Copyright (c) 2008, Sun Microsystems Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
allocate [-s] [-w] [-F] [-U uname] [-z zonename] device
allocate [-s] [-w] [-F] [-U uname] [-z zonename] -g dev-type
The allocate utility manages the ownership of devices through its allocation mechanism. It ensures that each device is used by only one qualified user at a time.
The device argument specifies the device to be manipulated. To preserve the integrity of the device's owner, the allocate operation is executed on all the device special files associated with that device.
The default allocate operation allocates the device special files associated with device to the uid of the current process.
Only authorized users may allocate a device. The required authorizations are specified in device_allocate(4).
When the system is configured with Trusted Extensions, allocate runs the clean program for the device before it grants access to the caller to that device. For devices with removable media that have a mountable file system, allocate mounts the media if the caller chooses.
The following options are supported:
-F device
Force allocates either free or pre-allocated devices. This option is often used with the -U option to allocate/reallocate devices to a specific user. Only those users that have solaris.device.revoke authorization are allowed to use this option.
-g dev-type
Allocates devices with a device-type matching dev-type. The dev-type argument specifies the device type to be operated on.
-s
Silent. Suppresses any diagnostic output.
-U uname
Uses the user ID uname instead of the user ID of the current process when performing the allocate operation. Only a user with the solaris.device.revoke authorization is permitted to use this option.
The following options are supported with Trusted Extensions:
-w
Runs the device cleaning program in a windowing environment. If a windowing version of the program exists, it is used. Otherwise, the standard version is run in a terminal window.
-z zonename
Allocates device to the zone specified by zonename.
The following operands are supported:
device
Specifies the name of the device to be allocated.
The following exit values are returned:
0
Successful completion.
20
No entry for the specified device.
other value
An error occurred.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Interface Stability | See below. |
The invocation is Uncommitted. The options are Uncommitted. The output is Not-an-Interface.
deallocate(1), list_devices(1), bsmconv(1M), dminfo(1M), mkdevalloc(1M), mkdevmaps(1M), device_allocate(4), device_maps(4), attributes(5)
Controlling Access to Devices
The functionality described in this man page is available only if Solaris Auditing has been enabled. See bsmconv(1M) for more information.
On systems configured with Trusted Extensions, the functionality is enabled by default.
/etc/security/dev, mkdevalloc(1M), and mkdevmaps(1M) might not be supported in a future release of the Solaris Operating Environment.