Linux Installation v3.2.0¶
Process¶
The Quantum Origin HSM Reseed Service is installed on Linux using the operating system (OS) installation or package manager. Please select the tab for Ubuntu or Red Hat Enterprise Linux (RHEL) corresponding to your OS.
It is recommended to verify the Quantum Origin package before installation. Verification guide can be found Package Verification.
$ sudo dpkg -i ./qo-hsm-reseed-service_2.6.2_amd64.deb
Selecting previously unselected package qo-hsm-reseed-service.
(Reading database ... 196383 files and directories currently installed.)
Preparing to unpack .../qo-hsm-reseed-service_2.6.2_amd64.deb ...
Unpacking qo-hsm-reseed-service (2.6.2) ...
Setting up qo-hsm-reseed-service (2.6.2) ...
$ sudo rpm --import ./rhel8_gpg_key.pub.asc
$ sudo rpm -K ./qo-hsm-reseed-service-2.6.2-1.x86_64.rpm
./qo-hsm-reseed-service-2.6.2-1.x86_64.rpm: digests signatures OK
$ sudo rpm -i ./qo-hsm-reseed-service-2.6.2-1.x86_64.rpm
Created symlink /etc/systemd/system/multi-user.target.wants/qo-hsm-reseed.service → /usr/lib/systemd/system/qo-hsm-reseed.service.
$ sudo rpm --import ./rhel9_gpg_key.pub.asc
$ sudo rpm -K ./qo-hsm-reseed-service-2.6.2-1.x86_64.rpm
./qo-hsm-reseed-service-2.6.2-1.x86_64.rpm: digests signatures OK
$ sudo rpm -i ./qo-hsm-reseed-service-2.6.2-1.x86_64.rpm
Created symlink /etc/systemd/system/multi-user.target.wants/qo-hsm-reseed.service → /usr/lib/systemd/system/qo-hsm-reseed.service.
The installer performs the following operations:
Creates a user and group named
qounder which the reseed service will run and isolate operations from other users on the system.Installs a binary,
/usr/bin/qo_hsm_reseed_servicewhich performs the reseeding.Installs a binary,
/usr/bin/qo_hsm_cliwhich is used to manage the service.Creates a sample configuration file
/etc/qo/reseed_service_config.yml.Creates a Linux service called
qo-hsm-reseed, which will run Quantum Origin using a configuration file at/etc/qo/reseed_service_config.yml. This file is required for the operation of the Quantum Origin client.
This service will be enabled by default.
If the hsmusers group already exists when the HSM Reseed software is installed then a new qo user will be added to that group. If not then the new qo user needs to be added to the hsmusers group so it can access the HSM partitions. This can be done with the below command:
$ sudo usermod -aG hsmusers qo
$ sudo usermod -aG hsmusers qo
$ sudo usermod -aG hsmusers qo
This gives the service permission to access the partitions specified in the configuration file, dependent on the Luna HSM configuration explained above.
You can test that installation worked correctly using the --version command:
$ qo_hsm_reseed_service --version
$ qo_hsm_reseed_service --version
$ qo_hsm_reseed_service --version
Inspect the version number, if that matches the intended version, installation was successful.
Uninstallation¶
To uninstall from Linux, execute your operating system’s standard uninstall command.
$ sudo dpkg -r qo-hsm-reseed-service
(Reading database ... 196388 files and directories currently installed.)
Removing qo-hsm-reseed-service (2.6.2) ...
$ sudo rpm -e qo-hsm-reseed-service
warning: /etc/qo/reseed_service_config.yml saved as /etc/qo/reseed_service_config.yml.rpmsave
$ sudo rpm -e qo-hsm-reseed-service
warning: /etc/qo/reseed_service_config.yml saved as /etc/qo/reseed_service_config.yml.rpmsave
Note that the configuration files will not be automatically removed, on RHEL they are renamed with the extension .rpmsave. These may be removed manually if desired.