System Administration Guide: Security Services

Device Allocation Commands

With uppercase options, the allocate, deallocate, and list_devices commands are administrative commands. Otherwise, these commands are user commands. The following table lists the device allocation commands.

Table 4–2 Device Allocation Commands



Man Page 


Creates databases to handle device allocation. Also enables the auditing service. You must be superuser or in the Primary Administrator role. 



Searches for an allocatable device by device type, by device name, and by full path name. 



Lists the status of allocatable devices. 

Lists all the device-special files that are associated with any device that is listed in the device_maps file.


list_devices -U

Lists the devices that are allocatable or allocated to the specified user ID. This option allows you to check which devices are allocatable or allocated to another user. You must have the solaris.device.revoke authorization.



Reserves an allocatable device for use by one user. 

By default, a user must have the solaris.device.allocate authorization to allocate a device. You can modify the device_allocate file to not require user authorization. Then, any user on the system can request the device to be allocated for use.



Removes the allocation reservation from a device. 


Authorizations for the Allocation Commands

By default, users must have the solaris.device.allocate authorization to reserve an allocatable device. To create a rights profile to include the solaris.device.allocate authorization, see How to Authorize Users to Allocate a Device.

Administrators must have the solaris.device.revoke authorization to change the allocation state of any device. For example, the -U option to the allocate and list_devices commands, and the -F option to the deallocate command require the solaris.device.revoke authorization.

For more information, see Commands That Require Authorizations.