Commit Graph

3055 Commits

Author SHA1 Message Date
Matej Urbančič 4da32aedbb Updated Slovenian translation 2017-02-14 09:10:57 +01:00
Alexandre Franke 05df189a0a Update French translation 2017-02-13 16:41:29 +00:00
Andika Triwidada 3c882dfc5d Update Indonesian translation 2017-02-13 08:52:57 +00:00
Alexandre Franke 3a70177260 Update French translation 2017-02-12 22:09:02 +00:00
Мирослав Николић cf632a053f Updated Serbian translation 2017-02-12 07:25:01 +01:00
Anders Jonsson e5c402348d Update Swedish translation 2017-02-11 17:37:19 +00:00
Alan Mortensen d8e1295268 Updated Danish translation 2017-02-11 00:41:49 +01:00
Marek Cernocky 09cbbc7200 Updated Czech translation 2017-02-10 17:48:35 +01:00
Trần Ngọc Quân e768ab1cc0 Updated Vietnamese translation
Signed-off-by: Trần Ngọc Quân <vnwildman@gmail.com>
2017-02-10 14:18:40 +07:00
Baurzhan Muftakhidinov bc661d084f Update Kazakh translation 2017-02-09 05:13:20 +00:00
Anders Jonsson 4912ad31b0 Update Swedish translation 2017-02-07 23:35:26 +00:00
Aurimas Černius 51dc435c9b Updated Lithuanian translation 2017-02-07 22:25:05 +02:00
Piotr Drąg 44290a01c3 Update Polish translation 2017-02-07 20:45:13 +01:00
Mike Fleetwood 38857e09c7 Improve error message in check_repair_filesystem() (#774818)
Change the error message after it raised a question with the translators
and to better align with the operation only being described as a check
in the GParted Manual and in the application UI.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-02-07 12:31:49 -07:00
Baurzhan Muftakhidinov f03a4106cc Update Kazakh translation 2017-02-07 09:50:43 +00:00
Josef Andersson 98eae5a51a Update Swedish translation 2017-02-06 20:38:46 +00:00
Rafael Fontenelle eeff05b423 Update Brazilian Portuguese translation 2017-02-05 00:39:49 +00:00
Josef Andersson 25f67b583e Update Swedish translation 2017-02-04 22:31:07 +00:00
Mario Blättermann abdc06bd12 Update German translation 2017-02-04 20:49:11 +00:00
Piotr Drąg 2258b70cd9 Fix translator comments
They need to be exactly one line above a string to show up in .po files.
2017-01-28 01:04:42 +01:00
Alan Mortensen 079c7864b7 Updated Danish translation 2017-01-17 21:12:34 +01:00
Rafael Fontenelle 7e392e8481 Update Brazilian Portuguese translation 2017-01-17 01:27:07 +00:00
Piotr Drąg 328508608e Update Polish translation 2017-01-15 14:39:57 +01:00
Mike Fleetwood aa98107706 Create and use general find_extended_partition() function
The Operation class already provided find_index_extended() method and
 was used in the Operation and derived classes where required.  It
returns the index to the extended partition in the PartitionVector
object, or -1 when no extended partition exists.

There were several cases of the same functionality being open coded in
GParted_Core and Win_GParted.  Therefore move the implementation to
find_extended_partition() in PartitionVector compilation unit and use
this implementation everywhere.
2017-01-14 08:49:58 -07:00
Mike Fleetwood 786a53b43c Replace 2 Win_GParted member variables with local variables
Member variables fs and gpart_output were used in just one method each
as local variables.  Replace them with local variables.
2017-01-14 08:49:58 -07:00
Mike Fleetwood fbd39b81e3 Fix for loop limit in fat16::sanitize_label()
Use the same uppercase_label string to determine the limit of the for
loop as is actually accessed.
2017-01-14 08:49:58 -07:00
Mike Fleetwood 0f76b8f8ff Remove unused clear_mountpoints parameter from add_mountpoint*()
The clear_mountpoints parameter has never been used since
add_mountpoint*() were first added [1][2].  clear_mountpoints() method
[3] is available to provide this functionality and used.  Therefore
removed unused parameter and code.

[1] add_mountpoints() added 2006-03-15
        9532c3cad1
        Made Partition::mountpoints private

[2] add_mountpoint() added 2011-12-16
        208083f11d84dbd4f186271a3cdbf5170db259f8b8
        Display LVM2 VGNAME as the PV's mount point (#160787)

[3] clear_mountpoint() added 2006-03-19
        ad9f2126e7
        fixed issues with copying (see also #335004) cleanups + added FIXME added
2017-01-14 08:49:58 -07:00
Mike Fleetwood 5857b46c5d Add LUKS notes to the GParted Manual (#774818)
Add LUKS encrypted partition notes to the GParted Manual about the new
capabilities coming in the next release of GParted.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 34185afbf1 Document new requirement on the cryptsetup command (#774818)
Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 5cd1f718a1 Add "Available online only" to the Supported Actions legend (#774818)
Shrinking LUKS encryption is only possible while the mapping is open and
active.  Therefore the File System Support dialog shows Cross + Tick for
this operation.  Add this new combination to the legend.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 86597b8672 Use virtual get_filessytem_string() in remaining operation descriptions (#774818)
Switch the remaining create and delete operation description generation
to use the virtual Partition get_filesystem_string() method.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood f1e3d42b56 Prevent deletion of open LUKS mappings (#774818)
At least until closing LUKS mappings is supported.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 36804b9634 Implement maximize encryption volume as part of check repair operation (#774818)
Now that resizing of encrypted file systems is implemented add growing
of the open LUKS mapping as part of the check repair operation.

