te
Copyright 2007 Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
LIST_DEVICES 1 "Apr 30, 2008"
NAME
list_devices - list allocatable devices
SYNOPSIS

list_devices [-s] [-U uid] [-z zonename] [-a [-w]]
 -l | -n | -u [device] | [-l | -n | -u] -c dev-class

list_devices [-s] -d dev-type
DESCRIPTION

The list_devices utility lists the allocatable devices in the system according to specified qualifications.

The device and all device special files associated with the device are listed. The device argument is optional and, if it is not present, all relevant devices are listed. If dev-class is present, devices belonging to the specified dev-class are listed. There is no default dev-class.

OPTIONS

The following options are supported: -l [-c dev-class | device]

Lists the pathnames of the device special files associated with the device that are allocatable to the current process. If dev-class is specified, lists only the files associated with all devices of the specified device class. If device is specified, lists only the files associated with the specified device.

-n [-c dev-class | device]

Lists the pathnames of the device special files associated with the device that are allocatable to the current process but are not currently allocated. If dev-class is specified, lists only the files associated with all devices of the specified device class. If device is specified, lists only the files associated with the specified device.

-s

Silent. Suppresses any diagnostic output.

-u [-c dev-class | device]

Lists the pathnames of device special files associated with the device that are allocated to the owner of the current process. If dev-class is specified, lists only the files associated with all devices of the specified device class. If device is specified, lists only the files associated with the specified device.

-U uid

Uses the user ID uid instead of the real user ID of the current process when performing the list_devices operation. Only a user with the solaris.device.revoke authorization can use this option.

The following options are supported when the system is configured with Trusted Extensions: -a

Lists attributes like authorizations, cleaning programs and labels associated with a device. The list is a single line of semicolon (;) separated key=value pairs for each device in the format:

device=device-name;type=device-type;\e
auths=auths;clean=device-exec;\e
device-attributes;\e
files=device-list
where device-attributes is the contents of the reserved1 field of device_allocate(4). The field is colon (:) separated.) See device_allocate(4) for a description of these attributes and their format. The -a output has the following keys: auths

Specifies the list of authorizations. The value is auths is described in device_allocate(4).

clean

Specifies the device cleaning script. The value is device-exec as described in device_allocate(4).

device

Specifies the device name. The value is device-name as described in device_allocate(4).

files

Specifies the device file paths. The value is device-list as described in device_maps(4).

type

Specifies the device type. The value is device-type as described in device_allocate(4).

-d

Displays the system-supplied default attributes for the device types managed by device allocation. If dev-type is specified, it lists the default attributes for only that device type.

-w

This option can be used with -a to list the current owner of the device as the key value pair owner=value. value is the uid of the current owner of the device. If the device is unallocated, value is /FREE. If the device is in error state, value is /ERROR. This option also suppresses any diagnostic output.

-z zonename

When specified with the -l option, lists only those non-allocated devices whose label range includes the label of the zonename, and of the allocated devices, only those that are allocated at the same label as that of zonename. When specified with the -n option, lists only those non-allocated devices whose label range includes the label of the zonename. When specified with the -u option, lists only those devices that are allocated at the same label as that of zonename.

EXAMPLES

Example 1 Listing All Devices

The following example lists all devices available to the caller for allocation:

% list_devices -l
device: audio type: audio \e
files: /dev/audio /dev/audioctl /dev/sound/0 /dev/sound/0ctl

Example 2 Listing Attributes of All Devices

On a system configured with Trusted Extensions, the following example lists attributes of all devices available to the caller for allocation:

% list_devices -al
device=audio1;type=audio;\e
auths=solaris.device.allocate;\e
clean=/etc/security/lib/audio_clean;\e
minlabel=admin_low:maxlabel=admin_high;\e
files=/dev/audio1 /dev/audio1ctl /dev/sound/1 /dev/sound/1ctl

Example 3 Listing Attributes Including the Device Owner

On a system configured with Trusted Extensions, the following example lists attributes including the device owner of all devices allocated to the user:

% list_devices -auw
device=audio2;type=audio;auths=solaris.device.allocate;\e
clean=/etc/security/lib/audio_clean;\e
minlabel=admin_low:maxlabel=admin_high:zone=public;\e
owner=1234;\e
files=/dev/audio2 /dev/audio2ctl /dev/sound/2 /dev/sound/2ctl
EXIT STATUS

The following exit values are returned: 0

Successful completion.

20

No entry for the specified device.

other value

An error occurred.

FILES

/etc/security/device_allocate

/etc/security/device_maps

/etc/security/dev/*

/usr/security/lib/*

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
Interface Stability See below.

The invocation is Uncommitted. The options are Uncommitted. The output from the -a and -w options is Uncommitted. All other output is Not-an-Interface.

SEE ALSO

allocate(1), deallocate(1), bsmconv(1M), dminfo(1M), mkdevalloc(1M), mkdevmaps(1M), device_allocate(4), device_maps(4), attributes(5)

Controlling Access to Devices

NOTES

The functionality described in this man page is available only if Solaris Auditing has been enabled. See bsmconv(1M) for more information.

On systems configured with Trusted Extensions, the functionality is enabled by default.

/etc/security/dev, mkdevalloc(1M), and mkdevmaps(1M) might not be supported in a future release of the Solaris Operating Environment.