Ancillary Files for Allocatable Devices
Each allocatable device has an ancillary file, which is a zero-length file in /etc/security/dev. The ancillary file is also referred to as a DAC file because the file must not only exist but its DAC permissions, owner, and group depend on its state.
The following table shows the DAC permissions, owner, and group for each of the possible states:
Table 12-5 Required Ancillary File Characteristics for Devices|
Device State |
DAC permissions (mode) |
Owner |
Group |
Label |
|---|---|---|---|---|
|
Allocatable |
0000 |
bin |
bin |
|
|
Allocated |
0600 |
user |
user's group |
user's process's label |
|
Error State |
0100 |
bin |
bin |
|
- © 2010, Oracle Corporation and/or its affiliates