access to usb device denied in latest hardy package

Bug #180794 reported by Luis Arias on 2008-01-06
88
This bug affects 3 people
Affects Status Importance Assigned to Milestone
sane-backends (Debian)
Fix Released
Unknown
sane-backends (Ubuntu)
High
Martin Pitt

Bug Description

luis@trinity:/etc/udev/rules.d$ SANE_DEBUG_CANON630U=12 scanimage > /dev/null
[sanei_debug] Setting debug level of canon630u to 12.
[canon630u] sane_init: version_code != 0, authorize != 0
[canon630u] sane_init: SANE Canon630u backend version 1.0.1 from sane-backends 1.0.18-cvs
[canon630u] reading configure file canon630u.conf
[canon630u] attach_matching_devices(usb 0x04a9 0x2204)
[canon630u] attach_scanner: libusb:004:004
[canon630u] attach_scanner: opening libusb:004:004
[canon630u] CANON_open_device: `libusb:004:004'
[canon630u] CANON_open_device: couldn't open device `libusb:004:004': Access to resource has been denied
[canon630u] ERROR: attach_scanner: opening libusb:004:004 failed
[canon630u] finished reading configure file
[canon630u] sane_get_devices(local_only = 0)
scanimage: no SANE devices found
[canon630u] sane_exit

45-libsane.rules has been removed in this package, restoring file from earlier package does not seem to provide a workaround. Using 1.0.19~cvs20071213-3ubuntu1 libsane.

André Barmasse (barmassus) wrote :

Bug confirmed in Hardy Heron Alpha 3

Only root has access to scanners connected to the USB port!! So if you use "SUDO sane-find-scanner" "SUDO scanimage -L" and "SUDO scanimage --format tiff --resolution 300 -x 215 -y 297 > image" - or something like that - everything works fine. This is very annoying since my user name is present in the scanner group and full access has been granted to the USB subsytem in /etc/udev/rules.d/40-permissions.rules:

# USB devices (usbfs replacement)
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", MODE="0777"
SUBSYSTEM=="usb_device", MODE="0777"

As already mentioned above, the odd things is that the file 45-libsane-rules isn't present in /etc/udev/rules.d anymore, but there are two files in /etc/modprobe.d/ - libsane and blacklist-scanner - with the following content:

blacklist scanner
blacklist hpusbscsi

Soooo, all the scanner modules are blacklisted, and there are no udev rules for libsane ... but root still has access to the scanner. Can anyone explain this?

Martin Pitt (pitti) on 2008-02-19
Changed in sane-backends:
assignee: nobody → pitti
importance: Undecided → High
status: New → In Progress
Martin Pitt (pitti) on 2008-02-19
Changed in sane-backends:
milestone: none → hardy-alpha-5
milestone: hardy-alpha-5 → ubuntu-8.04-beta
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sane-backends - 1.0.19~cvs20071213-4ubuntu2

---------------
sane-backends (1.0.19~cvs20071213-4ubuntu2) hardy; urgency=low

  * debian/rules: Install hal FDI, so that hal will automatically apply ACLs
    to the USB device node, and to fix desktop integration. (LP: #180794)

 -- Martin Pitt <email address hidden> Tue, 19 Feb 2008 13:26:07 +0100

Changed in sane-backends:
status: In Progress → Fix Released
Changed in sane-backends:
status: Unknown → New
Richard Kleeman (kleeman) wrote :

The update fixes the problem on my system. I note however that the scanning function of xsane does not work for my scanner unless sane-utils is also installed. Should this package be a compulsory dependency of libsane (it is only recommended at present)?

Changed in sane-backends:
status: New → Fix Released
knarf (launchpad-ubuntu-f) wrote :

Ehhh... not to be obnoxious or anything... but why was this bug first fixed in sane-backends 1.0.19~cvs20071213-4ubuntu2 and then apparently unfixed/reintroduced in sane-backends 1.0.19-1ubuntu2 (hardy)? The udev rules file is missing - again?

Hi,

knarf [2008-03-12 15:17 -0000]:
> Ehhh... not to be obnoxious or anything... but why was this bug first
> fixed in sane-backends 1.0.19~cvs20071213-4ubuntu2 and then apparently
> unfixed/reintroduced in sane-backends 1.0.19-1ubuntu2 (hardy)? The udev
> rules file is missing - again?

