Standards, Environments, and Macros deviceclean(5)
NAME
deviceclean - device clean programs
DESCRIPTION
Each allocatable device has a device clean program associ-
ated with it. Device clean programs are invoked by deallo-
cate(1) to clean device states, registers, and any residual
information in the device before the device is allocated to
a user. Such cleaning is required by the object reuse pol-
icy.
Use listdevices(1) to obtain the names and types of allo-
catable devices as well as the cleaning program and the
authorizations that are associated with each device.
On a system configured with Trusted Extensions, device clean
programs are also invoked by allocate(1), in which case the
program can optionally mount appropriate media for the
caller.
The following device clean programs reside in
/etc/security/lib.
audioclean audio devices
fdclean floppy devices
stclean tape devices
srclean CD-ROM devices
On a system configured with Trusted Extensions, the follow-
ing additional cleaning programs and wrappers are available.
diskclean floppy, CD-ROM, and other removable
media devices. This program mounts
the device during the execution of
allocate, if required.
audiocleanwrapper wrapper to make audioclean work with
CDE
SunOS 5.11 Last change: 14 Jun 2007 1
Standards, Environments, and Macros deviceclean(5)
wdwwrapper wrapper to make other cleaning pro-
grams work with CDE
wdwmsg CDE dialog boxes for cleaning pro-
grams
Administrators can create device clean programs for their
sites. These programs must adhere to the syntax described
below.
/etc/security/lib/device-clean-program [-i -f -s -I] \
-m mode -u user-name -z zone-name -p zone-path device-name
where:
device-name The name of the device that is to be cleaned.
Use listdevices to obtain the list of allo-
catable devices.
-i Invoke boot-time initialization.
-f Force cleanup by the administrator.
-s Invoke standard cleanup by the user.
-I Same as -i, with no error or warning.
The following options are supported only when the system is
configured with Trusted Extensions.
-m mode Specify the mode in which the clean program
is invoked. Valid values are allo- cate and
deallocate. The default mode is allocate.
-u user-name Specify the name of user who executes the
device clean program. The default user is
the caller.
SunOS 5.11 Last change: 14 Jun 2007 2
Standards, Environments, and Macros deviceclean(5)
-z zone-name Specify the name of the zone in which the
device is to be allocated or deallocated.
The default zone is the global zone.
-p zone-path Establish the root path of the zone that is
specified by zone-name. Default is "/".
EXIT STATUS
The following exit values are returned:
0
Successful completion.
1
An error. Caller can place device in error state.
2
A system error. Caller can place device in error state.
On a system configured with Trusted Extensions, the follow-
ing additional exit values are returned:
3
Mounting of device failed. Caller shall not place device
in error state.
4
Mounting of device succeeded.
FILES
/etc/security/lib/* device clean programs
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
SunOS 5.11 Last change: 14 Jun 2007 3
Standards, Environments, and Macros deviceclean(5)
ATRIBUTE TYPE ATRIBUTE VALUE
Availability SUNWcsu
Interface Stability See below.
The Invocation is Uncommitted. The Output is Not-an-
interface.
SEE ALSO
allocate(1), deallocate(1), listdevices(1), attributes(5)
System Administration Guide: Security Services
SunOS 5.11 Last change: 14 Jun 2007 4
|
