Allocating Devices

The Solaris 9 Operating Environment provides a device allocation method that fulfills the Trusted Computer System Evaluation Criteria (TCSEC) object-reuse requirement for computing systems at level C2 and above.

The device allocation mechanism prevents simultaneous access to a device, prevents one user from reading media being written to the device by another user, and prevents one user from accessing any information from the device or driver internal storage after another user is finished with the device.

For example, several users often share a single tape drive that may not be located at an individual user's location. If the tape drive is located remotely, some time can elapse between the time the user loads a tape in the drive and the time the user invokes a command to access the tape in the drive. Because other users could access the drive while the tape is unattended, another user could access or overwrite the data on the tape. With the device allocation mechanism, you can ensure that one user at a time has access to a specific tape device.

Use the commands described in Table 56 to manage device allocation.

Table 56. Device Allocation Commands
Command
Description
allocate(1)

Allocate ownership of devices.
deallocate(1)

Deallocate ownership of devices.
dminfo(1M)
Report information about a device entry in a device maps file.
list_devices(1)

List the allocatable devices in the system according to specified qualifications.

NOTE. The device allocation commands are available only if the Basic Security Module (BSM) has been enabled.

Enabling BSM

The basic security module (BSM) is the Sun Microsystem implementation of C2 security. It provides an auditing capability with self-contained audit records that contain all the relevant information about an event. For example, an audit record describing a file event contains the absolute path name and a time stamp and date stamp of the opening or closing of the file.

Use the bsmconv command as root to enable BSM.

NOTE. The bsmconv command adds a line to /etc/system that disables the ability to abort the system with the Stop-A keyboard sequence. If you want to retain that ability, you must comment out the following line in the /etc/system file after you run the bsmconv command.

set abort_enable = 0

Use the following procedure to enable BSM.

Become superuser.
Type telinit 1 and press Return to bring the system to single-user mode.
Type /etc/security/bsmconv and press Return to begin the process of enabling BSM.
Type y and press Return to enable BSM.
Type telinit 6 and press Return to reboot the system as a multiuser BSM system.

The following example uses the bsmconv command to enable the basic security model and uses the telinit 6 command to reboot the system.

# /etc/security/bsmconv
This script is used to enable the Basic Security Module (BSM).
Shall we continue with the conversion now? [y/n] y
bsmconv: INFO: checking startup file.
bsmconv: INFO: move aside /etc/rc2.d/S92volmgt.
bsmconv: INFO: turning on audit module.
bsmconv: INFO: initializing device allocation files.

The Basic Security Module is ready.
If there were any errors, please fix them now.
Configure BSM by editing files located in /etc/security.
Reboot this system now to come up with BSM enabled.
# telinit 6

Disabling BSM

If you no longer require BSM, you can disable it with the bsmconv command. Use the following steps to disable BSM and remove the BSM entry from the /etc/system file.

Become superuser.
Type telinit 1 and press Return to bring the system to single-user mode.
Type /etc/security/bsmunconv and press Return to begin the process of disabling BSM.
Type y and press Return to disable BSM.
Type telinit 6 and press Return to reboot the system without BSM.

The following example uses the bsmunconv command to disable the basic security model.

# /etc/security/bsmunconv
This script is used to disable the Basic Security Module (BSM).
Shall we continue the reversion to a non-BSM system now? [y/n] y
bsmunconv: INFO: moving aside /etc/security/audit_startup.
bsmunconv: INFO: restore /etc/rc2.d/S92volmgt.
bsmunconv: INFO: removing c2audit:audit_load from /etc/system.

The Basic Security Module has been disabled.
Reboot this system now to come up without BSM.
# telinit 6

Listing Device Information

You can access information about allocatable devices with the list_devices command.

Table 57 lists the options to the list_devices command.