The udev rule is not necessary any more. Device permission is now
dynamically assigned to the current foreground user by ConsoleKit and
hal.

Aaron Sarna (shoofy) wrote :

I just tried to install my scanner (Brother DCP-130C) using the brscan2 drivers from Brother's website after installing Hardy and xsane is giving me the error it gave on previous Ubuntu versions before updating 45-libsane.rules as per http://solutions.brother.com/linux/sol/printer/linux/linux_faq.html#6. So it seems that whatever changes were made that made this file obsolete aren't quite working, unless I'm missing something.

mikko (mikko-) wrote :

I did a clean hardy install and scanner did't worked (same brscan2 driver) without changing usb permissions in 40-permissions.rules

Simon Oosthoek (simon-margo) wrote :

Ok, that wasn't a useful comment, I just noticed the duplicates in the menu ;-)

Wouldn't it make sense to do both the 45-libsane.rules and the new consolekit solution? They may at some point conflict somewhat, but I don't think it will do much harm in the transition phase.

Something that worries me about consolekit is that very few people appear to use it (1 open bug) and the problem statement isn't written yet http://people.freedesktop.org/~mccann/doc/ConsoleKit/ConsoleKit.html

/Simon

Richard Kleeman (kleeman) wrote :

Bug has reappeared for me. xsane works as root but not as ordinary user....

Guillaume (bou-gui) wrote :

Same thing for me !

Martin Pitt (pitti) wrote :

Richard Kleeman [2008-03-24 18:47 -0000]:
> Bug has reappeared for me. xsane works as root but not as ordinary
> user....

Right, that was a recent regression, sorry. Fixed with today's
hardy uploads (sane-backends and hal).

Guillaume (bou-gui) wrote :

OK ! Thank's for rapidity :-P

Simon Oosthoek (simon-margo) wrote :

Just for my understanding, sane-backends isn't a package name, but it is packaged in sane-utils?

Also, can you state the exact version of the update, because it isn't working yet on my machine (amd64 kubuntu hardy, updated a few minutes ago).

my version is 1.0.19-1ubuntu2 (which is the same as the version above, mentioned with the regression)

Cheers

Simon

Guillaume (bou-gui) wrote :

Sorry for answering to quickly...
The problem is still here (Ubuntu Hardy with the update of this morning) :-(

libsane : 1.0.19-1ubuntu3
xsane : 0.995-1ubuntu1
xsane-common : 0.995-1ubuntu1

sane-utils is not installed.

Guillaume

Martin Pitt (pitti) wrote :

Simon Oosthoek [2008-03-25 20:41 -0000]:
> Just for my understanding, sane-backends isn't a package name, but it is
> packaged in sane-utils?

sane-backends is the source package name. libsane is the relevant
binary package name. sane-utils is another, which contains tools like
sane-find-scanner, but it is not required to use xsane, etc.

> Also, can you state the exact version of the update, because it isn't
> working yet on my machine (amd64 kubuntu hardy, updated a few minutes
> ago).

You need libsane 1.0.19-1ubuntu3 and hal 0.5.11~rc2-1ubuntu4.

Martin Pitt (pitti) wrote :

Hi Guillaume,

Guillaume [2008-03-26 5:54 -0000]:
> Sorry for answering to quickly...
> The problem is still here (Ubuntu Hardy with the update of this morning) :-(
>
> libsane : 1.0.19-1ubuntu3

Do you also have hal 0.5.11~rc2-1ubuntu4? Did you unplug/replug your
scanner after the update?

Martin

--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)

Simon Oosthoek (simon-margo) wrote :

my scanner is working again as normal user, thanks!

/Simon

Richard Kleeman (kleeman) wrote :

Works for me as well as normal user.

Guillaume (bou-gui) wrote :

Hello every body.

Oops, i didn't unplug/replug my scanner after the update... Sorry for the wrong info and thank's again for rapidity !

But i still have a problem of permission when trying to close Xsane without scanning any picture : Ctrl+Q for closing Xsane send me a pop-up with a warning message (in french) : "Erreur de création de fichier : permission non accordée" and i must close 3 times the pop-up to close Xsane.

Guillaume

Martin Pitt (pitti) wrote :

Guillaume [2008-03-26 16:46 -0000]:
> But i still have a problem of permission when trying to close Xsane
> without scanning any picture : Ctrl+Q for closing Xsane send me a pop-
> up with a warning message (in french) : "Erreur de création de fichier :
> permission non accordée" and i must close 3 times the pop-up to close
> Xsane.

