Correction (plus a little extra text).
Emphasis and small text addition.
|Deletions are marked like this.||Additions are marked like this.|
|Line 98:||Line 98:|
|It is not necessary for a locally logged-in user to be in the scanner group. Permissions on the scanner device are automatically taken care of by the kernel and those on the USB bus are granted to a user by udev, given that||'''It is not necessary for a locally logged-in user to be in the scanner group.''' Permissions on the scanner device are automatically taken care of by the kernel and those on the USB bus are granted to a user by udev, given that|
|Line 101:||Line 101:|
|* There is an appropriate vendor ''*.rules'' file in ''/etc/udev/rules.d'' or ''/lib/udev/rules.d''.||* There is, if required, an appropriate vendor ''*.rules'' file in ''/etc/udev/rules.d'' or ''/lib/udev/rules.d''.|
Setting up and administering a scanner connected to a USB port. For a network scanner please refer to SaneOverNetwork.
Scanning a document from a standalone scanner or one in a multi-function device generally involves using SANE (Scanner Access Now Easy). The Project provides a collection of scanner backends (drivers) that can communicate with the scanner in order to operate it. Backends not provided by SANE can easily be accomodated within the SANE scanning framework whether the software is free (HP) or non-free. Those scanners that SANE directly supports with backends are listed here.
The first step on the road to successful scanning is to install libsane, which has the central library for operating scanners. The package also provides SANE's collection of scanner backends. If the scanner is not supported by SANE, the backend (and other files) will have to be obtained from the Debian archives or the vendor. A notable free backend source requiring this step is the one for the all-in-one machines from HP.
The next two sections assume you have the backend (and other files) that SANE or the vendor supply. Your scanner should work out-of the-box with a frontend without bothering with any of the next steps, but it is as well to be aware there are troubleshooting procedures that can be followed. The SANE manual lists the backends available. Each backend has its own manual page and a configuration file in etc/sane.d.
Scanner and Backend Discovery
Connect the scanner to the computer and see what lsusb gives:
brian@desktop:~$ lsusb Bus 002 Device 005: ID 04b8:080f Seiko Epson Corp. Stylus Photo RX420/RX425/RX430
There is an Epson Stylus Photo on USB Bus 002 and at Device 005. That's fine, but it tells us nothing about whether we can get the device scanning.
Hopefully, you will see your scanner found.
brian@test:~$ sane-find-scanner # sane-find-scanner will now attempt to detect your scanner. If the # result is different from what you expected, first make sure your # scanner is powered up and properly connected to your computer. # No SCSI scanners found. If you expected something different, make sure that # you have loaded a kernel SCSI driver for your SCSI adapter. could not open USB device 0x0644/0x0200 at 004:002: Access denied (insufficient permissions) could not open USB device 0x1d6b/0x0002 at 004:001: Access denied (insufficient permissions) could not open USB device 0x045e/0x008c at 007:002: Access denied (insufficient permissions) could not open USB device 0x1d6b/0x0001 at 007:001: Access denied (insufficient permissions) could not open USB device 0x1d6b/0x0001 at 006:001: Access denied (insufficient permissions) could not open USB device 0x1d6b/0x0001 at 005:001: Access denied (insufficient permissions) could not open USB device 0x1d6b/0x0002 at 003:001: Access denied (insufficient permissions) found USB scanner (vendor=0x04b8 [EPSON], product=0x080f [USB MFP]) at libusb:002:005 could not open USB device 0x1d6b/0x0001 at 002:001: Access denied (insufficient permissions) could not open USB device 0x04b3/0x3003 at 001:005: Access denied (insufficient permissions) could not open USB device 0x04b3/0x3004 at 001:004: Access denied (insufficient permissions) could not open USB device 0x1d6b/0x0001 at 001:001: Access denied (insufficient permissions) # Your USB scanner was (probably) detected. It may or may not be supported by # SANE. Try scanimage -L and read the backend's manpage.
A scanner has correctly been located on Bus 002 as Device 005. If access to this device had also been denied (as was access to the other USB devices) the permissions on the USB bus would have had to be looked at.
Now it is known that a USB scanner exists, run
The output obtained here is:
device `epson:libusb:002:005' is a Epson RX420 flatbed scanner
The scanimage manual describes what -L is intended to do. In the context of a local USB device that an ordinary user has permisssion to access, the positive response indicates that SANE has a backend to support the scanner.
