15348: Change "no such vm" error message to "permission denied".

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@tomclegg.ca>

diff --git a/lib/pam/pam_arvados.go b/lib/pam/pam_arvados.go
index e9070599c8b0cfccd1aac803f9c6d9fa53f135ed..389033ba963575fb8c4e7b50054c95cb05bab211 100644 (file)
--- a/lib/pam/pam_arvados.go
+++ b/lib/pam/pam_arvados.go
@@ -128,7 +128,11 @@ func authenticate(logger *logrus.Logger, username, token string, argv []string)
                return err
        }
        if len(vms.Items) == 0 {
-               return fmt.Errorf("no results for hostname %q", hostname)
+               // It's possible there is no VM entry for the
+               // configured hostname, but typically this just means
+               // the user does not have permission to see (let alone
+               // log in to) this VM.
+               return errors.New("permission denied")
        } else if len(vms.Items) > 1 {
                return fmt.Errorf("multiple results for hostname %q", hostname)
        } else if vms.Items[0].Hostname != hostname {