'\" te .\" Copyright 2007 Sun Microsystems, Inc. All Rights Reserved .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] .TH list_devices 1 "30 Apr 2008" "SunOS 5.11" "User Commands" .SH NAME list_devices \- list allocatable devices .SH SYNOPSIS .LP .nf \fBlist_devices\fR [\fB-s\fR] [\fB-U\fR \fIuid\fR] [\fB-z\fR \fIzonename\fR] [\fB-a\fR [\fB-w\fR]] \fB-l\fR | \fB-n\fR | \fB-u\fR [\fIdevice\fR] | [\fB-l\fR | \fB-n\fR | \fB-u\fR] \fB-c\fR \fIdev-class\fR .fi .LP .nf \fBlist_devices\fR [\fB-s\fR] \fB-d\fR \fIdev-type\fR .fi .SH DESCRIPTION .sp .LP The \fBlist_devices\fR utility lists the allocatable devices in the system according to specified qualifications. .sp .LP The \fIdevice\fR and all device special files associated with the device are listed. The device argument is optional and, if it is not present, all relevant devices are listed. If \fIdev-class\fR is present, devices belonging to the specified \fIdev-class\fR are listed. There is no default \fIdev-class\fR. .SH OPTIONS .sp .LP The following options are supported: .sp .ne 2 .mk .na \fB\fB-l\fR [\fB-c\fR \fIdev-class\fR | \fIdevice\fR]\fR .ad .RS 30n .rt Lists the pathnames of the device special files associated with the \fIdevice\fR that are allocatable to the current process. .sp If \fIdev-class\fR is specified, lists only the files associated with all devices of the specified device class. .sp If \fIdevice\fR is specified, lists only the files associated with the specified device. .RE .sp .ne 2 .mk .na \fB\fB-n\fR [\fB-c\fR \fIdev-class\fR | \fIdevice\fR]\fR .ad .RS 30n .rt Lists the pathnames of the device special files associated with the device that are allocatable to the current process but are not currently allocated. .sp If \fIdev-class\fR is specified, lists only the files associated with all devices of the specified device class. .sp If \fIdevice\fR is specified, lists only the files associated with the specified device. .RE .sp .ne 2 .mk .na \fB\fB-s\fR\fR .ad .RS 30n .rt Silent. Suppresses any diagnostic output. .RE .sp .ne 2 .mk .na \fB\fB-u\fR [\fB-c\fR \fIdev-class\fR | \fIdevice\fR]\fR .ad .RS 30n .rt Lists the pathnames of device special files associated with the device that are allocated to the owner of the current process. .sp If \fIdev-class\fR is specified, lists only the files associated with all devices of the specified device class. .sp If \fIdevice\fR is specified, lists only the files associated with the specified device. .RE .sp .ne 2 .mk .na \fB\fB-U\fR \fIuid\fR\fR .ad .RS 30n .rt Uses the user \fBID\fR \fIuid\fR instead of the real user \fBID\fR of the current process when performing the \fBlist_devices\fR operation. Only a user with the \fBsolaris.device.revoke\fR authorization can use this option. .RE .sp .LP The following options are supported when the system is configured with Trusted Extensions: .sp .ne 2 .mk .na \fB\fB-a\fR\fR .ad .RS 15n .rt Lists attributes like authorizations, cleaning programs and labels associated with a device. .sp The list is a single line of semicolon (\fB;\fR) separated \fIkey\fR\fB=\fR\fIvalue\fR pairs for each device in the format: .sp .in +2 .nf device=\fIdevice-name\fR;type=\fIdevice-type\fR;\e auths=\fIauths\fR;clean=\fIdevice-exec\fR;\e \fIdevice-attributes\fR;\e files=\fIdevice-list\fR .fi .in -2 .sp where \fIdevice-attributes\fR is the contents of the \fBreserved1\fR field of \fBdevice_allocate\fR(4). The field is colon (\fB:\fR) separated.) .sp See \fBdevice_allocate\fR(4) for a description of these attributes and their format. .sp The \fB-a\fR output has the following keys: .sp .ne 2 .mk .na \fB\fBauths\fR\fR .ad .RS 10n .rt Specifies the list of authorizations. The value is \fBauths\fR is described in \fBdevice_allocate\fR(4). .RE .sp .ne 2 .mk .na \fB\fBclean\fR\fR .ad .RS 10n .rt Specifies the device cleaning script. The value is \fBdevice-exec\fR as described in \fBdevice_allocate\fR(4). .RE .sp .ne 2 .mk .na \fB\fBdevice\fR\fR .ad .RS 10n .rt Specifies the device name. The value is \fBdevice-name\fR as described in \fBdevice_allocate\fR(4). .RE .sp .ne 2 .mk .na \fB\fBfiles\fR\fR .ad .RS 10n .rt Specifies the device file paths. The value is \fBdevice-list\fR as described