# xinetd and saned (resolved)

## gemini91

Hi all,

I can't get saned to work with xinetd, I've  tried many things I found by searching but no luck. The scanner works fine localy and if I run saned from a command prompt.

Output from saned -d128 and scanimage -L run from remote system

[saned] main: starting debug mode (level 128)

[saned] main: trying to get port for service `sane-port' (getaddrinfo)

[saned] main: [0] socket () using IPv4

[saned] main: [0] setsockopt ()

[saned] main: [0] bind () to port 6566

[saned] main: [0] listen ()

[saned] main: [1] socket () using IPv6

[saned] main: [1] socket failed: Address family not supported by protocol

[saned] main: waiting for control connection

[saned] saned (AF-indep+IPv6) from sane-backends 1.0.15 ready

[saned] check_host: access by remote host: 192.168.1.100

[saned] check_host: remote host is not IN_LOOPBACK nor IN6_LOOPBACK

[saned] check_host: local hostname: shuttle

[saned] check_host: local hostname(s) (from DNS): shuttle.workgroup

[saned] check_host: local hostname(s) (from DNS): (null)

[saned] check_host: local hostname(s) (from DNS): (null)

[saned] check_host: remote host doesn't have same addr as local

[saned] check_host: opening config file: /etc/hosts.equiv

[saned] check_host: can't open config file: /etc/hosts.equiv (No such file or directory)

[saned] check_host: opening config file: saned.conf

[saned] check_host: config file line: `#'

[saned] check_host: config file line: `# saned.conf'

[saned] check_host: config file line: `#'

[saned] check_host: config file line: `# The contents of the saned.conf  file  is  a  list  of  host  names,  IP'

[saned] check_host: config file line: `# addresses or IP subnets (CIDR notation) that are permitted to use local'

[saned] check_host: config file line: `# SANE devices. IPv6 addresses must be enclosed in brackets,  and  should'

[saned] check_host: config file line: `# always  be specified in their compressed form.'

[saned] check_host: config file line: `#'

[saned] check_host: config file line: `# The hostname matching is not case-sensitive.'

[saned] check_host: config file line: `#'

[saned] check_host: config file line: `#scan-client.somedomain.firm'

[saned] check_host: config file line: `#192.168.0.1'

[saned] check_host: config file line: `192.168.1.100'

[saned] check_host: access granted from IP address 192.168.1.100

[saned] init: access granted

[saned] init: access granted to don@192.168.1.100

[saned] process_request: waiting for request

[saned] process_request: got request 1

[saned] process_request: waiting for request

[saned] process_request: got request 10

[saned] quit: exiting

It worked fine.

output from scanimage -L from remote system using xinetd on local

Jan 16 12:29:16 [xinetd] xinetd Version 2.3.13 started with libwrap loadavg options compiled in.

Jan 16 12:29:16 [xinetd] Started working: 1 available service

Jan 16 12:29:30 [xinetd] START: sane-port pid=15179 from=192.168.1.100

Jan 16 12:29:30 [xinetd] EXIT: sane-port status=0 pid=15179

This failed on the remote machine. I can login on the local machine as saned and run scanimage without a problem so it does not appear to be a rights problem. Following are my xinetd.conf and part of the group file.

# Sample configuration file for xinetd

defaults

{

#       only_from      = 192.168.1.0

        instances      = 60

        log_type       = SYSLOG authpriv info

        log_on_success = HOST PID

        log_on_failure = HOST

        cps            = 25 30

}

service sane-port

{

        port            = 6566

        socket_type     = stream

        server          = /usr/sbin/saned

        protocol        = tcp

        user            = saned

        group           = saned

        wait            = no

        disable         = no

}

includedir /etc/xinetd.d

End of /etc/group file

pc:x:111:

clamav:x:407:

ntp:x:123:

scanner:x:408:don,betsy,saned

saned:x:409:saned

I think this is a configuration problem because I have two systems on this machine, one 32 bit and one pure 64 bit. They both fail the same way and I was the one who configured them.

Any ideas where to look?  Thanks, DonLast edited by gemini91 on Tue Jan 25, 2005 1:38 pm; edited 1 time in total

----------

## Will Scarlet

I have had issues with the disable line when trying to enable services in xinetd.  They would work when I just commented that line out.  So, I would try to comment out the disable line in service sane-port and then restart xinetd.

Hope this helps...  :Wink: 

----------

## gemini91

Will Scarlet, thanks for the reply, I tried what you said and it didn't make any change in what I am seeing. Again, thanks   Don

----------

## Will Scarlet

Sorry that didn't help.  But, I did some research and found this:

 *Quote:*   

> 4.2.2. Across a Network
> 
> If you are interested in making scanner services available across a network from or to a remote machine, you will need to edit the saned.conf file in the configuration directory of the server (the computer with the scanner), whether /etc/sane.d or /usr/local/etc/sane.d. It usually consists of an entry 'scan-client.somedomain.firm' that will need to be replaced with the hostname of the client you want to be able to use the server's scanner. If you prefer an IP address this can be used instead.
> 
> The saned daemon will need to be run as well as inetd or xined on the server. See man saned for the exact changes required to inetd.conf or xined.conf. In addition port 6566 will need to be added to the /etc/services file:
> ...

 

From http://tldp.org/HOWTO/Scanner-HOWTO/sane.html.  I found this from http://www.sane-project.org/docs.html

I also found this site http://penguin-breeder.org/sane/saned/ which explains the same thing, only in greater detail.

Hope this helps...  :Wink: 

----------

## gemini91

Will scarlet thanks again for the reply, I had seen all those web sites before, but I went back over them again. One talks about running a scanner on a parallel port and setting root as the user in xinetd.conf. I'm using usb but I changed user in xinetd.conf to root and it works. Now I can log in as user saned and scanimage -L works so I would think that access rights were correct but apparently they are not. The hotplug usb script seems to set up the rights correctly. "660", however owner and group are "root scanner" Should that be "saned scanner" ?  If so then I guess the problem is with hotplug. Thanks again,  Don

Problem was "group = saned" which all the examples use. Changing it to "group = scanner" and then it works with "user = saned". It's obvious once you know what the problem is. Something to do with xinetd, since saned worked by itself. Anyhow thanks again for the help.

----------

## SerfurJ

thanks.. i had to change user to root and group to scanner.

----------

## lazyleopard

 *SerfurJ wrote:*   

> thanks.. i had to change user to root and group to scanner.

 

Hmmm... I thought the aim of using xinetd was to have saned not running as root, so that rather defeats the object of the exercise...

----------

## Jimmy Jazz

 *lazyleopard wrote:*   

>  *SerfurJ wrote:*   thanks.. i had to change user to root and group to scanner. 
> 
> Hmmm... I thought the aim of using xinetd was to have saned not running as root, so that rather defeats the object of the exercise...

 

Hi lazyleopard,

have you try to change the group for usb ?

My config looks like this:

```

service sane-port

{

        port        = 6566

        socket_type = stream

        wait        = no

        user        = saned

        group       = usb

        server      = /usr/sbin/saned

        #server_args = saned -s128

        only_from   = localhost YOUR.SWEET.LOCAL.NETWORK/24

        disable     = no

}

```

add saned to the groups usb so it can read /proc/bus/usb/xxx/xxx and scanner too.  :Wink: 

The scanner device rights are:

```

# ls -l /dev/bus/usb/002/002

total 0

crw-rw-r--  1 root scanner 189, 129 déc 24 13:34 002

```

Hope that helps

Jj

----------

