From 2b12f2a780909b9b081f55a31f5f215bf1e1ffd0 Mon Sep 17 00:00:00 2001
From: shubham <shubham.asati2646@gmail.com>
Date: Thu, 30 Jan 2020 00:22:28 +0530
Subject: [PATCH 1/2] setting proper error message in policy validation for
 userinfo not allowed when background mode is set to true

---
 pkg/engine/policy/validate.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/engine/policy/validate.go b/pkg/engine/policy/validate.go
index ee151b8120..947b821ae7 100644
--- a/pkg/engine/policy/validate.go
+++ b/pkg/engine/policy/validate.go
@@ -30,7 +30,7 @@ func Validate(p kyverno.ClusterPolicy) error {
 			// policy.spec.background -> "true"
 			// - cannot use variables with request.userInfo
 			// - cannot define userInfo(roles, cluserRoles, subjects) for filtering (match & exclude)
-			return fmt.Errorf("userInfo not allowed in background policy mode. Failure path %s", err)
+			return fmt.Errorf("userInfo is not allowed in match or exclude when backgroud policy mode is true. Set spec.background=false to disable the policy runs in background mode. Failure path %s ", err)
 		}
 	}
 

From c93a37d944349a455fe07b116a5bc88aef1e76d4 Mon Sep 17 00:00:00 2001
From: shubham <shubham.asati2646@gmail.com>
Date: Thu, 30 Jan 2020 21:50:41 +0530
Subject: [PATCH 2/2] updated error message

---
 pkg/engine/policy/validate.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/engine/policy/validate.go b/pkg/engine/policy/validate.go
index 947b821ae7..6c93935dbd 100644
--- a/pkg/engine/policy/validate.go
+++ b/pkg/engine/policy/validate.go
@@ -30,7 +30,7 @@ func Validate(p kyverno.ClusterPolicy) error {
 			// policy.spec.background -> "true"
 			// - cannot use variables with request.userInfo
 			// - cannot define userInfo(roles, cluserRoles, subjects) for filtering (match & exclude)
-			return fmt.Errorf("userInfo is not allowed in match or exclude when backgroud policy mode is true. Set spec.background=false to disable the policy runs in background mode. Failure path %s ", err)
+			return fmt.Errorf("userInfo is not allowed in match or exclude when backgroud policy mode is true. Set spec.background=false to disable background mode for this policy rule. Failure path %s ", err)
 		}
 	}