HOWTO_Install_a_USB_scanner

Introduction

Due to the lack of decent installation instructions, I have decided to write a short but complete how-to on installing a USB scanner in Gentoo for kernel 2.6.4 or higher. There is already a lot of information around, but none of it is complete, and in some cases it is not applicable to kernel 2.6.4 or higher.

Kernel options

Make sure you have USB support in your kernel. The kernel option you should select will be either OHCI HCD or UHCI HCD, depending on your motherboard's chipset. Use the lspci command to find out which one is right for you:

# emerge -nav pciutils
# lspci -v | grep HCI

In my case, I have a VT82xxxxx motherboard with UHCI support, so I selected the kernel options for UHCI HCD:

Device Drivers  --->
   USB support  --->
   < >   OHCI HCD support
   <*>   UHCI HCD (most Intel and VIA) support

Device Drivers -->
   SCSI device support -->
      [*] legacy /proc/scsi support

If you want more informations on USB, please read the Gentoo Linux USB Guide.

Collecting Information

Vendor/ProdID

After having rebooted your computer, connect your scanner to the USB port, turn it on and issue the following commands:

# emerge -av usbutils
# lsusb

The output should be similar to that shown below:

Bus 004 Device 001: ID 0000:0000
Bus 003 Device 001: ID 0000:0000
Bus 002 Device 004: ID 04b8:0802 Seiko Epson Corp. Stylus CX3200
Bus 002 Device 001: ID 0000:0000
Bus 001 Device 001: ID 0000:0000

Next to the name of your scanner (in my case, Seiko Epson Corp. Stylus CX3200), you should also see two 4-digit codes: the Vendor (in this case, 04b8) and the ProdID (in this case, 0802). These values may differ from the ones shown depending on your scanner's model. Write them down as they are needed in the configuration process later on.

Backend

Now go here, fill in the form with your scanner's manufacter and model name, then take note of the backend through which it is supported. In my case I need the "epson" backend.

Installation

sane-backends-1.0.15-r2 or higher makes use of the variable SANE_BACKENDS, by which you can install only the backend which is required by your scanner and avoid the compilation of all the others. If you want take advantage of that feature edit /etc/make.conf and add the following line:

SANE_BACKENDS="the_name_of_your_backend_goes_here" # the name should be non-capital words

The needed packages are Ebuild:sys-apps/hotplug, xsane and sane-backends.

Beware also that for sane-backends>=1.0.17 to compile, the SANE_BACKENDS variable shouldn't be specified in make.conf as it may break your compilation process.

Emerge the needed packages by typing:

# emerge -av hotplug sane-backends xsane

Don't forget to add hotplug to the boot runlevel if you installed it: (No need for this anymore?? According to /etc/init.d/hotplug --82.207.117.213 13:14, 6 July 2007 (UTC))

# rc-update add hotplug boot

Note: I'm using the hplip backend. I also had to add the line "hpaio" to /etc/sane.d/dll.conf --193.170.132.238 23:01, 10 December 2007 (UTC)

Epson USB scanners : the easy way

It is quite easy to install an Epson USB scanner : you only need to emerge the iscan (media-gfx/iscan) package. Make sure you set the proper flags in your /etc/make.conf, to do so, use equery from the gentoolkit (app-portage/gentoolkit) package to check for available flags :

 # emerge gentoolkit
 # equery uses =iscan -a

Now make sure you have the following USE flags: X gimp unicode usb.

Now emerge the iscan (media-gfx/iscan) program

 # emerge -av iscan

To scan an image, just type iscan in the command line interface. Remember, to allow your users to have access to the usb scanner, they must be a member of both the usb and scanner groups! Proceed to the permission section.

Configuration

In /etc/hotplug/usb/libsane.usermap you will find a list of supported USB scanner with their Vendor/ProdID pairs (in my case, the pair is: 04b8/0802). You can check if your scanner is already present in that list by issuing the following command:

# grep put_here_the_ProdID /etc/hotplug/usb/libsane.usermap

If your pair isn't there, add it manually by following the instructions in the file, then please report it to the sane-devel mailing list.