Resizing an encrypted file system requires the LUKS mapping to be open
to access the file system within; therefore it also requires libparted
and kernel support for online partition resizing.  This limits resizing
to the latest distributions with libparted >= 3.2 and kernel >= 3.6.
However growing an open LUKS mapping as part of a check repair operation
doesn't require resizing the partition.  Therefore route via offline
grow of LUKS to avoid those extra, unnecessary requirement.  This does
mean that offline LUKS grow artificially requires cryptsetup, but that is
not really significant as even opening LUKS requires cryptsetup.

So now checking an encrypted file system on even the oldest
distributions does:
1) runs FSCK on the encrypted file system;
2) grows the encryption volume to fill the partition;
3) grows the file system to fill the encryption mapping.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood e2aff7ba66 Implement offline grow of encryption volumes (#774818)
While a device-mapper encryption mapping can only be resized while
active, a LUKS volume can inherently be grown while offline because it
doesn't store a size and when started fills the partition.  This doesn't
even need the cryptsetup command to do the resizing (just to open the
LUKS volume afterwards which GParted doesn't yet support).  Implement
offline growing of LUKS volumes.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood a1c1401285 Add bug checks into resize/move operation methods (#774818)
Ensure pre-conditions of always or never being passed a Partition object
containing an open LUKS encryption are met for resizing file system and
LUKS encryption methods.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 828f0d8ab3 Implement resize/move operation of encrypted file systems (#774818)
Moving of closed LUKS is simply enabled by luks .move capability being
set and requires no further coding.

Resizing of encrypted file systems requires both the LUKS mapping and
encrypted file system within to be resized in the right order for both
shrinking and growing.  To keep the code simple split resizing of plain
and encrypted into separate functions.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood ee1b2257d2 Preview resize/move operation of encrypted file systems (#774818)
Changing the Resize/Move dialog code to also handle PartitionLUKS
objects was considered too complicated.  Instead create an unencrypted
equivalent using clone_as_plain(), pass that to the Resize/Move dialog
and finally apply the change back using Partition*::resize().

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 08e4ba4eca Add Partition object resizing method Partition*::resize() (#774818)
Add a resize() method to both Partition and PartitionLUKS classes.  They
take a reference Partition object, and update the position, size and
file system usage of *this Partition to match.  This is ready for taking
a partition returned from Resize/Move dialog and applying the change.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 30a0f4506c Add specialist clone method PartitionLUKS::clone_as_plain() (#774818)
Implement a specialist PartitionLUKS clone method.  Creates a new
Partition object which has the same space usage as the source encrypted
file system, but is a plain file system.  Namely, the overhead of the
LUKS header has been added to the file system usage.  This is ready for
feeding this representation of the partition to the Resize/Move dialog.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood e2c70d5639 Enable resize/move for encrypted file systems (#774818)
A partition containing LUKS encryption can only be moved when closed and
the Device Mapper encryption mapping only exists to be resized when
open.  As GParted can't yet open or close LUKS encryption these
restrictions have to be adhered to when composing operations.  Also as
encrypted partitions are only being resized when open, additionally
libparted and the kernel have to both be capable of resizing a partition
while in use.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 89540fedd8 Add bug checks into copy operation methods (#774818)
Ensure pre-condition of never being passed a Partition object containing
an open LUKS encryption mapping is met for copy operation related
methods.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood e31fa783a8 Display LUKS copy capability (#774818)
Users will expect to see that copying of LUKS is available in the File
System Support dialog, even if technically what is implemented is
copying of the file system within an open encryption mapping.  There is
no other reason to do this change as these two previous commits have
fully enabled copying of encrypted content:
    Implement copy operation of encrypted file systems (#774814)
    Preview copy operation of encrypted file systems (#774818)

Set LUKS .copy capability so that the dialog shows copying availability,
but then disallow copying of closed LUKS.  (Checking for the capability
and performing copying the content of an open LUKS encryption mapping is
inherent in Win_GParted::set_valid_operations() and GParted_Core::copy()
in the way that they access the block device containing the file system,
whether encrypted or not).

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 56859e1d6d Implement copy operation of encrypted file systems (#774814)
Implement the copy operation by making the copy code work with the
Partition object directly containing the file system, instead of the
enclosing PartitionLUKS object containing the LUKS encryption mapping.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 4c70ec3aee Preview copy operation of encrypted file systems (#774818)
Implement composing of the copy paste operation for encrypted file
systems.

