines to eeprom.py, around the section that makes the privileged call:

if os.geteuid() == 0:
...
else:
    self.eeprom_data = "N/A"

How to verify it

Place the new file at /usr/local/lib/python3.11/dist-packages/sonic_platform/eeprom.py on the host and /usr/local/lib/python3.9/dist-packages/sonic_platform/eeprom.py on the pmon container and run show interfaces status.

Tested branch (Please provide the tested image version)

master

Description for the changelog

Require elevated privileges to execute privileged command to read system eeprom.

[justindthomas]

Confirmed working as expected on the current master branch compiled today.

[justindthomas]

@jeff-yin This one needs a review from Dell, too. It's probably the the more impactful of the two - the dmidecode change in #17509 eliminates an annoyance. This one actually changes the behavior of the show command so that it works when it should.

[jeff-yin]

@lguohan @zhangyanzhao @prgeor would you mind giving me the ability to assign reviewers to PRs in this repo? I would use this privilege to assign reviewers and approve PRs for Dell platforms.

[jeff-yin]

In the meantime, please assign reviewers @arunlk-dell @vpsubramaniam @aravindmani-1

[prgeor]

@justindthomas can we keep the default value self.eeprom_data = "N/A" outside of the if condition at the beginning of the of init?

[zhangyanzhao]

@arunlk-dell @vpsubramaniam @aravindmani-1 can you please help to review this PR? Thanks.

[justindthomas]

@prgeor is this what you had in mind?

[vpsubramaniam]

There is a dependent PR that also needs to be merged along with this PR,
Dependent PR: #17509