If you don't know what your Vendor/ProdID pair is, look for your device in /proc/bus/usb/devices.

Under /etc/sane.d/ directory you will find all the backends configuration files. Edit the one which is related to your scanner by following the instructions contained inside. For the Epson CX-3200, you have to add the following line to /etc/sane.d/epson.conf:

usb 0x4b8 0x802

Make sure that these codes match the Vendor and the ProdID values you wrote down earlier.

Note: Some backends, such as the niash backend, do not currently have any configuration options; and therefore no configuration file.

For some backends you might want to add the device:

[usb] 0x04a9 0x220d # this one for Canon N670U
device auto

Permissions

When you emerged xsane the group "scanner" has been automatically added to your system. Add to that group all the users you want the scanner to be used by:

# gpasswd -a <user> scanner

You'll need to either log out and log back in or issue newgrp scanner in order to change privileges. However, if you do this every file you create will belong to the group scanner rather than the users group. To set a password for the scanner group issue gpasswd scanner.

Now, as a regular non-root user, type:

$ groups

If everything is ok, you should see the word "scanner" in the output.

Scanner detection

Launch hotplug if you installed it (and coldplug if you have an old version of udev):

# /etc/init.d/hotplug start

To check if your scanner has been properly detected issue the following commands:

found USB scanner (vendor=0x04b8, product=0x0802) at libusb:002:004

If nothing is found, then your scanner isn't in /etc/hotplug/usb/libsane.usermap . See "Configuration" above.

device `epson:libusb:002:004' is a Epson CC-570L flatbed scanner

If scanimage doesn't find anything, than either you don't have the correct sane-backend installed, or the backend installed doesn't support your scanner. As of April 27, 2007 the latest backend ebuild is sane-backends-1.0.18-r2 which was created July 31, 2006. Since this is pretty old, you might be able to find and manually install a newer version of your backend which might support your scanner. The backends all have man pages; that is a good place to look for a project website.

If both above steps worked, then you are ready to scan. Run xsane and enjoy yourself!

Or, if you are in a headless environment you can try to scan using the following command (change the device-name !)

# scanimage --device-name epson:libusb:002:004 --resolution 300 --format tiff > image.tiff

One-touch Scanning

Many scanners have buttons on them which support functions such as one-touch scanning, one-touch copying, or attaching a photo to an e-mail. Take a look at TIP Scanner buttons and one-touch scanning for more information on how to do this.

Remote scanning

The SANE daemon saned is used to provide local scanners to remote computers.

Modify /etc/sane.d/saned.conf to setup which hosts may access which scanner, for ex :

192.168.1.0/24

Create user and group for running sane as:

# groupadd saned
# useradd saned -g saned -s /bin/false
# gpasswd -a saned scanner

Install xinetd

# emerge xinetd
# rc-update add xinetd default

Edit /etc/xinetd.conf and remove excess access restrictions like

only_from = localhost

saned uses TCP port 6566 for its control connection and a dynamic port above 1024 for its data connection (much like FTP). The latter poses a problem for firewalls. If the machine running saned is protected with iptables the following rules (for /var/lib/iptables/rules-save) let the desired traffic through. It works using the RECENT match module: The SANE control connection is monitored for activity and 3 seconds after a control packet, a connection to any high port may be established. This is not ultimate security but better than nothing and simple enough. Stay tuned for a better solution with the upcoming netfilter conntrack.

