Before You Begin
Device allocation must be enabled for this procedure to succeed. To enable device allocation, see How to Enable Device Allocation. You must assume the root role.
audio;audio;reserved;reserved;solaris.device.allocate;/etc/security/lib/audio_clean fd0;fd;reserved;reserved;solaris.device.allocate;/etc/security/lib/fd_clean sr0;sr;reserved;reserved;solaris.device.allocate;/etc/security/lib/sr_clean
where solaris.device.allocate indicates that a user must have the solaris.device.allocate authorization to use the device.
In the following example, any user on the system can allocate any device. The fifth field in every device entry in the device_allocate file has been changed to an at sign (@).
# pfedit /etc/security/device_allocate audio;audio;reserved;reserved;@;/etc/security/lib/audio_clean fd0;fd;reserved;reserved;@;/etc/security/lib/fd_clean sr0;sr;reserved;reserved;@;/etc/security/lib/sr_clean …Example 4-3 Preventing Some Peripheral Devices From Being Used
In the following example, the audio device cannot be used. The fifth field in the audio device entry in the device_allocate file has been changed to an asterisk (*).
# pfedit /etc/security/device_allocate audio;audio;reserved;reserved;*;/etc/security/lib/audio_clean fd0;fd;reserved;reserved;solaris device.allocate;/etc/security/lib/fd_clean sr0;sr;reserved;reserved;solaris device.allocate;/etc/security/lib/sr_clean …Example 4-4 Preventing All Peripheral Devices From Being Used
In the following example, no peripheral device can be used. The fifth field in every device entry in the device_allocate file has been changed to an asterisk (*).
# pfedit /etc/security/device_allocate audio;audio;reserved;reserved;*;/etc/security/lib/audio_clean fd0;fd;reserved;reserved;*;/etc/security/lib/fd_clean sr0;sr;reserved;reserved;*;/etc/security/lib/sr_clean …