SunSHIELD Basic Security Module Guide

How to Add a New Allocatable Device

  1. Create an entry for any new allocatable device on the machine in the device_allocate file.

    This procedure is described in "The device_allocate File".

  2. Create an empty lock file for each allocatable device in the /etc/security/dev directory.

    This procedure is described in "Setting Up Lock Files".

  3. Create a device-clean script if needed, for each new device.

    If you add a Xylogics or an Archive tape drive, you can use the st_clean script; otherwise, create your own. How to create a device-handling script is described in "Device-Clean Scripts".

  4. Make all device-special files for the device to be owned by user bin, group bin, and mode 000.

    You can run the dminfo command to get a listing from the device_maps file of all the device-special files that are associated with the device you are making allocatable.