# these should be close to the top
# track SANE control connections
[0:0] -A INPUT -m recent --update --seconds 600 --name SANE
# related traffic (ACK, FIN, DNS UDP responses etc.)
[0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# SANE server uses a dynamic data port above 1024
#  see also 'related traffic' on top!
[0:0] -A INPUT -p tcp -m tcp --dport 6566 --syn -m recent --set --rsource --name SANE -j ACCEPT
[0:0] -A INPUT -p tcp -m tcp --dport 1024: --syn -m recent --rcheck --rsource --seconds 3 --name SANE -j ACCEPT

Create /etc/xinet.d/sane-port

service sane-port
{
  socket_type = stream
  server = /usr/sbin/saned
  protocol = tcp
  user = saned
  group = scanner
  wait = no
  disable = no
}

Now start xinetd and check its logs

# /etc/init.d/xinetd start
# cat /var/log/daemon.log
...
Jul 28 21:53:17 gollum xinetd[7387]: Started working: 1 available service

On the remote computer add the hostname of the saned server to /etc/sane.d/net.conf. Then try to access the scanner:

$ scanimage -L
device `net:gollum:plustek:libusb:002:003' is a Canon N1240U/LiDE30 USB flatbed scanner

Troubleshooting

Canon PIXMA MP610 (and other recent devices!)

Try using the CVS-Version of sane-backends, if scanimage -L fails.

I wrote an ebuild, grab it here: http://bugs.gentoo.org/show_bug.cgi?id=224939

--(kEiNsTeiN, 2008-06-04)

remote scanning does not work

Shut down xinetd and run

$ saned -d

Now try from the remote computer. If it works now, then try to use username root and group scanner with xinetd. If this works, try issuing: find /dev -group scanner on the server machine. If that doesn't return anything, then udev hasn't created your device file with the correct group. Try issuing udevtrigger to reload the udev rules--that should fix it.

If you get

 $ check_host: getaddrinfo failed: Name or service not known
 $ init: access by host x.x.x.x denied

Try setting the servers ip and hostname in /etc/hosts (also on the server)

For newer versions of hplip and udev, try adding the saned user to the lp group as well (but leave the xinetd group set to scanner).

On the remote computer, check if you have SANE_BACKENDS set in /etc/make.conf . If you do, you probably need to add "net" and re-emerge sane-backends, so the network backend gets built. For instance, my /etc/make.conf has this:

SANE_BACKENDS="pixma net"

xsane's home directory

If xsane gives you some problems, try this:

$ rm -rf ~/.sane
# rm -rf ~/.sane

SANE_BACKENDS variable

The new SANE_BACKENDS variable, if set, may cause some problems. If you have an issue, probably the first thing you should do is to comment it out and re-emerge sane-backends. See bug 90598.

Coldplug startup error

Please see bug 83738 if when launching coldplug you get an error similar to the following one:

 * Coldplugging usb devices ...
chown: cannot access `/proc/bus/usb/001/004': No such file or directory
chmod: cannot access `/proc/bus/usb/001/004': No such file or directory
chown: cannot access `/proc/bus/usb/001/004': No such file or directory
chmod: cannot access `/proc/bus/usb/001/004': No such file or directory

Basically you have to edit /etc/hotplug/usb.rc and substitute the following line:

devbus=$( ( echo -n 000 ; cat $devlink/../../devnum ) | grep -o ...\$ )

with this one:

devbus=$( ( echo -n 000`echo $devlink| sed 's/^.*usb\([0-9]\+\)\/.*$/\1/'` ) | grep -o ...\$ )

Then:

# /etc/init.d/coldplug restart

UDEV

When xsane works successfully under root and not as user, it normally means that you have a permissions problem. The default permission rules for udev currently set scanners to belong to the root group and not to the scanner group. The most elegant method to solve this is to write a custom permissions rule and place it into /etc/udev/rules.d. This is achieved as follows:

# grep scanner /etc/udev/rules.d/50-udev.rules >> /etc/udev/rules.d/10-udev.rules
# nano /etc/udev/rules.d/10-udev.rules

Udev processes the rules files in /etc/udev/rules.d in lexical order, so your local settings should be stored in a file lexically ahead of the default 50-udev.rules so that they are processed first. The name of your new file must end in .rules, otherwise udev will ignore it.

