diff --git a/pkg/storage/fs/owncloud/owncloud.go b/pkg/storage/fs/owncloud/owncloud.go
index 5059c7df914..1b45b220af3 100644
--- a/pkg/storage/fs/owncloud/owncloud.go
+++ b/pkg/storage/fs/owncloud/owncloud.go
@@ -702,7 +702,7 @@ func (fs *ocfs) GetPathByID(ctx context.Context, id *provider.ResourceId) (strin
 			return "", errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return "", errtypes.NotFound(fs.toStoragePath(ctx, ip))
 		}
 		return "", errors.Wrap(err, "ocfs: error reading permissions")
@@ -741,7 +741,7 @@ func (fs *ocfs) AddGrant(ctx context.Context, ref *provider.Reference, g *provid
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, ip))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -894,6 +894,17 @@ func isNoData(err error) bool {
 	return false
 }
 
+// The os not exists error is buried inside the xattr error,
+// so we cannot just use os.IsNotExists().
+func isNotFound(err error) bool {
+	if xerr, ok := err.(*xattr.Error); ok {
+		if serr, ok2 := xerr.Err.(syscall.Errno); ok2 {
+			return serr == syscall.ENOENT
+		}
+	}
+	return false
+}
+
 func (fs *ocfs) readACE(ctx context.Context, ip string, principal string) (e *ace.ACE, err error) {
 	var b []byte
 	if b, err = xattr.Get(ip, sharePrefix+principal); err != nil {
@@ -940,7 +951,7 @@ func (fs *ocfs) ListGrants(ctx context.Context, ref *provider.Reference) (grants
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, ip))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -978,7 +989,7 @@ func (fs *ocfs) RemoveGrant(ctx context.Context, ref *provider.Reference, g *pro
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, ip))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1010,7 +1021,7 @@ func (fs *ocfs) UpdateGrant(ctx context.Context, ref *provider.Reference, g *pro
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, ip))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1070,7 +1081,7 @@ func (fs *ocfs) CreateDir(ctx context.Context, sp string) (err error) {
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1153,7 +1164,7 @@ func (fs *ocfs) SetArbitraryMetadata(ctx context.Context, ref *provider.Referenc
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1296,7 +1307,7 @@ func (fs *ocfs) UnsetArbitraryMetadata(ctx context.Context, ref *provider.Refere
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, ip))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1387,7 +1398,7 @@ func (fs *ocfs) Delete(ctx context.Context, ref *provider.Reference) (err error)
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1481,7 +1492,7 @@ func (fs *ocfs) Move(ctx context.Context, oldRef, newRef *provider.Reference) (e
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(oldIP)))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1509,6 +1520,7 @@ func (fs *ocfs) Move(ctx context.Context, oldRef, newRef *provider.Reference) (e
 func (fs *ocfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []string) (*provider.ResourceInfo, error) {
 	ip, err := fs.resolve(ctx, ref)
 	if err != nil {
+		// TODO return correct errtype
 		if _, ok := err.(errtypes.IsNotFound); ok {
 			return nil, err
 		}
@@ -1533,7 +1545,7 @@ func (fs *ocfs) GetMD(ctx context.Context, ref *provider.Reference, mdKeys []str
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1562,7 +1574,7 @@ func (fs *ocfs) getMDShareFolder(ctx context.Context, sp string, mdKeys []string
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1582,6 +1594,9 @@ func (fs *ocfs) getMDShareFolder(ctx context.Context, sp string, mdKeys []string
 		m.Type = provider.ResourceType_RESOURCE_TYPE_REFERENCE
 		ref, err := xattr.Get(ip, mdPrefix+"target")
 		if err != nil {
+			if isNotFound(err) {
+				return nil, errtypes.NotFound(fs.toStorageShadowPath(ctx, ip))
+			}
 			return nil, err
 		}
 		m.Target = string(ref)
@@ -1627,7 +1642,7 @@ func (fs *ocfs) listWithNominalHome(ctx context.Context, ip string, mdKeys []str
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1678,7 +1693,7 @@ func (fs *ocfs) listHome(ctx context.Context, home string, mdKeys []string) ([]*
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1722,7 +1737,7 @@ func (fs *ocfs) listShareFolderRoot(ctx context.Context, sp string, mdKeys []str
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1798,7 +1813,7 @@ func (fs *ocfs) Download(ctx context.Context, ref *provider.Reference) (io.ReadC
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1826,7 +1841,7 @@ func (fs *ocfs) ListRevisions(ctx context.Context, ref *provider.Reference) ([]*
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
@@ -1887,7 +1902,7 @@ func (fs *ocfs) RestoreRevision(ctx context.Context, ref *provider.Reference, re
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
 		return errors.Wrap(err, "ocfs: error reading permissions")
@@ -1949,7 +1964,7 @@ func (fs *ocfs) PurgeRecycleItem(ctx context.Context, key string) error {
 			return nil, errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(err) {
 			return nil, errtypes.NotFound(fs.unwrap(ctx, filepath.Dir(ip)))
 		}
 		return nil, errors.Wrap(err, "ocfs: error reading permissions")
diff --git a/pkg/storage/fs/owncloud/upload.go b/pkg/storage/fs/owncloud/upload.go
index ec1aad3b7a5..41909dc309c 100644
--- a/pkg/storage/fs/owncloud/upload.go
+++ b/pkg/storage/fs/owncloud/upload.go
@@ -62,10 +62,10 @@ func (fs *ocfs) Upload(ctx context.Context, ref *provider.Reference, r io.ReadCl
 			return errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(perr) {
 			return errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
-		return errors.Wrap(err, "ocfs: error reading permissions")
+		return errors.Wrap(perr, "ocfs: error reading permissions")
 	}
 
 	// we cannot rely on /tmp as it can live in another partition and we can
@@ -117,7 +117,7 @@ func (fs *ocfs) InitiateUpload(ctx context.Context, ref *provider.Reference, upl
 		// check permissions of file to be overwritten
 		perm, perr = fs.readPermissions(ctx, ip)
 	} else {
-		// check permissions
+		// check permissions of parent
 		perm, perr = fs.readPermissions(ctx, filepath.Dir(ip))
 	}
 	if perr == nil {
@@ -125,10 +125,10 @@ func (fs *ocfs) InitiateUpload(ctx context.Context, ref *provider.Reference, upl
 			return "", errtypes.PermissionDenied("")
 		}
 	} else {
-		if os.IsNotExist(err) {
+		if isNotFound(perr) {
 			return "", errtypes.NotFound(fs.toStoragePath(ctx, filepath.Dir(ip)))
 		}
-		return "", errors.Wrap(err, "ocfs: error reading permissions")
+		return "", errors.Wrap(perr, "ocfs: error reading permissions")
 	}
 
 	p := fs.toStoragePath(ctx, ip)