Table 57. Options to the list_devices Command
-l [device]

List the path name(s) of the device special files associated with the device that are allocatable to the current process. If device is given, list only the files associated with the specified device.
-n [device]

List the path name(s) of device special files associated with the device that are allocatable to the current process but are not currently allocated. If you specify device, list_devices lists only the files associated with that device.
-s
Silent. Suppress any diagnostic output.
-u [device]

List the path name(s) of device special files associated with the device that are allocated to the owner of the current process. If you specify device, list_devices lists only the files associated with that device.
-U uid
Use the user ID uid instead of the real user ID of the current process when performing the list_devices operation. Only a user with the solaris.devices.revoke authorization can use this option.

The following example shows the long listing for the list_devices command.

mopoke% list_devices -l
device: audio type: audio files: /dev/audio /dev/audioctl /dev/sound/0
 /dev/sound/0ctl
device: fd0 type: fd files: /dev/diskette /dev/rdiskette /dev/fd0a /dev/rfd0a
 /dev/fd0 /dev/fd0b /dev/rfd0b /dev/fd0c /dev/rfd0c /dev/rfd0
device: sr0 type: sr files: /dev/sr0 /dev/rsr0 /dev/dsk/c1t1d0s0 /dev/dsk/c1t1d0s1
 /dev/dsk/c1t1d0s2 /dev/dsk/c1t1d0s3 /dev/dsk/c1t1d0s4 /dev/dsk/c1t1d0s5
 /dev/dsk/c1t1d0s6 /dev/dsk/c1t1d0s7 /dev/rdsk/c1t1d0s0 /dev/rdsk/c1t1d0s1
 /dev/rdsk/c1t1d0s2 /dev/rdsk/c1t1d0s3 /dev/rdsk/c1t1d0s4 /dev/rdsk/c1t1d0s5
 /dev/rdsk/c1t1d0s6 /dev/rdsk/c1t1d0s7
mopoke%

The /etc/security/device_maps file contains access information about each physical device. Each device is represented by a one-line entry.

The default device_maps file is shown below.

mopoke% more /etc/security/device_maps
audio:\
        audio:\
        /dev/audio /dev/audioctl /dev/sound/0 /dev/sound/0ctl:\

fd0:\
        fd:\
        /dev/diskette /dev/rdiskette /dev/fd0a /dev/rfd0a /dev/fd0 /dev/fd0b /de
v/rfd0b /dev/fd0c /dev/rfd0c /dev/rfd0:\

sr0:\
        sr:\
        /dev/sr0 /dev/rsr0 /dev/dsk/c1t1d0s0 /dev/dsk/c1t1d0s1 /dev/dsk/c1t1d0s2
 /dev/dsk/c1t1d0s3 /dev/dsk/c1t1d0s4 /dev/dsk/c1t1d0s5 /dev/dsk/c1t1d0s6 /dev/ds
k/c1t1d0s7 /dev/rdsk/c1t1d0s0 /dev/rdsk/c1t1d0s1 /dev/rdsk/c1t1d0s2 /dev/rdsk/c1
t1d0s3 /dev/rdsk/c1t1d0s4 /dev/rdsk/c1t1d0s5 /dev/rdsk/c1t1d0s6 /dev/rdsk/c1t1d0
s7:\

mopoke%

You can use the dminfo command to report information about a device entry in the /etc/security/device_maps file.

Table 58 lists the options to the dminfo command.

Table 58. Options to the dminfo Command
Option
Description
-a
Succeed if any of the requested entries are found. If used with -v, print all entries that match the requested case(s).
-d dev-path
Search by dev-path. Search device_maps(4) for a device special path name in the device_list field matching the dev-path argument. You cannot use this option with -n, -t, or -u.
-f pathname
Use a device_maps file with pathname instead of /etc/security/device_maps.
-n dev-name
Search by dev-name. Search device_maps(4) for a device_name field matching dev-name. You cannot use this option with -d, -t, or -u.
-t dev-type
Search by dev-type. Search device_maps(4) for a device_type field matching the given dev-type. You cannot use this option with -d, -n, or -u.
-u dm-entry
Update the device_maps(4) file. You can use this option to add entries to the device_maps(4) file. The dm-entry must be a complete device_maps(4) file entry. The dm-entry has fields, as in the device_maps file. Use the colon (:) as a field separator and white space as the device_list subfield separators. If any fields are missing or if the entry would be a duplicate, dm-entry is not made. Only superuser or a user with the appropriate rights can update the default device_maps file.
-v
Print the requested entry or entries, one line per entry, on the standard output. If you specify no entries, all are printed.

