Added sudo and occ-command-example-prefix and decorations as requested.

owncloud · Jun 22, 2021 · 87313be · 87313be
1 parent ab162aa
commit 87313be
Showing 1 changed file with 30 additions and 30 deletions.
diff --git a/modules/admin_manual/pages/configuration/server/security/hsmdaemon/index.adoc b/modules/admin_manual/pages/configuration/server/security/hsmdaemon/index.adoc
@@ -86,7 +86,7 @@ If a PKCS11 library is not available, you can xref:configuration/server/security
 
 Now we can initialize the token:
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 softhsm2-util --init-token --slot 0 --label "My token 1"
 ----
@@ -106,7 +106,7 @@ To use the PKCS11 API on the CLI, we need to install {opensc-wiki-url}[OpenSC].
 
 To install OpenSC on Debian and Ubuntu, run the following command:
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 sudo apt install -y opensc
 ----
@@ -115,7 +115,7 @@ sudo apt install -y opensc
 
 To install OpenSC on openSUSE and SUSE Linux Enterprise Server, run the following command:
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 sudo sudo zypper install -y --auto-agree-with-licenses opensc
 ----
@@ -124,7 +124,7 @@ sudo sudo zypper install -y --auto-agree-with-licenses opensc
 
 To install OpenSC on Fedora and Red Hat Enterprise Linux and Centos, run the following command:
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 sudo yum install --assumeyes opensc
 ----
@@ -133,7 +133,7 @@ sudo yum install --assumeyes opensc
 
 You can list the available tokens using {pkcs11-tool-url}[pkcs11-tool], by running the following command.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 sudo pkcs11-tool --module </path/to/libsofthsm2.so> -l --pin <user-pin> -O
 ----
@@ -175,9 +175,9 @@ After you've obtained the hsmdaemon from ownCloud, you need to:
 . xref:copy-the-config-file[Copy the Config File] 
 
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-install -m 755 ./hsmdaemon /usr/local/bin/hsmdaemon
+sudo install -m 755 ./hsmdaemon /usr/local/bin/hsmdaemon
 ----
 
 
@@ -186,23 +186,23 @@ install -m 755 ./hsmdaemon /usr/local/bin/hsmdaemon
 The default location that hsmdaemon looks for its config file is `/etc/hsmdaemon/hsmdaemon.toml`. 
 To create it from the example config file available in provided package, run the following commands.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-mkdir /etc/hsmdaemon                              # Create the hsmdaemon configuration directory
+sudo mkdir /etc/hsmdaemon                              # Create the hsmdaemon configuration directory
 # Copy the example config file
 # Allow only the root and users in the root group to read & write the configuration file
-install -m 640 ./hsmdaemon.toml /etc/hsmdaemon/hsmdaemon.toml
+sudo install -m 640 ./hsmdaemon.toml /etc/hsmdaemon/hsmdaemon.toml
 ----
 
 ==== Install the System Service
 
 Now that the binary is available and the configuration file is in place, hsmdaemon must be installed as a system service. 
 To do this, run it with the `install` option, as in the example below.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-/usr/local/bin/hsmdaemon install
-service hsmdaemon start
+sudo /usr/local/bin/hsmdaemon install
+sudo service hsmdaemon start
 ----
 
 If it installs successfully, then you should see the following console output:
@@ -235,9 +235,9 @@ module = "/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so" # softhsm v2
 
 This command lists the available slots.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-hsmdaemon listslots
+sudo hsmdaemon listslots
 {"level":"debug","ts":"2019-02-14T09:27:02.068+0100","caller":"hsmdaemon/keymanager.go:27","msg":"initialize pkcs11 module","module":"/usr/lib/softhsm/libsofthsm2.so"}
 {"level":"info","ts":"2019-02-14T09:27:02.087+0100","caller":"hsmdaemon/keymanager.go:65","msg":"Slots found","slotIds":[550099622,1989683358,2]}
 Available slots:
@@ -304,9 +304,9 @@ In this case, coordinate testing and final master key generation with your HSM t
 
 For testing key generation, run the command `hsmdaemon genkey test`, as in the following example.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-hsmdaemon genkey test
+sudo hsmdaemon genkey test
 Id: 9bac3719-2b8d-11e9-aeab-0242b5ece4c3, label: test
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1BO4vsI+xDk+x0nccl7
@@ -323,11 +323,11 @@ jwIDAQAB
 
 For testing data encryption, run the `hsmdaemon encrypt` command, as in the following example.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 # The first argument is the "Id:" value from running the genkey command above.
 # The second is the base64-encoded data to be encrypted.
-hsmdaemon encrypt 9bac3719-2b8d-11e9-aeab-0242b5ece4c3 Zm9vYmFy
+sudo hsmdaemon encrypt 9bac3719-2b8d-11e9-aeab-0242b5ece4c3 Zm9vYmFy
 ----
 
 If successful, you should see output similar to the below example.
@@ -345,7 +345,7 @@ WcezVb2N6bF8wlDooKZcmFn3tZgoIpoFGx6wQetx9sp1nK7JW2Y4OKt7P+0VKKlFO7yXaffVDD2Q6jZZ
 
 To show an existing key, use the `showkey` command with the key's id, as in the following example.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 sudo hsmdaemon showkey 9bac3719-2b8d-11e9-aeab-0242b5ece4c3
 ----
@@ -369,9 +369,9 @@ For more options see the self-documented default config file `hsmdaemon.toml`.
 During ownCloud config you might want to run the hsmdaemon service in the foreground to see what is going on.
 You can do so, using the following command (which also shows example console output, formatted for readability).
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-./hsmdaemon
+sudo hsmdaemon
 {
     "level": "info",
     "ts": "2019-02-14T09:32:59.081+0100",
@@ -403,7 +403,7 @@ To configure ownCloud to work with the hsmdaemon requires the following steps:
 
 Generate a shared secret to use for the hsmdaemon.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
 cat /proc/sys/kernel/random/uuid
 7a7d1826-b514-4d9f-afc7-a7485084e8de
@@ -420,7 +420,7 @@ Set the generated secret for ownCloud:
 
 [source,console,subs="attributes+"]
 ----
-occ config:app:set encryption hsm.jwt.secret --value '7a7d1826-b514-4d9f-afc7-a7485084e8de'
+{occ-command-example-prefix} config:app:set encryption hsm.jwt.secret --value '7a7d1826-b514-4d9f-afc7-a7485084e8de'
 ----
 
 If the command succeeds, you should see the following console output:
@@ -434,11 +434,11 @@ Config value hsm.jwt.secret for app encryption set to 7a7d1826-b514-4d9f-afc7-a7
 
 Enable HSM mode and enable encryption by running the commands in the following example.
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-occ config:app:set encryption hsm.url --value 'http://localhost:8513'
-occ app:enable encryption
-occ encryption:enable
+{occ-command-example-prefix} config:app:set encryption hsm.url --value 'http://localhost:8513'
+{occ-command-example-prefix} app:enable encryption
+{occ-command-example-prefix} encryption:enable
 ----
 
 If the commands are successful, you should see the following console output:
@@ -456,9 +456,9 @@ Default module: OC_DEFAULT_MODULE
 
 If you want to use a single master key run
 
-[source,console]
+[source,console,subs="attributes+"]
 ----
-occ encryption:select-encryption-type masterkey
+{occ-command-example-prefix} encryption:select-encryption-type masterkey
 ----
 
 ////