#148 added support for v2 encryption policies, which have various security and usability advantages, including solving #128, #116, and #118. They require kernel v5.4 or later. But due to the kernel prerequisite, currently the user has to set "policy_version": "2" in /etc/fscrypt.conf. We should make it so that /etc/fscrypt.conf can contain "policy_version": "auto", where this means that fscrypt will use the best policy version that is available on the current kernel; and we should put this in the default /etc/fscrypt.conf generated by fscrypt setup.