@@ -232,7 +232,7 @@ auth_authenticate(const char *what, const struct sockaddr *caller,
char *p = NULL;
char buf[INET6_ADDRSTRLEN];
struct addrinfo *ai = NULL;
- enum auth_error error = bad_path;
+ enum auth_error error = bad_path, first_error = success;
if (path[0] != '/') {
xlog(L_WARNING, "Bad path in %s request from %s: \"%s\"",
@@ -258,7 +258,15 @@ auth_authenticate(const char *what, const struct sockaddr *caller,
p = strrchr(epath, '/');
if (p == epath) p++;
*p = '\0';
+ /*
+ * Recored the first error, ignoring the error when "/"
+ * is tried and fails
+ */
+ if (first_error == success)
+ first_error = error;
}
+ if (first_error != success)
+ error = first_error;
switch (error) {
case bad_path:
@@ -277,6 +285,7 @@ auth_authenticate(const char *what, const struct sockaddr *caller,
break;
case not_exported:
+ errno = ENOENT;
xlog(L_WARNING, "refused %s request from %s for %s (%s): not exported",
what, ai->ai_canonname, path, epath);
break;
@@ -472,7 +472,10 @@ get_rootfh(struct svc_req *rqstp, dirpath *path, nfs_export **expret,
/* Now authenticate the intruder... */
exp = auth_authenticate("mount", sap, p);
if (exp == NULL) {
- *error = MNT3ERR_ACCES;
+ if (errno == ENOENT)
+ *error = MNT3ERR_NOENT;
+ else
+ *error = MNT3ERR_ACCES;
return NULL;
}
if (stat(p, &stb) < 0) {
When an export does not exist, ENOENT should be returned instead of EACCES Signed-off-by: Steve Dickson <steved@redhat.com> --- utils/mountd/auth.c | 11 ++++++++++- utils/mountd/mountd.c | 5 ++++- 2 files changed, 14 insertions(+), 2 deletions(-)