open(path) throws an error when called on a directory or UNIX socket,
and therefore a check to ensure that the path is absent will always
succeed when there is a directory or file located there.
This updates the check to use os.access(path, os.F_OK) instead, which
instead just checks that the path exists instead of trying to open it as
a file, and therefore properly handles directories and sockets.
This causes a slight semantic change in how permissions are handled.
The existing code will fail to work correctly if the user running the
module on the managed host has no read access to the path specified.
The new code will work correctly in that situation.
Both versions fail if the user can't traverse the parent directory.
I've also added a check to the try block to catch OSError. I've seen
this call fail with an OSError on rare occasion in the face of odd
extended permissions (usually MAC configuration) in cases where it
should technically return False. In such cases, the file is functionally
inaccessible to the user making the call, so it's essentially not there,
but it can't be created by them either. I've documented this, as well as
the fact that the bug this change fixes exists, and a rather nasty
inconsistency involving symbloic handling that I stumbled across while
testing this change.
Fixes: #20870
50ceb8d7d8