use occ consistently

This document appears to be technically accurate.
But it has several defects:

* sudo is used inconsistently
* occ is used inconsistently
* The TIP about analyzing the own PATH shows a misunderstanding.  Calling `./hsmdaemon install` actually creates a service file with the current PWD hardcoded. No path lookup is ever done. during service invocation. It is safer to use the install subcommand with the binary that was placed in the final destination, e.g. `/usr/local/bin/hsmdaemon install`
* chmod 750 includes execute permission. This is useless for the toml file. use 640 instead.

As this manual is in the public, I miss some instruction how to actually obtain the hsmdaemon code. It is not opensource. Maybe ooint to the consulting team?

modules/admin_manual/pages/configuration/server/security/hsmdaemon/index.adoc

@@ -174,29 +174,12 @@ After you've obtained the hsmdaemon from ownCloud, you need to:
 . Make the hsmdaemon binary Executable
 . xref:copy-the-config-file[Copy the Config File] 
 
-[TIP]
-====
-If you are not sure which directories are in your system path, run the following script to see a complete list:
 
 [source,console]
 ----
-OFS=$IFS && IFS=':'
-for i in $(echo $PATH); do echo $i; done;
-IFS=$OFS;
+install -m 755 ./hsmdaemon /usr/local/bin/hsmdaemon
 ----
 
-You should see a list similar to the following:
-
-[source,console]
-----
-/usr/local/sbin
-/usr/local/bin
-/usr/sbin
-/usr/bin
-/sbin
-/bin
-----
-====
 
 ==== Copy the Config File
 
@@ -206,9 +189,9 @@ To create it from the example config file available in provided package, run the
 [source,console]
 ----
 mkdir /etc/hsmdaemon                              # Create the hsmdaemon configuration directory
-cp hsmdaemon.toml /etc/hsmdaemon/hsmdaemon.toml   # Copy the example config file
-chown root /etc/hsmdaemon/hsmdaemon.toml          # Set the owner of the file to root
-chmod 750 /etc/hsmdaemon/hsmdaemon.toml           # Allow only the root and users in the root group to read & write the configuration file
+# Copy the example config file
+# Allow only the root and users in the root group to read & write the configuration file
+install -m 640 ./hsmdaemon.toml /etc/hsmdaemon/hsmdaemon.toml
 ----
 
 ==== Install the System Service
@@ -218,7 +201,8 @@ To do this, run it with the `install` option, as in the example below.
 
 [source,console]
 ----
-./hsmdaemon install
+/usr/local/bin/hsmdaemon install
+service hsmdaemon start
 ----
 
 If it installs successfully, then you should see the following console output:
@@ -233,9 +217,9 @@ It should now be running and set to start automatically at boot time.
 ====
 The daemon is managed using the following three commands:
 
-* `sudo service hsmdaemon start`
-* `sudo service hsmdaemon stop` and 
-* `sudo service hsmdaemon status`.
+* `service hsmdaemon start`
+* `service hsmdaemon stop` and 
+* `service hsmdaemon status`.
 ====
 
 ==== Configure the PKCS11 Module Path
@@ -343,7 +327,7 @@ For testing data encryption, run the `hsmdaemon encrypt` command, as in the foll
 ----
 # The first argument is the "Id:" value from running the genkey command above.
 # The second is the base64-encoded data to be encrypted.
-sudo hsmdaemon encrypt 9bac3719-2b8d-11e9-aeab-0242b5ece4c3 Zm9vYmFy
+hsmdaemon encrypt 9bac3719-2b8d-11e9-aeab-0242b5ece4c3 Zm9vYmFy
 ----
 
 If successful, you should see output similar to the below example.
@@ -436,9 +420,7 @@ Set the generated secret for ownCloud:
 
 [source,console,subs="attributes+"]
 ----
-{occ-command-example-prefix} config:app:set \
-    encryption hsm.jwt.secret \
-    --value '7a7d1826-b514-4d9f-afc7-a7485084e8de'
+occ config:app:set encryption hsm.jwt.secret --value '7a7d1826-b514-4d9f-afc7-a7485084e8de'
 ----
 
 If the command succeeds, you should see the following console output: