ssh.GetUserFiles: move to EnsureDirs

We also create a generic SECURE_DIR_MODE constant, rather than
hardcoding 0700 in the code.

Signed-off-by: Guido Trotter <ultrotter@google.com>
Reviewed-by: Balazs Lecz <leczb@google.com>

lib/constants.py

@@ -90,7 +90,8 @@ BDEV_CACHE_DIR = RUN_GANETI_DIR + "/bdev-cache"
 DISK_LINKS_DIR = RUN_GANETI_DIR + "/instance-disks"
 RUN_DIRS_MODE = 0755
 SOCKET_DIR = RUN_GANETI_DIR + "/socket"
-SOCKET_DIR_MODE = 0700
+SECURE_DIR_MODE = 0700
+SOCKET_DIR_MODE = SECURE_DIR_MODE
 # keep RUN_GANETI_DIR first here, to make sure all get created when the node
 # daemon is started (this takes care of RUN_DIR being tmpfs)
 SUB_RUN_DIRS = [ RUN_GANETI_DIR, BDEV_CACHE_DIR, DISK_LINKS_DIR ]
@@ -620,7 +621,7 @@ JOB_QUEUE_DRAIN_FILE = QUEUE_DIR + "/drain"
 JOB_QUEUE_SIZE_HARD_LIMIT = 5000
 JOB_QUEUE_SIZE_SOFT_LIMIT = JOB_QUEUE_SIZE_HARD_LIMIT * 0.8
 JOB_QUEUE_DIRS = [QUEUE_DIR, JOB_QUEUE_ARCHIVE_DIR]
-JOB_QUEUE_DIRS_MODE = 0700
+JOB_QUEUE_DIRS_MODE = SECURE_DIR_MODE
 
 JOB_ID_TEMPLATE = r"\d+"
 

lib/ssh.py

@@ -53,13 +53,8 @@ def GetUserFiles(user, mkdir=False):
     raise errors.OpExecError("Cannot resolve home of user %s" % user)
 
   ssh_dir = utils.PathJoin(user_dir, ".ssh")
-  if not os.path.lexists(ssh_dir):
-    if mkdir:
-      try:
-        os.mkdir(ssh_dir, 0700)
-      except EnvironmentError, err:
-        raise errors.OpExecError("Can't create .ssh dir for user %s: %s" %
-                                 (user, str(err)))
+  if mkdir:
+    utils.EnsureDirs([(ssh_dir, constants.SECURE_DIR_MODE)])
   elif not os.path.isdir(ssh_dir):
     raise errors.OpExecError("path ~%s/.ssh is not a directory" % user)