allocate - device allocation
Synopsis
Description
Options
Operands
Exit Status
Files
Attributes
See Also
Notes
allocate [-s] [-w] [-F] [-U uname] [-z zonename] device
allocate [-s] [-w] [-F] [-U uname] [-z zonename] -g dev-type
The allocate utility manages the ownership of devices through its allocation mechanism. It ensures that each device is used by only one qualified user at a time.
The device argument specifies the device to be manipulated. To preserve the integrity of the device’s owner, the allocate operation is executed on all the device special files associated with that device.
The default allocate operation allocates the device special files associated with device to the uid of the current process.
Only authorized users may allocate a device. The required authorizations are specified in device_allocate(4).
When the system is configured with Trusted Extensions, allocate runs the clean program for the device before it grants access to the caller to that device. For devices with removable media that have a mountable file system, allocate mounts the media if the caller chooses.
The following options are supported:
-F device
Force allocates either free or pre-allocated devices. This option is often used with the -U option to allocate/reallocate devices to a specific user. Only those users that have solaris.device.revoke authorization are allowed to use this option.
-g dev-type
Allocates devices with a device-type matching dev-type. The dev-type argument specifies the device type to be operated on.
-s
Silent. Suppresses any diagnostic output.
-U uname
Uses the user ID uname instead of the user ID of the current process when performing the allocate operation. Only a user with the solaris.device.revoke authorization is permitted to use this option.
The following options are supported with Trusted Extensions:
-w
Runs the device cleaning program in a windowing environment. If a windowing version of the program exists, it is used. Otherwise, the standard version is run in a terminal window.
-z zonename
Allocates device to the zone specified by zonename.
The following operands are supported:
device
Specifies the name of the device to be allocated.
The following exit values are returned:
0
Successful completion.
20
No entry for the specified device.
other value
An error occurred.
/etc/security/device_allocate
/etc/security/device_maps
/etc/security/dev/*
/etc/security/lib/*
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE ATTRIBUTE VALUE Availability SUNWcsu
The invocation is Uncommitted. The options are Uncommitted. The output is Not-an-Interface.
deallocate(1), list_devices(1), bsmconv(1M), dminfo(1M), mkdevalloc(1M), mkdevmaps(1M), device_allocate(4), device_maps(4), attributes(5)
Controlling Access to Devices
The functionality described in this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.
On systems configured with Trusted Extensions, the functionality is enabled by default.
/etc/security/dev, mkdevalloc(1M), and mkdevmaps(1M) might not be supported in a future release of the Solaris Operating Environment.
| SunOS 5.11 | allocate (1) | 3 Jul 2007 |