So now edit the contents of the newly created /etc/udev/rules.d/10-udev.rules to the following:

# scanner devices
scanner:root:scanner:0660
usb/scanner*:root:scanner:0660

The above udev rules are wrong. Do not add them to your udev rules. These are remnants of old entries for the permissions file, not the rules file. If you are using a kernel and udev that old, the entries go into the /etc/udev/permissions.d/ directory, not /etc/udev/rules.d/.

Remember, this is for old udev and <2.6.4 kernels.

Assuming hotplug is installed and working, simply unplug/replug in your scanner so that udev updates your permissions. Users in the scanner group can now use xsane.

Since we are here, let's just add a note for SCSI scanner users too. For a SCSI scanner, the rule can probably be simpler. If your scanner is at /dev/sg0 and you want to make it a member of the "scanner" group instead of "root" (which is what you probably need to do), then the following rule will work:

# scanner devices
KERNEL=="sg0", GROUP="scanner"

This rule says set the GROUP to scanner for the device that is called sg0 in the kernel (i.e. /dev/sg0).

As another alternative USB users can also try the following runscript. However it will need to be restarted every time you remove/replug your scanner.

# touch /etc/init.d/usbscanner
# chmod +x /etc/init.d/usbscanner
# nano /etc/init.d/usbscanner

#!/sbin/runscript

depend() {
       need modules
       after coldplug
}

scan_proc() {
	vendor=04a9
	product=221c
	group=scanner
	line=`sane-find-scanner -q | grep -i ${vendor} | grep -i ${product}`
	line=`echo ${line} | sed -r 's/:/\n/' | sed 1d` 	
	bus=`echo ${line} | sed -e 's/^0*//' -e 's/:/\n/' | sed 2d` 
	device=`echo ${line} | sed 's/:/\n/' | sed -e 1d -e 's/^0*//'`
	dev_device=/dev/usbdev${bus}.${device}
	proc_device=/proc/bus/usb/`printf %03d ${bus}`/`printf %03d ${device}`	
}

start() {
       scan_proc
       if [ ! "${bus}" = "" ]; then
         ebegin "Setting User-Rights for USB-Scanner at bus ${bus}, device ${device}"
         chown root:${group} ${proc_device} ${dev_device}
         chmod go+w ${proc_device} ${dev_device}
       else
         ebegin "USB-Scanner not connected"
       fi
       eend $?
}

stop() {
       scan_proc
       if [ ! "${bus}" = "" ]; then
         ebegin "Setting USB-Scanner Rights back to default"
         chown root:root ${proc_device} ${dev_device}
         chmod go-w ${proc_device} ${dev_device}
       else
         ebegin "USB-Scanner is not connected - stopping service"
       fi
       eend $?
}

restart() {
       svc_stop
       svc_start
}

dev_device=/dev/bus/usb/${bus}/${device}

At last:

# /etc/init.d/usbscanner start
# rc-update -a usbscanner default

Start xsane as user and enjoy!

If none of the above seems to do the trick, try checking if the scanner device is actually located at /dev/bus/usb (all of these scripts are oriented towards /proc/bus/usb) and make sure the permissions for that are set correctly.

Another easier method is to simply add yourself to the USB group and modify the following line within the following file:

# usbfs-like device nodes
SUBSYSTEM=="usb_device", PROGRAM="/bin/sh -c 'K=%k; K=$${K#usbdev}; printf bus/usb/%%03i/%%03i $${K%%%%.*} $${K#*.}'", NAME="%c", MODE="0664", GROUP="usb"

Concentrate on modifying the MODE variable and adding the GROUP variable.

This should give all your usb devices "root:usb crw-rw-r--" permissions.

