From owner-freebsd-questions@freebsd.org Thu Aug 6 21:15:32 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 912229B5601 for ; Thu, 6 Aug 2015 21:15:32 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "wonkity.com", Issuer "wonkity.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 533741FFE for ; Thu, 6 Aug 2015 21:15:32 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.15.2/8.15.2) with ESMTPS id t76LFEor074508 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 6 Aug 2015 15:15:14 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.15.2/8.15.2/Submit) with ESMTP id t76LFEEF074505; Thu, 6 Aug 2015 15:15:14 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Thu, 6 Aug 2015 15:15:14 -0600 (MDT) From: Warren Block To: Patrick Hess cc: freebsd-questions@freebsd.org, Anthony Campbell Subject: Re: Permissions problem for sane In-Reply-To: <1876444.Yqz8SnZpVd@desk8.phess.net> Message-ID: References: <20150806104335.GA27748@ithaca.acampbell.uk> <1876444.Yqz8SnZpVd@desk8.phess.net> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (wonkity.com [127.0.0.1]); Thu, 06 Aug 2015 15:15:14 -0600 (MDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2015 21:15:32 -0000 On Thu, 6 Aug 2015, Patrick Hess wrote: > Anthony Campbell wrote: >> Should I modify the permissions on /dev/ugen0.2? > > In contrast to what many other people might suggest, I'm personally not > a big fan of providing users broad access to all kinds of device nodes. > So instead of messing around with permissions, I prefer to make use of > the saned(8) network daemon. > > This is actually pretty straightforward to set up. You'll need to add > these two lines to your /etc/rc.conf: > > saned_enable="YES" > saned_uid="root" > > Now either reboot the machine or run the following command to start > the network daemon right away: > > # service saned start > > Then add the following line to /usr/local/etc/sane.d/net.conf: > > localhost > > Any non-privileged user should now be able to access the scanner. > For starters, try to get a list of scanners available on the server: > > > scanimage -L > device `net:localhost:plustek:libusb:/dev/usb:/dev/ugen1.2' > is a Canon CanoScan N1240U/LiDE30 flatbed scanner > > The nice part about using saned(8) is that you can easily make the > scanner available to other machines on the network. Just add your > network to the server's /usr/local/etc/sane.d/saned.conf and then > add an entry for the server to the /usr/local/etc/sane.d/net.conf > on each of the clients. This is the kind of stuff we should be adding to the Handbook section on scanners. Thank you for posting it!