Home >

LunaCM Command Reference Guide > LunaCM commands

  
LunaCM commands

This chapter describes the commands available in LunaCM. The commands are described in alphabetical order and provide:

a brief description of the command function

the command syntax and parameter descriptions

usage examples  

Lunacm opens with a slot list, showing brief descriptions of the HSM administrative or application partitions that are visible to the library, in the order that they are detected. Those include:

SafeNet Network HSM application partitions (if any), network-connected to the host computer via NTLS or STC channels,

SafeNet PCIe HSMs (if any) installed within the host computer,

SafeNet USB HSMs (if any) connected via USB to the host computer.

By default, Lunacm shows the lowest-numbered slot first. Local HSMs (SafeNet PCIe HSM or SafeNet USB HSM) might have an HSM administrative slot (for the HSM SO) or an application partition slot, or both, so lunacm leaves gaps in the slot numbering to allow for the possible slots on a given HSM.

Where did my command go?  

The question mark (or any incorrect command) shows the lunacm commands available to be used in the current slot.
The availability of lunacm commands changes according to four possible scenarios:  

the current slot is the HSM administrative partition for an HSM with firmware version 6.22.0 or newer  

the current slot is an application partition that has its own SO (a PPSO partition), on an HSM with firmware version 6.22.0 or newer  

the current slot is a separate-but-not-independent application partition that is administered by the HSM SO, and does not have its own separate SO (a legacy-style partition) on an HSM with firmware version 6.22.0 or newer  

the current slot is the HSM administrative partition and application partition for an HSM with firmware older than version 6.22.0 (a true legacy partition).  

No single partition type has access to all the possible commands within lunacm.

Note:  Persistence of login state  

For HSMs with firmware 6.22.0 or newer, login state of a slot is preserved until explicitly ended (such as with "logout" or "deactivate" or closing the application). Therefore, login state persists when you switch slots in lunacm. That is, if you were logged into the partition in slot 1, then set current slot to slot 2, then came back to slot 1, the login state for the partition in slot 1 would still be in force, with no need to reinstate it.

For HSMs with older firmware, changing to a different slot terminates the login state in the original slot, as was always the case.

Lunacm command list on HSM admin partition, f/w 6.22.0  

(These are the commands that you see if the current-slot partition is the initialized HSM's administrative partition, while the HSM is at firmware version 6.22.0 or newer. Some of these commands act on the current-slot partition; some have a -slot option to direct their action to another partition/slot.)

Select a link to display the command syntax or to help you to navigate to the sub-command you need:  

appid  
audit    
file   
clientconfig   
hagroup
hsm   
partition   
ped   
remoteBackup   
role   
slot   
srk   


Parameter Shortcut Description
appid a > Manage Application Ids. See appid .  
audit au Audit commands. See audit
clientconfig ccfg Client configuration. See clientconfig .
file f File commands. See file display .
hagroup ha High Availability Group commands. See hagroup .   
hsm hs HSM commands. See hsm .
partition par Partition commands. See partition .
ped p Remote PED commands. See ped .
remoteBackup rb Manage Remote Backup server. See remotebackup start .
role ro Role management commands. See role .
slot s Slot management commands. See slot .
srk r Secure Recovery commands. See srk .

 

 

Lunacm command list on application partition, f/w 6.22.0  

(These are the commands that you see if the current-slot partition is the initialized HSM's administrative partition, while the HSM is at firmware version 6.22.0 or newer. Some of these commands act on the current-slot partition; some have a -slot option to direct their action to another partition/slot.)

Select a link to display the command syntax or to help you to navigate to the sub-command you need:  

   
appid
file   
clientconfig   
hagroup
partition   
ped   
remoteBackup   
role   
slot   

Parameter Shortcut Description
appid a > Manage Application Ids. See "appid" on page 1 .  
file f File commands. See "file display" on page 1 .
clientconfig ccfg Client configuration. See "clientconfig" .
hagroup ha High Availability Group commands. See "hagroup" on page 1 .   
partition par Partition commands. See "partition" on page 1.
ped p Remote PED commands. See "ped" on page 1 .
remoteBackup rb Manage Remote Backup server. See "remotebackup start" on page 1 .
role ro Role management commands. See "role" .
slot s Slot management commands. See "slot" on page 1 .