The deallocate utility deallocates a device allocated to the evoking user. device can be a device defined in device_allocate(4) or one of the device special files associated with the device. It resets the ownership and the permission on all device special files associated with device, disabling the user's access to that device. This option can be used by an authorized user to remove access to the device by another user. The required authorization is solaris.device.allocate.

When deallocation or forced deallocation is performed, the appropriate device cleaning program is executed, based on the contents of device_allocate(4). These cleaning programs are normally stored in /etc/security/lib.

The following options are supported:

device

Deallocate the device associated with the device special file specified by device.

-s

Silent. Suppresses any diagnostic output.

-F device

Forces deallocation of the device associated with the file specified by device. Only a user with the solaris.devices.revoke authorization is permitted to use this option.

-I

Forces deallocation of all allocatable devices. Only a user with the solaris.devices.revoke authorization is permitted to use this option. This option should only be used at system initialization.

The following exit values are returned:

non--zero

An error occurred.

/etc/security/device_allocate

/etc/security/device_maps

/etc/security/dev/*

/etc/security/lib/*

See attributes(5) for descriptions of the following attributes:

allocate(1), list_devices(1), bsmconv(1M), dminfo(1M), device_allocate(4), device_maps(4), attributes(5)

The functionality described in this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.