allocate(1) User Commands allocate(1)
NAME
allocate - device allocation
SYNOPSIS
allocate [-s] [-w] [-F] [-U uname] [-z zonename] device
allocate [-s] [-w] [-F] [-U uname] [-z zonename] -g dev-type
DESCRIPTION
The allocate utility manages the ownership of devices through its allocation mechanism. It ensures that each device is used by only one
qualified user at a time.
The device argument specifies the device to be manipulated. To preserve the integrity of the device's owner, the allocate operation is exe-
cuted on all the device special files associated with that device.
The default allocate operation allocates the device special files associated with device to the uid of the current process.
Only authorized users may allocate a device. The required authorizations are specified in device_allocate(4).
When the system is configured with Trusted Extensions, allocate runs the clean program for the device before it grants access to the caller
to that device. For devices with removable media that have a mountable file system, allocate mounts the media if the caller chooses.
OPTIONS
The following options are supported:
-F device Force allocates either free or pre-allocated devices. This option is often used with the -U option to allocate/reallocate
devices to a specific user. Only those users that have solaris.device.revoke authorization are allowed to use this
option.
-g dev-type Allocates devices with a device-type matching dev-type. The dev-type argument specifies the device type to be operated
on.
-s Silent. Suppresses any diagnostic output.
-U uname Uses the user ID uname instead of the user ID of the current process when performing the allocate operation. Only a user
with the solaris.device.revoke authorization is permitted to use this option.
The following options are supported with Trusted Extensions:
-w Runs the device cleaning program in a windowing environment. If a windowing version of the program exists, it is used. Oth-
erwise, the standard version is run in a terminal window.
-z zonename Allocates device to the zone specified by zonename.
OPERANDS
The following operands are supported:
device Specifies the name of the device to be allocated.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
20 No entry for the specified device.
other value An error occurred.
FILES
/etc/security/device_allocate
/etc/security/device_maps
/etc/security/dev/*
/etc/security/lib/*
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
|Interface Stability |See below. |
+-----------------------------+-----------------------------+
The invocation is Uncommitted. The options are Uncommitted. The output is Not-an-Interface.
SEE ALSO
deallocate(1), list_devices(1), bsmconv(1M), dminfo(1M), mkdevalloc(1M), mkdevmaps(1M), device_allocate(4), device_maps(4), attributes(5)
Controlling Access to Devices
NOTES
The functionality described in this man page is available only if Solaris Auditing has been enabled. See bsmconv(1M) for more information.
On systems configured with Trusted Extensions, the functionality is enabled by default.
/etc/security/dev, mkdevalloc(1M), and mkdevmaps(1M) might not be supported in a future release of the Solaris Operating Environment.
SunOS 5.11 30 Apr 2008 allocate(1)