Copying a closed LUKS partition would duplicate the LUKS header
containing the UUID, passphrase and master encryption key.  From a
security point of view having additional copies of encrypted data with
the same master key is an extra risk, but it all depends on what is
going to happen with that copy.  The Cryptsetup FAQ [1] talks about how
to make a backup at the file system level and block level, preferring
file system level with separate encryption if needed.  It strongly
recommends separate encryption if the copy is removable or going
off-site [2].  Also in the case of cloning the data, cloning the LUKS
container is strongly discouraged [3].

Therefore copying of encrypted file systems will be implemented by
copying the file system inside an open LUKS encryption mapping and not
by copying a closed LUKS partition.

Also, while creating new LUKS encryption is not yet supported, copying
an encrypted file system into a new partition will not be permitted as
that will always decrypt the data.  An encrypted file system will be
allowed to be copied into an existing plain partition, decrypting the
data, or into an existing open encrypted partition, keeping it
encrypted.  Pasting over the top of a closed encrypted partition will
remove the LUKS encryption.  (This is planned to be removed when
creating and removing LUKS encryption is implemented as part of full
LUKS read-write support).

Remember that when pasting into an existing partition the file system
must fit within the available space and that encryption has overhead
from the LUKS header.  Therefore copying from a plain partition into a
partition of the same size with open an encryption mapping will not fit
for space reasons.

[1] The Cryptsetup FAQ, Backup and data Recovery section
https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions

[2] 6.7 Does a backup compromise security?
"If you do network-backup or tape-backup, I strongly recommend to go the
filesystem backup path with independent encryption, as you typically
cannot reliably delete data in these scenarios, especially in a cloud
setting."

[3] 6.15 Can I clone a LUKS container?
"You can, but it breaks security, because the cloned container has the
same header and hence the same master key.  You cannot change the master
key on a LUKS container, even if you change the passphrase(s), the
master key stays the same. That means whoever has access to one of the
clones can decrypt them all, completely bypassing the passphrases.

The right way to do this is to first luksFormat the target container,
then to clone the contents of the source container, with both containers
mapped, i.e. decrypted.  You can clone the decrypted contents of a LUKS
container in binary mode, although you may run into secondary issues
with GUIDs in filesystems, partition tables, RAID-components and the
like. These are just the normal problems binary cloning causes.

Note that if you need to ship (e.g.) cloned LUKS containers with a
default passphrase, that is fine as long as each container was
individually created (and hence has its own master key). In this case,
changing the default passphrase will make it secure again."

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 35d57011e9 Add bug checks into format operation methods (#774818)
Ensure pre-condition of never being passed a Partition object containing
an open LUKS encryption mapping is met for format operation related
methods.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood a568e5365a Implement format operation on encrypted file systems (#774818)
Formatting an existing encrypted partition will format the file system
within the encrypted mapping.  Formatting over the top of a closed
encrypted partition will remove the encryption.  (The latter is planned
to be prevented when creating and removing LUKS encryption is
implemented as part of full LUKS read-write support).

Composing the format operation inside an open LUKS encryption mapping
also has to account for the size of that mapping and construct a
PartitionLUKS object containing the new file system.  Implementing the
operation itself is as simple as passing the Partition object directly
containing the file system, instead of the outer PartitionLUKS object.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 88136c96d7 Extend functions generating encrypted file system string (#774818)
Already have:
    Utils::get_filesystem_string(FS_EXT2)          -> "ext2"
    virtual Partition::get_filesystem_string()     -> "ext2"
    virtual PartitionLUKS::get_filesystem_string() -> "[Encrypted] ext2"
Add these:
    Utils::get_encrypted_string()                  -> "[Encrypted]"
    Utils::get_filesystem_string(false, FS_EXT2)   -> "ext2"
    Utils::get_filesystem_string(true, FS_EXT2)    -> "[Encrypted] ext2"

This is ready for use of Utils::get_filesystem_string(true, FS_EXT2)
when composing the preview of a format of an encrypted file system by
Win_GParted::activate_format().

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 112ddef9df Implement mount/umount of encrypted file systems (#774818)
Adapts the swapon/swapoff, activate/deactivate Volume Group and mount/
unmount file system code to work with the Partition object directly
containing the file system.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood 313c5fcb1c Add bug checks into check operation methods (#774818)
Ensure pre-condition of never being passed a Partition object containing
an open LUKS encryption mapping is met for check operation related
methods.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00
Mike Fleetwood df05a9785f Implement check operation on encrypted file systems (#774818)
Just update the code describing and implementing the check operation.
No need to update the code composing the operation in
Win_GParted::activate_check() as that is incredibly simple, just cloning
the Partition object and doesn't need changing.

Note that for encrypted file systems this does:
1) runs FSCK on the encrypted file system;
2) grows the file system to fill the encrypted mapping.
At this time it does not grow the encryption mapping to fill the
partition.  That will be added after resize/move has been implemented.

Bug 774818 - Implement LUKS read-write actions NOT requiring a
             passphrase
2017-01-14 08:49:58 -07:00