diff --git a/src/exec_intercept.c b/src/exec_intercept.c
index 09ca2378f..184612449 100644
--- a/src/exec_intercept.c
+++ b/src/exec_intercept.c
@@ -407,7 +407,7 @@ intercept_check_policy(const char *command, int argc, char **argv, int envc,
      */
     if (stat(command, &sb) == -1) {
 	closure->errstr = NULL;
-	closure->state = POLICY_REJECT;
+	closure->state = POLICY_ERROR;
 	goto done;
     }
 
diff --git a/src/exec_ptrace.c b/src/exec_ptrace.c
index 379027618..9b3dafb75 100644
--- a/src/exec_ptrace.c
+++ b/src/exec_ptrace.c
@@ -1920,9 +1920,12 @@ ptrace_intercept_execve(pid_t pid, struct intercept_closure *closure)
 	    }
 	}
 	break;
-    default:
+    case POLICY_REJECT:
 	/* If rejected, fake the syscall and set return to EACCES */
-	ptrace_fail_syscall(pid, &regs, EACCES);
+	errno = EACCES;
+	FALLTHROUGH;
+    default:
+	ptrace_fail_syscall(pid, &regs, errno);
 	break;
     }