deallocate(1MTSOL) (Man Pages (1MTSOL): Maintenance and Administration Commands)

Skip to ContentSun and Oracle Channel Sun How to Buy Log In

Man Pages (1MTSOL): Maintenance and Administration Commands

Contained Within

Trusted Solaris 2.5.1 AnswerBook

Find More Documentation

Featured Support Resources

Download this book in PDF

NAME

deallocate - device deallocation

SYNOPSIS

deallocate [ -s ] device

deallocate [ -s ] [ -F ] device

deallocate [ -s ] -I

deallocate [ -s ] -R [ device ]

AVAILABILITY

SUNWcsu

DESCRIPTION

deallocate deallocates a device allocated to the evoking user. device can be a device defined in device_allocate(4TSOL) or one of the device special files associated with the device. It resets the ownership and the permission on all device special files listed in the device_maps file, disabling the user's access to that device. This option can be used by a privileged user to remove access to the device by another user.

When deallocation or forced deallocation is performed, the appropiate device cleaning program is executed, based on the contents of device_allocate(4TSOL). These cleaning programs are normally stored in /etc/security/lib. deallocate requires the file_chown, file_dac_read, file_mac_read, file_setdac, and sys_audit privileges to be successful. In addition, certain options require the trusted path attribute to be successful.

OPTIONS

device: Deallocate the device associated with the device special file specified by device.

-s: Silent. Suppress any diagnostic output.

-F device: Force deallocation of the device associated with the file specified by device. This option requires the trusted path attribute to be successful.

-I: Force deallocation of all allocatable devices. This option requires the trusted path attribute to be successful. This option should only be used at system initialization.

-R [device]: Reset the specified device to be allocatable. All associated physical device nodes listed in the device_maps file for the specified device will be reset to the deallocated mode and label. Intended as a means for reclaiming a device from a state of error, this option requires the trusted path attribute to be successful. If the specified device is allocated or if the device is a nonallocatable device, this option will fail. If no device is specified, the command is applied to all allocatable devices.

DIAGNOSTICS

deallocate returns an nonzero exit status in the event of an error.

SUMMARY OF TRUSTED

To run successfully, deallocate requires the file_chown, file_dac_read, file_mac_read, file_setdac, and sys_audit privileges. In addition, the -F option and the new -R option require the trusted path attribute.

SOLARIS CHANGES

FILES

/etc/security/device_allocate

/etc/security/device_maps
/etc/security/dev/*
/etc/security/lib/*