Right, I get that, too. That's a problem in xsane itself, though. See
bug 96011.

Guillaume (bou-gui) wrote :

Thank's for the answer and the report of bug 96011.
I am really admiring of this community !

KT (cjktan) wrote :

This bug is still present for me in Hardy beta. I am using

libsane: 1.0.19-1ubuntu3
sane-utils: 1.0.19-1ubuntu3
xsane: 0.995-1ubuntu1
xsane-common: 0.995-1ubuntu1
udev: 117-4ubuntu1
hal: 0.5.11~rc2-1ubuntu5

Martin Pitt (pitti) wrote :

KT, I guess the reason is that your scanner is not recognized by sane. Can you please open a new bug and include the output of the following commands (in a Terminal):

  lsusb
  sudo sane-find-scanner # in package sane-utils

KT (cjktan) wrote :

Martin, the scanner used to work with earlier versions of Ubuntu. The scanner works also if I were to run it as root.

mikko (mikko-) wrote :

It's maybe permission problem in xsane, if you run xsane with sudo all the setup files are then owned by root. Have you tried to remove .sane directory from your home directory? It's hidden by default so you have to select "show hidden files"

KT (cjktan) wrote :

No, not a problem with xsane. If I were to change
/etc/udev/rules.d/40-permissions.rules
to have:

# USB devices (usbfs replacement)
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", MODE="0666"
SUBSYSTEM=="usb_device", MODE="0666"

then everything works fine also.

Kelson (emmanuel-engelhart) wrote :

I confirm the precedent issue:

kelson@kelson-laptop:/etc/udev/rules.d$ dpkg -l | grep "\( libsane \| sane\-utils \| xsane \| xsane\-common \| udev \| hal \)"
ii hal 0.5.11~rc2-1ubuntu5 Hardware Abstraction Layer
ii libsane 1.0.19-1ubuntu3 API library for scanners
ii sane-utils 1.0.19-1ubuntu3 API library for scanners -- utilities
ii udev 117-4ubuntu2 rule-based device node and kernel event mana
ii xsane 0.995-1ubuntu1 featureful graphical frontend for SANE (Scan
ii xsane-common 0.995-1ubuntu1 featureful graphical frontend for SANE (Scan
kelson@kelson-laptop:/etc/udev/rules.d$ scanimage -L

No scanners were identified. If you were expecting something different,
check that the scanner is plugged in, turned on and detected by the
sane-find-scanner tool (if appropriate). Please read the documentation
which came with this software (README, FAQ, manpages).
kelson@kelson-laptop:/etc/udev/rules.d$ sudo scanimage -L
device `avision:libusb:005:004' is a Avision FB6080E flatbed scanner
kelson@kelson-laptop:/etc/udev/rules.d$

Oleksij Rempel (olerem) wrote :

this is not udev or san issue. Hardy provide new interface to manage device access. Set your account to to use scanner with polkit-gnome-authorization and/or users-admin . Do not forget to reboot after setting up.

KT (cjktan) wrote :

Fishor, the user is already in 'scanner' group.

Oleksij Rempel (olerem) wrote :

Did you used polkit-gnome-authorization ?

Am Donnerstag, den 03.04.2008, 21:25 +0000 schrieb KT:
> Fishor, the user is already in 'scanner' group.
>

Martin Pitt (pitti) wrote :

You are not supposed to use polkit-authorization or anything like that, it's supposed to happen automatically.

Again, please everyone who has that problem, open a *new* bug with the output of those commands:

  lsusb
  sane-find-scanner # in package sane-utils
  sudo sane-find-scanner

mrvanes (mrvanes) wrote :

Just for the sake of documenting my finding I add this comment here for those that may be affected by the same misconfiguration:

I had exactly the same problems, but they weren't fixed with the forementioned packages nor with the solution mentioned in bug 21708 so something else was still wrong. After debugging hal and seeing "setfacl ... Operation not supported" I started digging into the ACL side of things and it turned out I never enabled ACL on Tempfs in my self-built kernel.

/dev is mounted using tempfs by udev and after compiling a new kernel with tempfs acl enabled, my scanner was usable by normal users again instead of only root.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.