|
Home > |
|---|
Initializes (creates) the named role on the current partition / slot, if applicable.
Use the command role list to see which roles are possible on the current partition/slot.
role init -name <string> [-password <string>]
| Parameter | Shortcut | Description |
|---|---|---|
| -name | -n | name of role to be initialized |
| -password | -p | password for role |
lunacm:> role init -name Crypto Officer
Please attend to the PED.
Command Result : No Error
lunacm:>
lunacm:> role init -name Auditor
Please attend to the PED.
Command Result : No Error
lunacm:>
Note: The Auditor role can exist only on the HSM's administrative partition, and shares that partition with the HSM Security Officer or SO (firmware 6.22.0 and newer). The Auditor role cannot be initialized by another role. Therefore, if the HSM SO is currently logged in, the SO must log out before you run role init to create the Auditor.
Note: When the Auditor role is created, it has no domain set. To allow Auditor to clone, you must log in as Auditor and run the command role setDomain. See role setdomain.
Note: This command is used for HSMs with firmware version 6.22.0 or newer. Expect an entry like 'LUNA_INIT_PIN returned RC_OK(0x00000000) roleID=8 container=3 'in the audit log, when the Auditor role is initialized. To initialize audit logging for HSMs with older firmware, use audit init.