# Installation¶

## Prerequisites¶

To install and run Anjuna Unseal tool, the following prerequisites must be met:

### Hardware requirements¶

Important

• The host machine must use a CPU that supports Intel® SGX (see Getting access to Intel® SGX).
• Intel SGX must be enabled in the BIOS of the host machine. Be sure to use the Enabled setting, not Software Controlled.

### Supported platforms¶

• Ubuntu 16.04 (Xenial) Server and Desktop editions
• Ubuntu 18.04 (Bionic Beaver) Server and Desktop editions

### Software requirements¶

• The user performing the installation must have administrator privileges (root or sudo permissions).
• The Intel SGX Driver must be installed and loaded (the installer will attempt to install this component if it is not found).
• The Intel SGX Platform Software (PSW) must be installed and running (the Anjuna Unseal tool will attempt to install this component if it is not found).

Important

The Intel SGX components are required to run the Anjuna Unseal tool. If those components are not already installed on the host, the Anjuna Unseal tool installer has the ability to set up Intel SGX components during the installation.

## Execute the Anjuna Unseal tool installer¶

An installation package is provided to install the Anjuna Unseal tool on an SGX-enabled host. The package is an executable that performs the following actions:

1. checks for Intel SGX system compatibility
2. checks for OS compatibility (Ubuntu 16.04 or Ubuntu 18.04)
3. checks for availability of the Intel® SGX Driver
4. checks for availability of the Intel® PSW stack
5. installs the Intel® SGX components if necessary
6. installs the Anjuna Unseal tool on the host
7. installs the Anjuna Unseal tool documentation (in HTML format)
8. installs the sealing tool

For Ubuntu 16
wget https://s3-us-west-1.amazonaws.com/anjuna-security.vault.unseal/anjuna-vault-unseal-ubuntu16-0.17.0050.bin

For Ubuntu 18
wget https://s3-us-west-1.amazonaws.com/anjuna-security.vault.unseal/anjuna-vault-unseal-ubuntu18-0.17.0050.bin


The rest of this document will assume that the host is running Ubuntu 16.04 and refer to the installation file anjuna-vault-unseal-ubuntu16-0.17.0050.bin. When running on Ubuntu 18.04, the instructions should be adjusted to use the anjuna-vault-unseal-ubuntu18-0.17.0050.bin file.

Important

The Anjuna Unseal tool installer is a self-extracting file and requires executable permission to run. If the permission was removed during the file transfer between hosts, it can be re-applied with the chmod command. If you see this error:

$./anjuna-vault-unseal-ubuntu16-0.17.0050.bin bash: anjuna-vault-unseal-ubuntu16-0.17.0050.bin: Permission denied  just run the following command: $ chmod +x ./anjuna-vault-unseal-ubuntu16-0.17.0050.bin


and then run the installer again.

The installer supports various command-line options to customize its behavior. To see the available options, use the --help option:

$./anjuna-vault-unseal-ubuntu16-0.17.0050.bin --help  Anjuna SGX Runtime self-extracting installer Usage: anjuna-vault-unseal-ubuntu16-0.17.0050.bin [OPTIONS] Run this file to extract and install Anjuna Runtime. Available options: -v, --verbose Print more information during the setup. -l, --list List the content of this package -d, --docs Extract the documentation only and skip the setup. -e, --extract Extract the package, but skip the setup. -h, --help Print this message. --version Print the version information.  To get started, simply run the installer $ ./anjuna-vault-unseal-ubuntu16-0.17.0050.bin


which should produce the following output:

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17  Anjuna SGX Runtime self-extracting installer Checking for Operating System Found Ubuntu 16.04.5 LTS Checking for SGX Hardware support This host is SGX capable (sgx_is_capable => 1) <... snip ...> Summary: Anjuna SGX Runtime fully installed Run the following command to setup your environment export ANJUNA_HOME=/home/anjuna/anjuna-vault-unseal-ubuntu16-0.13.0001 source ${ANJUNA_HOME}/env.sh  The message on line 13 indicates that the Anjuna Unseal tool was properly installed. The output on line 17 provides a convenient script to set up the environment variables when running the various tools provided by the Anjuna Unseal tool. You can ensure that these environment variables are always set by adding the following line to your ~/.bash_profile file, where it will be executed automatically at login: $ export ANJUNA_HOME=/home/anjuna/anjuna-vault-unseal-ubuntu16-0.17.0050
$source${ANJUNA_HOME}/env.sh


Important

The location of the env.sh file depends on the directory where the installer is run. In the example above, the location is assumed to be /home/anjuna. Make sure the full path of the env.sh is identical to the path shown in the installer out (i.e. replace the /home/anjuna fragment with the correct location)

After setting this up, you can either log out and back in, or just manually source the file from bash.