|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
File Formats device_allocate(4)
NAME
device_allocate - device_allocate file
SYNOPSIS
/etc/security/device_allocate
DESCRIPTION
The device_allocate file contains mandatory access control
information about each physical device. Each device is
represented by a one line entry of the form:
device-name;device-
type;reserved;reserved;auths;device-exec
where
device-name This is an arbitrary ASCII string
naming the physical device. This
field contains no embedded white
space or non-printable characters.
device-type This is an arbitrary ASCII string
naming the generic device type. This
field identifies and groups together
devices of like type. This field
contains no embedded white space or
non-printable characters.
reserved This field is reserved for future
use.
reserved This field is reserved for future
use.
auths This field contains a comma-
separated list of authorizations
required to allocate the device, or
asterisk (*) to indicate that the
device is not allocatable, or an '@'
symbol to indicate that no explicit
authorization is needed to allocate
the device.
SunOS 5.10 Last change: 16 Mra 2006 1
File Formats device_allocate(4)
The default authorization is
solaris.device.allocate. See
auths(1)
device-exec This is the physical device's data
purge program to be run any time the
device is acted on by allocate(1).
This is to ensure that all usable
data is purged from the physical
device before it is reused. This
field contains the filename of a
program in /etc/security/lib or the
full pathname of a cleanup script
provided by the system administra-
tor.
The device_allocate file is an ASCII file that resides in
the /etc/security directory.
Lines in device_allocate can end with a `\' to continue an
entry on the next line.
Comments may also be included. A `#' makes a comment of all
further text until the next NEWLINE not immediately preceded
by a `\'.
White space is allowed in any field.
The device_allocate file must be created by the system
administrator before device allocation is enabled.
The device_allocate file is owned by root, with a group of
sys, and a mode of 0644.
EXAMPLES
Example 1: Declaring an Allocatable Device
Declare that physical device st0 is a type st. st is allo-
catable, and the script used to clean the device after run-
ning deallocate(1) is named /etc/security/lib/st_clean.
# scsi tape
st0;\
st;\
reserved;\
reserved;\
solaris.device.allocate;\
/etc/security/lib/st_clean
SunOS 5.10 Last change: 16 Mra 2006 2
File Formats device_allocate(4)
Example 2: Declaring an Allocatable Device with Authoriza-
tions
Declare that physical device fd0 is of type fd. fd is allo-
catable by users with the solaris.device.allocate authoriza-
tion, and the script used to clean the device after running
deallocate(1) is named /etc/security/lib/fd_clean.
# floppy drive
fd0;\
fd;\
reserved;\
reserved;\
solaris.device.allocate;\
/etc/security/lib/fd_clean
Making a device allocatable means that you need to allocate
and deallocate it to use it (with allocate(1) and deallo-
cate(1)). If a device is not allocatable, there will be an
asterisk (*) in the auths field, and no one can use the dev-
ice.
FILES
/etc/security/device_allocate Contains list of allocatable
devices
SEE ALSO
auths(1), allocate(1), bsmconv(1M), deallocate(1),
list_devices(1), auth_attr(4)
NOTES
The functionality described in this man page is available
only if the Basic Security Module (BSM) has been enabled.
See bsmconv(1M) for more information.
On systems configured with Trusted Extensions, the func-
tionality is enabled by default. On such systems, the
device_allocate file is updated automatically by the system.
SunOS 5.10 Last change: 16 Mra 2006 3
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:27:20 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (5086 hits)
(openSUSE 10.2)
adv_cap_autoneg man page (4749 hits)
(Solaris 10 11_06)
CPAN man page (4470 hits)
(Suse Linux 10.1)
svn man page (4257 hits)
(FreeBSD 6.2)
ssh man page (4249 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (2211 hits)
(Solaris 10 11_06)
startproc man page (2203 hits)
(Suse Linux 10.1)
netcat man page (2163 hits)
(Suse Linux 10.1)
pprosetup man page (2022 hits)
(Solaris 10 11_06)
signal man page (2011 hits)
(Suse Linux 10.1)
|
Man Pages 
