Fix issue #7165 in _create_challenge_dirs(), attempt to fix pylint er…

…rors (#7568)

* fix issue #7165 by checking if directory exists before trying to create it, fix possible pylint issues in webroot.py

* fix get_chall_pref definition

* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: Adrien Ferrand <adferrand@users.noreply.github.com>

certbot/CHANGELOG.md

@@ -15,6 +15,8 @@ Certbot adheres to [Semantic Versioning](https://semver.org/).
 
 * certbot._internal.cli is now a package split in submodules instead of a whole module.
 * Fix acme module warnings when response Content-Type includes params (e.g. charset).
+* Fixed issue where webroot plugin would incorrectly raise `Read-only file system` 
+  error when creating challenge directories (issue #7165).
 
 ### Fixed
 

certbot/certbot/_internal/plugins/webroot.py

@@ -1,7 +1,6 @@
 """Webroot plugin."""
 import argparse
 import collections
-import errno
 import json
 import logging
 
@@ -71,7 +70,7 @@ def __init__(self, *args, **kwargs):
         super(Authenticator, self).__init__(*args, **kwargs)
         self.full_roots = {}  # type: Dict[str, str]
         self.performed = collections.defaultdict(set) \
-        # type: DefaultDict[str, Set[achallenges.KeyAuthorizationAnnotatedChallenge]]
+            # type: DefaultDict[str, Set[achallenges.KeyAuthorizationAnnotatedChallenge]]
         # stack of dirs successfully created by this authenticator
         self._created_dirs = []  # type: List[str]
 
@@ -137,7 +136,7 @@ def _prompt_with_webroot_list(self, domain, known_webroots):
                     "webroot when using the webroot plugin.")
             return None if index == 0 else known_webroots[index - 1]  # code == display_util.OK
 
-    def _prompt_for_new_webroot(self, domain, allowraise=False):
+    def _prompt_for_new_webroot(self, domain, allowraise=False):  # pylint: no-self-use
         code, webroot = ops.validated_directory(
             _validate_webroot,
             "Input the webroot for {0}:".format(domain),
@@ -170,6 +169,10 @@ def _create_challenge_dirs(self):
                 # We ignore the last prefix in the next iteration,
                 # as it does not correspond to a folder path ('/' or 'C:')
                 for prefix in sorted(util.get_prefixes(self.full_roots[name])[:-1], key=len):
+                    if os.path.isdir(prefix):
+                        # Don't try to create directory if it already exists, as some filesystems
+                        # won't reliably raise EEXIST or EISDIR if directory exists.
+                        continue
                     try:
                         # Set owner as parent directory if possible, apply mode for Linux/Windows.
                         # For Linux, this is coupled with the "umask" call above because
@@ -184,14 +187,13 @@ def _create_challenge_dirs(self):
                             logger.info("Unable to change owner and uid of webroot directory")
                             logger.debug("Error was: %s", exception)
                     except OSError as exception:
-                        if exception.errno not in (errno.EEXIST, errno.EISDIR):
-                            raise errors.PluginError(
-                                "Couldn't create root for {0} http-01 "
-                                "challenge responses: {1}".format(name, exception))
+                        raise errors.PluginError(
+                            "Couldn't create root for {0} http-01 "
+                            "challenge responses: {1}".format(name, exception))
             finally:
                 os.umask(old_umask)
 
-    def _get_validation_path(self, root_path, achall):
+    def _get_validation_path(self, root_path, achall):  # pylint: no-self-use
         return os.path.join(root_path, achall.chall.encode("token"))
 
     def _perform_single(self, achall):