Now place a document on the scanner's glass plate and scan it with
scanimage > image.pnm
It is not necessary for a locally logged-in user to be in the scanner group. Permissions on the scanner device are automatically taken care of by the kernel and those on the USB bus are granted to a user by udev, given that
- libpam-systemd is installed.
There is, if required, an appropriate vendor *.rules file in /etc/udev/rules.d or /lib/udev/rules.d.
A user wishing to access and use a scanner must have permission to access a scanner device file and to use a device on the USB bus. Under Debian's default init system,systemd, and with libpam-systemd installed, the correct permissions are set up by /lib/udev/rules.d/70-uaccess.rules to facilitate scanner detection by SANE's backends when the scanner is plugged in.
For the scanner device file:
brian@test:~$ ls -l /dev/sg* crw------- 1 root root 21, 0 Aug 4 09:40 /dev/sg0 crw-rw----+ 1 root root 21, 1 Aug 4 09:40 /dev/sg1 crw------- 1 root root 21, 2 Aug 4 09:40 /dev/sg2 crw------- 1 root root 21, 3 Aug 4 09:40 /dev/sg3 crw------- 1 root root 21, 4 Aug 4 09:40 /dev/sg4 crw------- 1 root root 21, 5 Aug 4 09:40 /dev/sg5 crw------- 1 root root 21, 6 Aug 4 09:40 /dev/sg6 crw------- 1 root root 21, 7 Aug 4 14:46 /dev/sg7
Observe the + after the Unix permissions for /dev/sg1. It indicates an ACL (Access Control List), which specifies which users are granted access to/dev/sg1. To see an ACL, do
brian@test:~$ getfacl /dev/sg1 getfacl: Removing leading '/' from absolute path names # file: dev/sg1 # owner: root # group: root user::rw- user:brian:rw- group::--- mask::rw- other::---
User brian has rw access to the device file. Similar permissions would be required on the USB bus.
For the USB bus:
brian@test:~$ ls -l /dev/bus/usb/*/* crw------- 1 root root 189, 0 Aug 4 09:40 /dev/bus/usb/001/001 crw------- 1 root root 189, 3 Aug 4 13:40 /dev/bus/usb/001/004 crw------- 1 root root 189, 4 Aug 4 13:40 /dev/bus/usb/001/005 crw------- 1 root root 189, 128 Aug 4 09:40 /dev/bus/usb/002/001 crw-rw----+ 1 root root 189, 132 Aug 4 18:25 /dev/bus/usb/002/005 crw------- 1 root root 189, 256 Aug 4 09:40 /dev/bus/usb/003/001 crw------- 1 root root 189, 384 Aug 4 09:40 /dev/bus/usb/004/001 crw------- 1 root root 189, 385 Aug 4 09:40 /dev/bus/usb/004/002 crw------- 1 root root 189, 512 Aug 4 09:40 /dev/bus/usb/005/001 crw------- 1 root root 189, 640 Aug 4 09:40 /dev/bus/usb/006/001 crw------- 1 root root 189, 768 Aug 4 09:40 /dev/bus/usb/007/001 crw------- 1 root root 189, 769 Aug 4 09:40 /dev/bus/usb/007/002 brian@test:~$ getfacl /dev/bus/usb/002/005 getfacl: Removing leading '/' from absolute path names # file: dev/bus/usb/002/005 # owner: root # group: root user::rw- user:brian:rw- group::--- group:scanner:rw- mask::rw- other::---
User brian could also gain access to the USB device by being in the scanner group. However, there is little point in doing so unless brian is expected to log in from a remote location with ssh or another remote access program.
Prior to buster, putting a user in the scanner group was sufficient to allow scanning as this user. Due to bug 918358, this is not the case anymore. However, adding one line to a file in /etc/udev/rules.d/, as mentioned in the bug report, is enough to solve this issue. Execute udevadm trigger, or disconnect and reconnect the device, to reload the udev rules.
Configuration Files for libsane
libsane-common installs the configuration files dll.conf, dll.d, net.conf and saned.conf in /etc/sane.d. Only dll.conf and dll.d are of importance for a USB connected scanner but all four files play a part when it comes to sharing and accessing a scanner over the network.
The content of dll.conf is a list of backends that can be loaded dynamically upon demand. Commenting out the backends not used might lead to a slight decrease in scanning time. It is also possible to add a file in /etc/sane.d/dll.d that contains a list of backends to be added. This is often done by software providing a non-SANE backend.
HP all-in-one (aio) Machines
A backend for these devices is developed and supported by HP via HPLIP. The backend is named hpaio and is listed in the file hplip in /etc/saned/dll.d when libsane-hpaio is installed. Device detection support is provided by /lib/udev/rules.d/56-hpmud.rules, which is in the libsane-hpaio package. Be aware that not all aios support scanning from a computer over USB or the network.
The straightforward way to employ hpaio and 56-hpmud.rules is to install hplip and its recommended dependencies and create a print queue with hp-setup. This way leads to an automatic setup of the scanner because its device URI is derived from the USB printer URI by replacing hp:/... with hpaio:/.... Having hplip on the system also makes it easier to install a non-free plugin with hp-plugin if the scanner needs one.
As a matter of interest, all that is really needed for scanning with an aio scanner is the libsane-hpaio package, installed without its recommended packages, and, if necessary, a way to install a non-free plugin
Non-free Scanner Backends
For snapscan scanners, copy the snape20.bin file from the scanner installation CDROM to /lib/firmware/ and add firmware /lib/firmware/snape20.bin to the /etc/sane.d/snapscan.conf configuration file.
32bit and 64bit Debian packages for scanner devices are usually offered when this search page is used. You can also access Installation instructions for scanning with a USB or network connection; a udev rule to use with a USB connection is also suggested. You are advised that locating the udev rule in /lib/udev/rules.d/60-libsane.rules will lead to its disappearing if the libsane package is updated. Consider using /etc/udev/rules.d/59-scanner.rules instead.
Debian packages (i386 and amd64 flavours) that provide scanning functions for an MFD may be offered via a ScanGear MP package. It is probably best to conduct a web search for the particular model to locate something suitable. scangearmp2 is a standalone scanning tool that provides no integration with SANE. What is offered by Canon is not accessible to SANE frontends like xsane and simple-scan because dll.conf or dll.d are not integrated into the its packages and there is no backend provided to be loaded dynamically upon demand by SANE.
Users for whom the SANE epson and epson2 backends do not work can have recourse to an Epson offering. There is iscan-bundle and the newer imagescan-bundle. Which one a user gets depends on the MFD model. Both are .tar.gz files (tarballs) and can initially be processed with
tar zvxf <file>
The directory in which the uncompressed files are put has an install script. Change to that directory and execute the script with
Search for drivers for a device from either of the HP or Samsung web sites. You should be offered some version of the Unified Linux Driver (ULD), which supports the i386 and amd64 platforms. The ULD is also used with some Xerox devices.
Unpack the downloaded file with
tar zvxf uld_<version>.tar.gz
Change to the uld directory and execute install-scanner.sh:
cd uld sh install-scanner.sh
Samsung does not provide the ULD as a .deb but the Samsung Unified Linux Driver Repository (SULDR) does. It also has a good deal of information on the installation of the ULD and its interaction with a Debian system. SULDR is not affiliated with Samsung.
A non-free backend issue
libsane in Debian looks for SANE backends in one of the multiarch directories, /usr/lib/x86_64-linux-gnu/sane or /usr/lib/i386-linux-gnu/sane. In addition it is also patched to search in /usr/lib/sane to accomodate some scanner drivers from Epson, Samsung and other third-party vendors that locate their SANE backends there. Having SANE backends in /usr/lib64/sane in a Debian package is favoured by Brother. Debian's libsane doesn't search there, but some brscan scanning packages handle this by enabling the system to find the backends through other techniques, such as making links to the multiarch directories in a postinst.
Should the ability of third-party software to initiate scanning be thought to be due to the mislocation of backend files, it is worthwhile considering copying them to a multiarch directory as one way of dealing with the issue.
Frontends for Scanning
A frontend is a program that interfaces with a SANE backend to produce a scanned output in a desired format. SANE has been designed to interwork with any SANE-compliant frontend, command line or GUI based
scanimage: A command line interface from the SANE Project to control scanning.
xscanimage: A SANE Project GUI for image acquisition from a scanner. Can be invoked through The GIMP.
gscan2pdf: A graphical application to produce PDFs or DjVus from scanned documents.
Installation Notes for Various Scanners
Sharing a scanner over the network.
Do not forget to read the Debian and other documentation in /usr/share/doc/libsane. Hopefully, there is no conflict between it and what is on this page.