Using the Unix Installation Utility

Installation and uninstallation commands are different for each of the supported Unix platforms. To account for these differences, the package should be installed using the Unix Installation Utility. Manual commands specific to your operating system can be used, but this is not the recommended method. The Installation Utility is more likely to result in a problem-free installation or uninstallation. The latest versions of the client software and HSM firmware can be found on the Thales Technical Support Customer Portal. See Support Contacts for more information.

The utility provides a simple menu-driven interface. In addition to installing and uninstalling the access provider on Unix systems, it can also:

>List already-installed SafeNet packages

>List directory contents, for the current platform or all platforms

>Install a package from the directory (which also installs the utility in /usr/bin)

>Change the default operating mode (hardware or software-only).

Whenever the utility installs a SafeNet package, it also installs itself on the host system's hard disk (in /usr/bin/safeNet-install.sh). This copy can be used to uninstall or configure the software.

Utility Startup

Should you encounter any problems while following this procedure, please see Unix Installation Utility troubleshooting. Options can be specified when executing the safeNet-install.sh command. These options are not normally required and are mainly useful for troubleshooting.

Syntax

safeNet-install.sh [-h] [-p] [-s <size>] [-v]

Option Description
-h Show help.
-p Plain mode. In this mode the ‘tput’ is not used for video enhancements.
-s<size> Override the screen size (default = ‘tput lines/cols’ or 24x80).
-v Print the version of this script.

If you wish to enter platform-specific commands manually, use the commands given in Unix/Linux Command Reference.

To start up the utility

1.The Thales Unix Installation Utility is located in the installation DVD or image's root directory. Mount the DVD or unzip the image by following standard procedure for your platform and installation.

2.Change directory to the DVD or directory and start the utility. For example:

# cd /misc/cd
# ./safeNet-install.sh

The utility scans the system and the directory and displays the Main Menu.

Gemalto Unix Installation Utility (version 5.3.0):
Hostname: 66 (Linux 2.6.32-504.16.2.el6.i686)
Main menu

1 list Gemalto packages already installed
2 list packages on CD
3 install a package from this CD
4 uninstall a Gemalto package
5 Set the default cryptoki and/or hsm link

q quit the utility



Choice (1 2 3 4 q) [Redraw]:

NOTE   Enter 'b' to go back to the previous menu and 'q' to quit the utility. You can also quit with the system INTR key (normally ^C).

Installing a package

Should you encounter any problems, please see Unix Installation Utility troubleshooting.

To install a package

1.Select install a package from this CD from the utility's Main Menu.

A list of installable SafeNet packages is displayed.

2.Select the package required by typing the appropriate menu number followed by Enter.

The utility verifies the action and executes the appropriate command for your platform.

3.On some platforms, you may be prompted for additional installation options. On Linux, for example, you can add a –nodeps option to suppress the checking of dependencies. These options should be selected with appropriate care.

4.You may now need to respond to any platform-specific messages (for example: to confirm you wish to proceed with the installation).

5.After installation, the utility will return Success or Failure, scan the system again, and display the current installation status. Press the Enter key to continue.

Setting up your environment

After installing the software on Linux platforms, you must run the SafeNet ProtectToolkit setvars.sh script to configure your environment for the SafeNet ProtectToolkit software. You cannot run the script directly, but instead you must source it or add it to a startup file (for example, .bashrc). If you source the script, your environment will be set for the current session only. If you add it to your startup file, your environment will be set each time you log in.

To set up your environment

1.Go to the SafeNet ProtectToolkit software installation directory:

cd /opt/safenet/protecttoolkit5/ptk

2.Source the setvars.sh script:

. ./setvars.sh

Once installed and configured, the software is ready to use under /opt/safenet.

Changing the Cryptoki provider

On Unix/Linux systems, the software-only Cryptoki provider is made active by default. If you plan to use this instance of SafeNet ProtectToolkit-C with a SafeNet ProtectServer HSM, you will need to change the Cryptoki provider. Software-only mode is not secure, as cryptographic material is stored on the host system. You can use the Unix Installation Utility to change modes.

To change the Cryptoki provider

1.From the Main menu, select Set the default cryptoki and/or HSM link.

The Cryptoki Selection screen is displayed.

Gemalto Unix Installation Utility (version 5.3.0):
Hostname: 66 (Linux 2.6.32-504.16.2.el6.i686)
Main Menu >> Check/Set Default Cryptoki & HSM Menu

-------------------- Cryptoki Selection --------------------
1   SafeNet ProtectToolkit C SDK Software (emulator)
2 * SafeNet ProtectToolkit C SDK Runtime (hardware)
3 * SafeNet Network HSM Access Provider

b back
q quit the utility



Choice (1 2 3 b q) [Redraw]:

2.Select SafeNet ProtectToolkit C SDK Runtime (hardware) and confirm your selection.

Uninstalling a package

Should you encounter any problems, please see Unix Installation Utility troubleshooting.

To uninstall a package

1.Select Uninstall a SafeNet package from the utility's Main Menu.

A list of installed SafeNet packages is displayed.

2.Select the required package by typing the appropriate menu number and pressing Enter.

The utility verifies the action and executes the appropriate command for your platform.

3.On some platforms, you may be prompted for additional uninstallation options. On Linux, for example, you can add a –nodeps option to suppress the checking of dependencies. These options should be selected with appropriate care.

4.After completing uninstallation, the utility will return Success or Failure, scan the system again, and display the current installation status.

5.You may now need to respond to any platform-specific messages to confirm that you wish to proceed with the uninstallation. Press the Enter key to continue.

Unix Installation Utility troubleshooting

Problem Solution
Packages to install or uninstall are not visible If no packages are shown to install or uninstall, close the utility, check that you are logged on as root, and ensure your current directory is on the DVD or directory before running the utility again.
The screen is confused or does not display correctly

This utility relies on the TERM environment parameter when creating colors and measuring screen size, so make sure this is set correctly. The most common values are xterm or vt100. For example, to set TERM to vt100:

# TERM=vt100# export TERM

>If the screen is confused, run the utility in “plain” mode as follows:

# ./safeNet-install.sh –p

>If the size of the terminal is not correctly set by termcap (for example: the headings disappear off the top of the screen), override the screen size with the -s option:

# ./safeNet-install.sh -s 24x80

>If using an X system terminal window, do not resize the window while running the utility, as it cannot sense the change.

The backspace key does not operate correctly

On some terminals, the backspace key does not operate correctly. If, after typing a number and then backspace, the terminal returns “2^H” instead of an actual backspace:

>Type the current KILL character (normally ^U) and then enter the desired number (you will need to do this each time a backspace is required)

>Exit the utility (perhaps with ^C) and use the stty(1) command to correct the erase character before restarting the utility:

# stty erase ^H

where ^H is the character created by pressing the backspace key.

This will fix the problem semi-permanently, for the current session in that terminal.