From b8ca9c54e8f321a4089524db28304b31068a36f2 Mon Sep 17 00:00:00 2001 From: Dan Bungert Date: Thu, 26 Jan 2023 08:21:46 -0700 Subject: [PATCH 1/3] ui/guided: FDE string improvements Remove references to the "model", which isn't a concept we expect the user to know about. General text tweaks on top of that. --- subiquity/ui/views/filesystem/guided.py | 46 +++++++++++++------------ 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/subiquity/ui/views/filesystem/guided.py b/subiquity/ui/views/filesystem/guided.py index 817a44ad..9086fea4 100644 --- a/subiquity/ui/views/filesystem/guided.py +++ b/subiquity/ui/views/filesystem/guided.py @@ -129,41 +129,43 @@ class TPMChoice: help: str +help_texts = { + StorageEncryptionSupport.DISABLED: + _("TPM backed full-disk encryption has been disabled."), + StorageEncryptionSupport.AVAILABLE: + _("The entire disk will be encrypted and protected by the " + "TPM. If this option is deselected, the disk will be " + "unencrypted and without any protection."), + StorageEncryptionSupport.UNAVAILABLE: + # for translators: 'reason' is the reason FDE is unavailable. + _("TPM backed full-disk encryption is not available " + "on this device (the reason given was \"{reason}\")."), +} + choices = { StorageEncryptionSupport.DISABLED: { safety: TPMChoice( enabled=False, default=False, - help=_("The model being installed does not support TPM backed " - "full-disk encryption")) for safety in StorageSafety - }, + help=help_texts[StorageEncryptionSupport.DISABLED]) + for safety in StorageSafety + }, StorageEncryptionSupport.AVAILABLE: { StorageSafety.ENCRYPTED: TPMChoice( enabled=False, default=True, - help=_("The model being installed requires TPM backed full-disk " - "encryption")), + help=help_texts[StorageEncryptionSupport.AVAILABLE]), StorageSafety.PREFER_ENCRYPTED: TPMChoice( enabled=True, default=True, - help=_("The entire disk will be encrypted and protected by the " - "TPM. If this option is deselected, the disk will be " - "unencrypted and without any protection.")), + help=help_texts[StorageEncryptionSupport.AVAILABLE]), StorageSafety.PREFER_UNENCRYPTED: TPMChoice( enabled=True, default=False, - help=_("The model being installed does not prefer but allows TPM " - "backed full-disk encryption")), - }, + help=help_texts[StorageEncryptionSupport.AVAILABLE]), + }, StorageEncryptionSupport.UNAVAILABLE: { - StorageSafety.PREFER_ENCRYPTED: TPMChoice( + safety: TPMChoice( enabled=False, default=False, - help=_("The model being installed prefers but does not require " - "TPM backed full-disk encryption and it is not available " - "on this device (the reason given was \"{reason}\").")), - StorageSafety.PREFER_UNENCRYPTED: TPMChoice( - enabled=False, default=False, - # for translators: 'reason' is the reason FDE is unavailable. - help=_("The model being installed does not prefer TPM backed " - "full-disk encryption and it is not available on this " - "device (the reason given was \"{reason}\").")), - }, + help=help_texts[StorageEncryptionSupport.UNAVAILABLE]) + for safety in StorageSafety + }, # StorageEncryptionSupport.DEFECTIVE: handled in controller code } From 3c3e4679669fef6378619b0a158acb458cf616f4 Mon Sep 17 00:00:00 2001 From: Dan Bungert Date: Wed, 1 Feb 2023 08:46:19 -0700 Subject: [PATCH 2/3] server/fs: FDE string improvements --- subiquity/server/controllers/filesystem.py | 27 +++++++++++----------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/subiquity/server/controllers/filesystem.py b/subiquity/server/controllers/filesystem.py index 0113f45d..9c361ed2 100644 --- a/subiquity/server/controllers/filesystem.py +++ b/subiquity/server/controllers/filesystem.py @@ -96,20 +96,21 @@ log = logging.getLogger("subiquity.server.controllers.filesystem") block_discover_log = logging.getLogger('block-discover') -system_defective_encryption_text = _(""" -The model being installed requires TPM-backed encryption but this -system does not support it (the reason given was "{unavailable_reason}"). -""") +# for translators: 'reason' is the reason FDE is unavailable. +system_defective_encryption_text = _( + "TPM backed full-disk encryption is not available " + "on this device (the reason given was \"{reason}\")." +) -system_multiple_volumes_text = _(""" -The model being installed defines multiple volumes, which is not currently -supported. -""") +system_multiple_volumes_text = _( + "TPM backed full-disk encryption is not yet supported when " + "the target spans multiple volumes." +) -system_non_gpt_text = _(""" -The model being installed defines a volume with a partition table type other -than GPT, which is not currently supported. -""") +system_non_gpt_text = _( + "TPM backed full-disk encryption is only supported with a target volume " + "partition table of GPT." +) class NoSnapdSystemsOnSource(Exception): @@ -218,7 +219,7 @@ class FilesystemController(SubiquityController, FilesystemManipulator): if se.support == StorageEncryptionSupport.DEFECTIVE: self._core_boot_classic_error = \ system_defective_encryption_text.format( - unavailable_reason=se.unavailable_reason) + reason=se.unavailable_reason) if se.support == StorageEncryptionSupport.UNAVAILABLE: log.debug( "storage encryption unavailable: %r", se.unavailable_reason) From bd4e463177075b41b60c3188fc26e1db6a92d8d2 Mon Sep 17 00:00:00 2001 From: Dan Bungert Date: Fri, 10 Feb 2023 15:40:16 -0700 Subject: [PATCH 3/3] ui/guided: tweak wording for ENCRYPTED + AVAILABLE --- subiquity/ui/views/filesystem/guided.py | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/subiquity/ui/views/filesystem/guided.py b/subiquity/ui/views/filesystem/guided.py index 9086fea4..3609c236 100644 --- a/subiquity/ui/views/filesystem/guided.py +++ b/subiquity/ui/views/filesystem/guided.py @@ -129,14 +129,16 @@ class TPMChoice: help: str -help_texts = { - StorageEncryptionSupport.DISABLED: +tpm_help_texts = { + "DISABLED": _("TPM backed full-disk encryption has been disabled."), - StorageEncryptionSupport.AVAILABLE: + "AVAILABLE_CAN_BE_DESELECTED": _("The entire disk will be encrypted and protected by the " "TPM. If this option is deselected, the disk will be " "unencrypted and without any protection."), - StorageEncryptionSupport.UNAVAILABLE: + "AVAILABLE_CANNOT_BE_DESELECTED": + _("The entire disk will be encrypted and protected by the TPM."), + "UNAVAILABLE": # for translators: 'reason' is the reason FDE is unavailable. _("TPM backed full-disk encryption is not available " "on this device (the reason given was \"{reason}\")."), @@ -146,24 +148,24 @@ choices = { StorageEncryptionSupport.DISABLED: { safety: TPMChoice( enabled=False, default=False, - help=help_texts[StorageEncryptionSupport.DISABLED]) + help=tpm_help_texts['DISABLED']) for safety in StorageSafety }, StorageEncryptionSupport.AVAILABLE: { StorageSafety.ENCRYPTED: TPMChoice( enabled=False, default=True, - help=help_texts[StorageEncryptionSupport.AVAILABLE]), + help=tpm_help_texts['AVAILABLE_CANNOT_BE_DESELECTED']), StorageSafety.PREFER_ENCRYPTED: TPMChoice( enabled=True, default=True, - help=help_texts[StorageEncryptionSupport.AVAILABLE]), + help=tpm_help_texts['AVAILABLE_CAN_BE_DESELECTED']), StorageSafety.PREFER_UNENCRYPTED: TPMChoice( enabled=True, default=False, - help=help_texts[StorageEncryptionSupport.AVAILABLE]), + help=tpm_help_texts['AVAILABLE_CAN_BE_DESELECTED']), }, StorageEncryptionSupport.UNAVAILABLE: { safety: TPMChoice( enabled=False, default=False, - help=help_texts[StorageEncryptionSupport.UNAVAILABLE]) + help=tpm_help_texts['UNAVAILABLE']) for safety in StorageSafety }, # StorageEncryptionSupport.DEFECTIVE: handled in controller code