This commit adds support for LUKS2 behind a new `partition.conf` key:
`luksGeneration`.
A bit of context, LUKS2 is the default encryption operating mode since
cryptsetup >= 2.1.0 (See [Arch
wiki](https://wiki.archlinux.org/title/dm-crypt/Device_encryption#Encryption_options_with_dm-crypt).
It is considered more secured and allows additional extensions. It also
comes with Argon2id as the default Password Based Key Derivation
Function (`--pbkdf` option). So it's important to provide this as an
option for Calamares in order to make Linux installs more secure, for
those who wish to encrypt their system.
This commit was tested on a custom Manjaro installer with:
- grub bootloader with the [argon patches](https://aur.archlinux.org/packages/grub-improved-luks2-git).
- [rEFInd](https://wiki.archlinux.org/title/REFInd) bootloader with
unencrypted `/boot` partition because rEFInd [doesn't support booting
from an encrypted volume](https://sourceforge.net/p/refind/discussion/general/thread/400418ac/)
**Important consideration for distribution maintainers**:
- You need to have compile flag `WITH_KPMCORE4API` on
- If you are shipping with grub by default please note that you need to
ship it with the Argon patches. Example on Arch Linux: [grub-improved-luks2-git](https://aur.archlinux.org/packages/grub-improved-luks2-git)
- If `luksGeneration` is not found in partition.conf, it will default to
luks1
- Please test this on your own distribution as this was only tested on
Manjaro installer (see above).
Since this CMakeLists.txt writes out a C program, the formatting
is a bit weird; just start the written TU with a blank line to
make gersemi happy and keep the C-code aligned.
- FileSystem.h depends on KPMcore and only compiles when
KPMcore is present; it can use KPMcore identifiers.
- Global.h doesn't.
- Move the few functions introduced into Global.h that need
KPMcore, to FileSystem.h instead.
When KPMcore is present, the calamares::kpmcore wraps that
and provides suitable API detection. If KPMcore is not
present, the same interface library provides -DWITHOUT_KPMcore.
The distinction CalamaresUtils and Calamares is old-fashioned,
since we can use nested namespaces (and already do) for a lot
of things; make libcalamares/locale/ a bit more consistent
by using namespace Calamares::Locale for everything.
- this would be the first 3.3 release, scripts still needed
cleanup to handle all the changes in 3.3
- support "-alpha1" kinds of designation
- support more versioning information in the headers
- log which path is actually being used
- there are two overloads for QTranslator::load(); the intention
was to call `QTranslator::load(const QLocale&, ...)`, but the
types of the arguments were wrong, leading to the other
overload being called, and interpreting the locale-name
(e.g. "nl") as a full filename.
Improve logging, call the "other" overload with the right parameters
and drop the not-needed ones.
FIXES#1961
This is a rather clunky implementation of re-check requirements.
"Clunky" because the UI parts are re-created each time, rather
than fishing from a model of checked (or unchecked) requirements.
The Widgets parts should be updated to use a full model, rather
than the recreate-list-of-Widgets implementation they have now.
Unrelated changes pull in a bunch of improvements to the
waiting spinner widget.
- While this is primarily convenient for testing (e.g. checking
that a command is expanded the way we expect), it simplifies
some of the code because it's now clear that run() uses an
expanded copy of the command-list to do the actual work.
This is a step towards getting rid of CalamaresUtils and
using more structured namespaces overall, e.g. Calamares::String
for things related to string-handling.
readTargetFile was not fully reading files because of an incorrect
EOF check. This could cause /etc/openswap.conf files to be
truncated and hibernation to fail on installed systems.
Avoid logs like
23:29:57 [2]: void Config::setConfigurationMap(const QVariantMap&)
WARNING: Configuration for *initialSwapChoice* is not one of the *userSwapChoices*
WARNING: .. Choice "small" added.
where the label is duplicated.
- some switch statements handle a bunch of items explicitly,
then default the rest. Clang complains about that. Turn off
the warning for these specific switches, since there's dozens
of values that simply do not need to be handled.
