Add doas support alongside sudo for privilege escalation (low priority)

[justanotherscript]

Desired behavior

VeraCrypt should optionally use doas instead of sudo for privilege escalation on systems where doas is installed, improving compatibility with lightweight Unix setups.

Screenshots/Mockup/Designs

N/A

Additional information

grep -n "sudoAbsolutePath" src/Core/Unix/CoreService.cpp
418: string sudoAbsolutePath = Process::FindSystemBinary("sudo", errorMsg);
419: if (sudoAbsolutePath.empty())
426: std::string popenCommand = sudoAbsolutePath + " -n " + trueAbsolutePath + " > /dev
direct stderr to stdout (2>&1) to be able to catch the result of the command

[idrassi]

Thanks for opening this. This is related to the older discussion in #823.

I looked into this before, and the main blocker is still the same: VeraCrypt doesn't simply run one privileged command. On Unix like systems, it starts an elevated veracrypt --core-service process and then communicates with it over pipes. The current implementation relies on sudo -S so VeraCrypt can pass the administrator password to the elevation tool through stdin before the elevated service starts.

OpenDoas/doas doesn't provide an equivalent mechanism to sudo -S. Because of that, it can't be used as a drop-in replacement for sudo. So full doas would require changing VeraCrypt privilege elevation architecture.

The long term direction is a proper non sudo elevation backend, most likely polkit/pkexec or a dedicated privileged helper service. That would make VeraCrypt less dependent on sudo and would address systems that don't use sudo, including doas based setups. This larger design work overlaps with #887.