in \fBdevice_maps\fR(4). .RE .sp .ne 2 .mk .na \fB\fBtype\fR\fR .ad .RS 10n .rt Specifies the device type. The value is \fBdevice-type\fR as described in \fBdevice_allocate\fR(4). .RE .RE .sp .ne 2 .mk .na \fB\fB-d\fR\fR .ad .RS 15n .rt Displays the system-supplied default attributes for the device types managed by device allocation. If \fIdev-type\fR is specified, it lists the default attributes for only that device type. .RE .sp .ne 2 .mk .na \fB\fB-w\fR\fR .ad .RS 15n .rt This option can be used with \fB-a\fR to list the current owner of the device as the key value pair \fIowner\fR\fB=\fR\fIvalue\fR. \fIvalue\fR is the \fBuid\fR of the current owner of the device. If the device is unallocated, value is \fB/FREE\fR. If the device is in error state, value is \fB/ERROR\fR. This option also suppresses any diagnostic output. .RE .sp .ne 2 .mk .na \fB\fB-z\fR \fIzonename\fR\fR .ad .RS 15n .rt When specified with the \fB-l\fR option, lists only those non-allocated devices whose label range includes the label of the zonename, and of the allocated devices, only those that are allocated at the same label as that of \fIzonename\fR. .sp When specified with the \fB-n\fR option, lists only those non-allocated devices whose label range includes the label of the \fIzonename\fR. .sp When specified with the \fB-u\fR option, lists only those devices that are allocated at the same label as that of \fIzonename\fR. .RE .SH EXAMPLES .LP \fBExample 1 \fRListing All Devices .sp .LP The following example lists all devices available to the caller for allocation: .sp .in +2 .nf % list_devices -l device: audio type: audio \e files: /dev/audio /dev/audioctl /dev/sound/0 /dev/sound/0ctl .fi .in -2 .sp .LP \fBExample 2 \fRListing Attributes of All Devices .sp .LP On a system configured with Trusted Extensions, the following example lists attributes of all devices available to the caller for allocation: .sp .in +2 .nf % list_devices -al device=audio1;type=audio;\e auths=solaris.device.allocate;\e clean=/etc/security/lib/audio_clean;\e minlabel=admin_low:maxlabel=admin_high;\e files=/dev/audio1 /dev/audio1ctl /dev/sound/1 /dev/sound/1ctl .fi .in -2 .sp .LP \fBExample 3 \fRListing Attributes Including the Device Owner .sp .LP On a system configured with Trusted Extensions, the following example lists attributes including the device owner of all devices allocated to the user: .sp .in +2 .nf % list_devices -auw device=audio2;type=audio;auths=solaris.device.allocate;\e clean=/etc/security/lib/audio_clean;\e minlabel=admin_low:maxlabel=admin_high:zone=public;\e owner=1234;\e files=/dev/audio2 /dev/audio2ctl /dev/sound/2 /dev/sound/2ctl .fi .in -2 .sp .SH EXIT STATUS .sp .LP The following exit values are returned: .sp .ne 2 .mk .na \fB\fB0\fR\fR .ad .RS 15n .rt Successful completion. .RE .sp .ne 2 .mk .na \fB\fB20\fR\fR .ad .RS 15n .rt No entry for the specified device. .RE .sp .ne 2 .mk .na \fB\fIother value\fR\fR .ad .RS 15n .rt An error occurred. .RE .SH FILES .sp .LP \fB/etc/security/device_allocate\fR .sp .LP \fB/etc/security/device_maps\fR .sp .LP \fB/etc/security/dev/*\fR .sp .LP \fB/usr/security/lib/*\fR .SH ATTRIBUTES .sp .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp .sp .TS tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) . ATTRIBUTE TYPEATTRIBUTE VALUE _ Interface StabilitySee below. .TE .sp .LP The invocation is Uncommitted. The options are Uncommitted. The output from the \fB-a\fR and \fB-w\fR options is Uncommitted. All other output is Not-an-Interface. .SH SEE ALSO .sp .LP \fBallocate\fR(1), \fBdeallocate\fR(1), \fBbsmconv\fR(1M), \fBdminfo\fR(1M), \fBmkdevalloc\fR(1M), \fBmkdevmaps\fR(1M), \fBdevice_allocate\fR(4), \fBdevice_maps\fR(4), \fBattributes\fR(5) .sp .LP \fIControlling Access to Devices\fR .SH NOTES .sp .LP The functionality described in this man page is available only if Solaris Auditing has been enabled. See \fBbsmconv\fR(1M) for more information. .sp .LP On systems configured with Trusted Extensions, the functionality is enabled by default. .sp .LP \fB/etc/security/dev\fR, \fBmkdevalloc\fR(1M), and \fBmkdevmaps\fR(1M) might not be supported in a future release of the Solaris Operating Environment.