ALLOCATE(1)ALLOCATE(1)NAME
allocate - device allocation
SYNOPSIS
allocate [-s] [-w] [-F] [-U uname] [-z zonename] device
allocate [-s] [-w] [-F] [-U uname] [-z zonename] -g dev-type
DESCRIPTION
The allocate utility manages the ownership of devices through its allo‐
cation mechanism. It ensures that each device is used by only one qual‐
ified user at a time.
The device argument specifies the device to be manipulated. To preserve
the integrity of the device's owner, the allocate operation is executed
on all the device special files associated with that device.
The default allocate operation allocates the device special files asso‐
ciated with device to the uid of the current process.
Only authorized users may allocate a device. The required authoriza‐
tions are specified in device_allocate(4).
When the system is configured with Trusted Extensions, allocate runs
the clean program for the device before it grants access to the caller
to that device. For devices with removable media that have a mountable
file system, allocate mounts the media if the caller chooses.
OPTIONS
The following options are supported:
-F device
Force allocates either free or pre-allocated devices.
This option is often used with the -U option to allo‐
cate/reallocate devices to a specific user. Only
those users that have solaris.device.revoke autho‐
rization are allowed to use this option.
-g dev−type
Allocates devices with a device−type matching
dev−type. The dev−type argument specifies the device
type to be operated on.
-s
Silent. Suppresses any diagnostic output.
-U uname
Uses the user ID uname instead of the user ID of the
current process when performing the allocate opera‐
tion. Only a user with the solaris.device.revoke
authorization is permitted to use this option.
The following options are supported with Trusted Extensions:
-w
Runs the device cleaning program in a windowing environ‐
ment. If a windowing version of the program exists, it
is used. Otherwise, the standard version is run in a
terminal window.
-z zonename
Allocates device to the zone specified by zonename.
OPERANDS
The following operands are supported:
device
Specifies the name of the device to be allocated.
EXIT STATUS
The following exit values are returned:
0
Successful completion.
20
No entry for the specified device.
other value
An error occurred.
FILES
/etc/security/device_allocate
/etc/security/device_maps
/etc/security/dev/*
/etc/security/lib/*
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌────────────────────┬─────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├────────────────────┼─────────────────┤
│Interface Stability │ See below. │
└────────────────────┴─────────────────┘
The invocation is Uncommitted. The options are Uncommitted. The output
is Not-an-Interface.
SEE ALSOdeallocate(1), list_devices(1), bsmconv(1M), dminfo(1M), mkdeval‐
loc(1M), mkdevmaps(1M), device_allocate(4), device_maps(4),
attributes(5)
Controlling Access to Devices
NOTES
The functionality described in this man page is available only if
Solaris Auditing has been enabled. See bsmconv(1M) for more informa‐
tion.
On systems configured with Trusted Extensions, the functionality is
enabled by default.
/etc/security/dev, mkdevalloc(1M), and mkdevmaps(1M) might not be sup‐
ported in a future release of the Solaris Operating Environment.
Apr 30, 2008 ALLOCATE(1)