The following example uses the verbose option to display all device_maps entries.

mopoke% dminfo -v
audio:audio:/dev/audio /dev/audioctl /dev/sound/0 /dev/sound/0ctl:
fd0:fd:/dev/diskette /dev/rdiskette /dev/fd0a /dev/rfd0a /dev/fd0 /dev/fd0b
 /dev/rfd0b /dev/fd0c /dev/rfd0c /dev/rfd0:
sr0:sr:/dev/sr0 /dev/rsr0 /dev/dsk/c1t1d0s0 /dev/dsk/c1t1d0s1 /dev/dsk/c1t1d0s2
 /dev/dsk/c1t1d0s3 /dev/dsk/c1t1d0s4 /dev/dsk/c1t1d0s5 /dev/dsk/c1t1d0s6
 /dev/dsk/c1t1d0s7 /dev/rdsk/c1t1d0s0 /dev/rdsk/c1t1d0s1 /dev/rdsk/c1t1d0s2
 /dev/rdsk/c1t1d0s3 /dev/rdsk/c1t1d0s4 /dev/rdsk/c1t1d0s5 /dev/rdsk/c1t1d0s6
 /dev/rdsk/c1t1d0s7:
mopoke%

Allocating a Device

Use the allocate command to allocate a device.

Table 59 lists the options to the allocate command.

Table 59. Options to the allocate Command
-F device

Reallocate a device allocated to another user. This option is often used with -U to reallocate a specific device to a specific user. Only a user with the solaris.devices.revoke authorization is permitted to use this option.

Use the device argument to specify the device to be manipulated, for example, st0 for a streaming tape device. You can display a list of available devices with the -l option to the list_devices(1) command, also new in the Solaris 9 Operating Environment. The default allocate operation allocates the device special files associated with device to the UID of the current process.

When you specify the -F option, the device-cleaning program is executed when allocation is performed. This cleaning program is found in /etc/security/lib. The name of this program is found in the device_allocate(4) entry for the device in the dev-exec field.
-g dev-type

Allocate a nonallocated device with a device type matching dev-type.

Use the dev-type argument to specify the type of device. You can determine the type of device from the output of the list_devices -l command.
-s
Suppress any diagnostic output.
-U uname
Use the user ID uname instead of the user ID of the current process when performing the allocate operation. Only a user with the solaris.devices.revoke authorization is permitted to use this option.

The following example allocates a tape drive.

mopoke% allocate st0
mopoke%

The following example allocates audio files by type.;

mopoke% allocate -g audio files
mopoke%

Deallocating a Device

Use the deallocate command to deallocate a device allocated to the evoking user.

Table 60 lists the options to the deallocate command.

Table 60. Options to the deallocate Command
Option
Description
device
Deallocate the device associated with the device special file specified by device.

device can be a device defined in device_allocate(4) or one of the device special files associated with the device. The command resets the ownership and the permission on all device special files associated with device, disabling the user's access to that device. An authorized user can use this option to remove access to the device by another user. The required authorization is solaris.devices.allocate.
-F device
Force deallocation of the device associated with the file specified by device. Only a user with the solaris.devices.revoke authorization is permitted to use this option.
-I
Force deallocation of all allocatable devices. Only a user with the solaris.devices.revoke authorization is permitted to use this option. Use this option only at system initialization.
-s
Silent. Suppress any diagnostic output.

The following example deallocates the st0 device.

mopoke% deallocate st0
mopoke%

[ Team LiB ]