From 8a2551d1b8a81e648e731348db8526ae38d98613 Mon Sep 17 00:00:00 2001
From: Greg Brockman <gdb@mit.edu>
Date: Mon, 23 Aug 2010 20:46:21 -0400
Subject: [PATCH] Catch AFS exceptions

---
 debian/changelog           |    8 +++++++-
 python/xvm/authz/locker.py |   10 +++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 51a4829..ee00265 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,14 @@
+xvm-authz-locker (0.0.4) unstable; urgency=low
+
+  * Catch AFS exceptions
+
+ -- Greg Brockman <gdb@mit.edu>  Mon, 23 Aug 2010 20:46:09 -0400
+
 xvm-authz-locker (0.0.3.1) unstable; urgency=low
 
   * Dummy version bump
 
- -- Greg Brockman <gdb@inferno>  Sun, 08 Aug 2010 19:36:31 -0400
+ -- Greg Brockman <gdb@mit.edu>  Sun, 08 Aug 2010 19:36:31 -0400
 
 xvm-authz-locker (0.0.3) unstable; urgency=low
 
diff --git a/python/xvm/authz/locker.py b/python/xvm/authz/locker.py
index 59b480e..5945ab6 100644
--- a/python/xvm/authz/locker.py
+++ b/python/xvm/authz/locker.py
@@ -3,6 +3,7 @@ import errno
 from afs import acl
 from afs import fs
 from afs import pts
+from afs import _util
 
 from invirt import common
 from invirt.config import structs as config
@@ -41,7 +42,7 @@ def expandOwner(name):
                 allowed.difference_update(_expandGroup(ent, cell=cell, auth=auth))
 
         return allowed
-    except OSError, e:
+    except (_util.AFSException, OSError), e:
         if e.errno in (errno.ENOENT, errno.EACCES):
             return []
         else:
@@ -113,6 +114,13 @@ def _expandGroup(name, cell=None, auth=False):
             return set([ent.name])
         else:
             return set([x.name for x in ent.members])
+    except _util.AFSException, e:
+        if e.errno in (267268, # User or group doesn't exist
+                       267269  # Permission denied
+                       ):
+            return set()
+        else:
+            raise
     except OSError, e:
         if e.errno in (errno.ENOENT, errno.EACCESS):
             return set()
-- 
1.7.9.5