Case: HP Photosmart C4180 Xsane working as root but not as user after an emerge world. Having a look at the:

# Udev rules file for HP printer products.

ACTION!="add", GOTO="hpmud_rules_end"

SUBSYSTEM!="usb|usb_device", GOTO="hpmud_rules_end"
SUBSYSTEM=="usb", ENV{DEVTYPE}!="usb_device" ,GOTO="hpmud_rules_end"

# Check for AiO products (0x03f0xx11).
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="??11", GROUP="lp"
# Check for Photosmart products (0x03f0xx02).
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="??02", GROUP="lp"
# Check for Business Inkjet products (0x03f0xx12).
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="??12", GROUP="lp"
# Check for Deskjet products (0x03f0xx04).
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="??04", GROUP="lp"
# Check for LaserJet products (0x03f0xx17).
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="??17", GROUP="lp"

LABEL="hpmud_rules_end"

and adding the user to the "lp" group solved the scanner access

Lock directory

Some backends, such as plustek (used by many Canon LiDE scanners), require a lock directory; and some old sane-backend ebuilds did not create this directory properly. Make sure that /var/lib/lock/sane or /var/lock/sane directory exists, that its permissions are 660, and that it is owned by root:scanner. If the directory permissions are wrong, only root will be able to use the scanner.

Firmware upgrade

Some scanners, such as the Epson 1670, need a firmware upgrade. See the SANE homepage for the file name to search. Copy from the official Win CD (after install, or Google...), and update /etc/sane.d/snapscan.conf.

Check if your scanner is in the list on SnapScan page. If you have hard time finding the .bin file asked by SANE, try an FTP search with the following link: [1]. Don't forget to edit the /etc/sane.d/snapscan.conf file to match your scanner firmware.

Acer/Benq firmwares are available on their FTP.

Detection takes a long time

This is addressed to the owners of Epson 1250, 1250/Photo, 1260, or any Epson with the Plustek chipset. To check if your scanner is among those you should run scanimage -L and get something like this:

device `plustek:libusb:002:002' is a Epson

If it's taking a long time to detect your scanner, edit /etc/sane.d/dll.conf and comment out "epson" dll:

#epson

(from this thread, search for a post from alarmcall)

Samsung SCX-4200

Only users from group "lp" can access the scanner.

This or a similar rule may apply to other MFP devices, too. You can try the following:

1. as root start scanimage in one terminal
2. in another terminal find out PID for this process (ps -ef )
3. check groups of files and devices used by this process (ls -al /proc/PID/fd)

Take a look also here, there you find some very usefull infos (how to use it as normal user and more), also about the printer-setup: http://jacobo.tarrio.org/Samsung_SCX-4200_on_Debian

Try ebuild from http://bugs.gentoo.org/show_bug.cgi?id=139715 - ebuild wrapper for Samsung SCX/MFP Unified Linux Drivers.

Other

Also you may need to get the relevant driver (thinks sane backend is supposed to supply this but did not in my case). You can look here for some from [2]. Just put it into the /usr/share/sane/ and then under the relevant directory for you backend, in my case gt68xx/.

You may have to add your driver to the /etc/sane.d/dll.conf file (or uncomment it) in order for it to be detected.

Also, when you run xsane it should tell you which driver is missing if that is the issue.

If your scanner is not detected by scanimage -L, try a newer version of sane-backends. For example the canon canoscan LIDE25 is supported as of version 1.0.16.

Also,

   SANE_DEBUG_DLL=128 scanimage -L

output helps me much while setting up and finding out why SCX-4200 was not detecting. (Commandline wiki tag is not working with env=val :( )

For some the Gentoo ebuild just won't work. For example, while sane-find-scanner detected my Canon PIXMA MP460 printer/scanner, scanimage -L did not. The solution was to read the backend man page (man sane-pixma), noting the website http://home.arcor.de/wittawat/pixma/, downloading and building the latest backend, and installing it over the Gentoo version. Now sane is happy.

Links

From Gentoo Wiki:

• HOWTO EPSON CX3650
• TIP Scanner buttons and one-touch scanning

From Gentoo Forums:

• Scanning works only as root
• epson scanner and libusb
• HOWTO: Parallel Port Scanner

From Gentoo Bugs:

• Bug 50934

Other:

• Hewlett-Packard Linux Imaging and Printing Project
• Some help for SANE Network Daemon