Since I was fed up with one of my last Windows, I’ve decided to switch my server from Windows to Fedora 9. I’m more used to Ubuntu, and I was shocked by the huuuge differences between Fedora and Ubuntu:
- No sudo (20 seconds to change)
- alias apt-get=yum
- Synaptic is now called PackageKit
That’s all. I must say that there was from my point of view virtually no learning curve from Ubuntu to Fedora, but I guess that’s all the benefits from GNU/Linux 🙂 ! Ok, enough digression, let’s go into the matter. What I wanted for my setup : controlling the scanner in my basement from my laptop in my room (i’ve also a scanner in my room, but that’s no fun). The solution will be based on sane, saned and xsane. The ideas and concepts in this article are taken from a vast number of sources I can’t remember, so thank you to all authors of various howto, forums contributors etc… Many scripts here are copy pasted from the original source, and by no mean I want to take credit for those ! They are the fruit of the hard work of the contributors to the GNU/Linux community.
Step 0: Install the required programs.
Step 1: Make your scanner work locally.
This may seems obvious, however in my case this was not trivial. The fact was that my scanner did work, but only as root. First install the sane and xsane packages (root commands are prefixed with #, normal commands with $).
# yum install sane-backends sane-frontends xsane
Plug your scanner, and then do a xsane command:
$ xsane
If this work, your scanner work as a local user, you can move on to the next steps. If not, try to run xsane as root:
# xsane
If this work, this means that your scanner has permissions problems like mine. I fixed it with the following:
# scanimage -L
This should give you the id of your scanner (mine is 04A9170A, that is, 04A9:170A). You can also get it with
$ lsusb
Note the id of your scanner. Then, create the following script:
#!/bin/sh
# Set scanner vendor and product code as returned by lsusb.
scandevice=04a9:170a
scanner=`/sbin/lsusb -d $scandevice`
bus=`echo $scanner| sed -e s/Bus\ https://www.x2b4.com/ -e s/\ Device.\*https://www.x2b4.com/`
device=`echo $scanner| sed -e s/Bus.\*Device\ https://www.x2b4.com/ -e s/\:.\*https://www.x2b4.com/`
if [ "$bus" = "" ] | [ "$device" = "" ]
then
echo "Unable to find scanner with vendor:product = $scandevice"
exit 1
fi
chmod 666 /dev/bus/usb/$bus/$device
echo "Set access for $scandevice at /dev/bus/usb/$bus/$device"
And save it as /etc/chmod-scanner and make it executable
# chmod +x /etc/chmod-scanner
Please note that this script may lower the security, but in my case this was not a problem. If anyone has pointers on it, please tell in comments.
Add the following line in /etc/rc.d/rc.local
/etc/chmod-scanner
And restart (or execute rc.local). Now your scanner should work as a normal user as confirmed by
$ xsane
Step 2: Configure the scanner sharing
Open /etc/sane.d/saned.conf and add a line like the following to allow your subnet to access the scanner:
192.168.0.1/24
In my case, this allow my local network to access the scanner. You may want to have more than one line or to restrict more the ips.
It may also be useful to allow scanning from local network for debug purposes. Add the following line in /etc/sane.d/net.conf
localhost
This will give you two scanners on the server, one direct and one network.
Then start the saned daemon in debug mode:
# saned -d128
Configure your client by adding the following line in your /etc/sane.d/net.conf (my client was an Ubuntu box, your config file may be elsewhere on your client):
192.168.0.XXX
Where 192.168.0.XXX is the ip of your server (you can also use hostname if correctly configured).
You can now try to scan from localhost (i.e. from your server) with
$ xscan
and selecting the network scanner, and then from the client (install xscan on the client of course) with also
$ xscan
If everything went fine, you will be able to successfully scan from your network and you can go the last point. Else, here are some of the problems I encountered and their solutions. First, you may have problem with saned not allowing the host to connect in network mode, this will be indicated in the ouput of saned -d128 . If this is the case, check to contents of /etc/hosts and be sure that the hostname requested by saned is present (this was not my case causing much confusing).
Secondly, you will probably have firewall problems. If, from your client, a
$ telnet 192.168.0.XXX 6566
times out, while saned is running, then you are firewalled. To fix this, create a file named /etc/iptables-scanner-rules with the following contents:
# these should be close to the top
# track SANE control connections
[0:0] -A INPUT -m recent --update --seconds 600 --name SANE
# related traffic (ACK, FIN, DNS UDP responses etc.)
[0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# SANE server uses a dynamic data port above 1024
# see also 'related traffic' on top!
[0:0] -A INPUT -p tcp -m tcp --dport 6566 --syn -m recent --set --rsource --name SANE -j ACCEPT
[0:0] -A INPUT -p tcp -m tcp --dport 1024: --syn -m recent --rcheck --rsource --seconds 3 --name SANE -j ACCEPT
and add it to your firewall configuration as a personalized rule, type « ipv4 » and table « filter ». Restart your firewall and you should be able to telnet to 6566 and more. You can configure the number of seconds to anything you like, more is less secure but more convenient. Do not put a very small number though.
Step 4: Automagically invoke saned
This is done with xinetd, so if it is not installed, install it with
# yum install xinetd
Then create a file called /etc/xinetd.d/sane with the following contents:
service sane-port
{
port = 6566
socket_type = stream
wait = no
user = root
group = root
server = /usr/sbin/saned
}
And verify this command outputs two lines:
# cat /etc/services | grep 6566
Like:
sane-port 6566/tcp # SANE Control Port
sane-port 6566/udp # SANE Control Port
Restart xinetd with:
# /etc/init.d/xinetd restart
And your scanner should now work from your network ! I’ve tested it with xsane and Open Office from 3 different Ubuntu boxes, and it works like a charm. However this is not a concurrent access, i.e. only one can access the scanner at a time.
If you have any questions or remarks, feel free to use the comments !
This article is CC-BY-SA.
Sources:
http:https://www.x2b4.com/penguin-breeder.org/sane/saned/
http:https://www.x2b4.com/forums.fedoraforum.org/showthread.php?t=161903
http:https://www.x2b4.com/www.sane-project.org/docs.html