From 7e4b0477439b30236d77faee2825eaa8a8e5d6b1 Mon Sep 17 00:00:00 2001
From: Slava Semushin <vsemushi@redhat.com>
Date: Thu, 5 Jan 2017 18:07:50 +0100
Subject: [PATCH] Improve an error message when privileged containers are
 disallowed globally on the cluster.

---
 pkg/api/validation/validation.go      | 2 +-
 pkg/api/validation/validation_test.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/api/validation/validation.go b/pkg/api/validation/validation.go
index 95c0062268b..5109ae32373 100644
--- a/pkg/api/validation/validation.go
+++ b/pkg/api/validation/validation.go
@@ -3692,7 +3692,7 @@ func ValidateSecurityContext(sc *api.SecurityContext, fldPath *field.Path) field
 
 	if sc.Privileged != nil {
 		if *sc.Privileged && !capabilities.Get().AllowPrivileged {
-			allErrs = append(allErrs, field.Forbidden(fldPath.Child("privileged"), "disallowed by policy"))
+			allErrs = append(allErrs, field.Forbidden(fldPath.Child("privileged"), "disallowed by cluster policy"))
 		}
 	}
 
diff --git a/pkg/api/validation/validation_test.go b/pkg/api/validation/validation_test.go
index c5acf5cb4ff..254529ed9a0 100644
--- a/pkg/api/validation/validation_test.go
+++ b/pkg/api/validation/validation_test.go
@@ -8601,7 +8601,7 @@ func TestValidateSecurityContext(t *testing.T) {
 		"request privileged when capabilities forbids": {
 			sc:          privRequestWithGlobalDeny,
 			errorType:   "FieldValueForbidden",
-			errorDetail: "disallowed by policy",
+			errorDetail: "disallowed by cluster policy",
 		},
 		"negative RunAsUser": {
 			sc:          negativeRunAsUser,