[Bug 438867] New: wrong scanner owner/permissions
https://bugzilla.novell.com/show_bug.cgi?id=438867 Summary: wrong scanner owner/permissions Product: openSUSE 11.1 Version: Factory Platform: PC OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: Hotplug AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: ibz@acsat.net QAContact: qa@suse.de Found By: Beta-Customer Although the scanner is correctly setup (with yast), only can be used by root. This is the output of some commands: scanimage -L device `epson:libusb:001:002' is a Epson GT-9300 flatbed scanner ls -lha /dev/bus/usb/001/002 crw-rw-r-- 1 root lp 189, 1 oct 24 20:33 /dev/bus/usb/001/002 ('chown miquel.users /dev/bus/usb/001/002' workarounds this problem) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User aorlovskyy@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c1
Alexander Orlovskyy
https://bugzilla.novell.com/show_bug.cgi?id=438867
User ibz@acsat.net added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c2
Miquel A. Noguera
https://bugzilla.novell.com/show_bug.cgi?id=438867
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c3
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User chrubis@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c4
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=438867
User ibz@acsat.net added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c5
Miquel A. Noguera
It would have been nice if you described how you did set up your scanner and not let us do blind guessing via inspecting whatever files what there might have happened on your particular system.
Of course, I just used yast2 to configure it, ("epson" driver selected, I don't like interface provided by epowka driver). This is exactly the same process I've followed to configure this scanner since 8.0 with no problems in final versions. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User aj@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c6
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c7
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User aorlovskyy@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c8
Alexander Orlovskyy
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c9
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User egd.free@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c10
--- Comment #10 from Andrey Karepin
https://bugzilla.novell.com/show_bug.cgi?id=438867
User egd.free@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c11
Andrey Karepin
https://bugzilla.novell.com/show_bug.cgi?id=438867
User chrubis@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c12
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=438867
User egd.free@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c13
Andrey Karepin
lsusb Bus 008 Device 009: ID 04b8:012d Seiko Epson Corp. Perfection V10/V100 (GT-S600/F650)
getfacl /dev/bus/usb/008/009 getfacl: Removing leading '/' from absolute path names # file: dev/bus/usb/008/009 # owner: root # group: lp user::rw- group::rw- other::r--
/usr/lib/YaST2/bin/test_and_set_scanner_access_permissions /usr/lib/YaST2/bin/test_and_set_scanner_access_permissions: line 91: /etc/hal/fdi/policy/10osvendor/80-scanner.fdi: Permission denied
The YaST scanner module runs it when it set up a scanner and also via the "Other"->"Test" functionality.
not work. ended with an error
According to /etc/udev/rules.d/55-libsane.rules the scanner device node/dev/bus/usb/xxx/yyy should be in the "lp" group so that it should work to add the normal users which should use the scanner to the group "lp".
this works. CAST is it possible to automate this process (if one user on the system than the system) or vydovat window with an explanation about the group lp when you add a scanner? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c14
--- Comment #14 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c15
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c16
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c17
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c18
--- Comment #18 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c19
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c20
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=438867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c21
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=438867
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c22
Danny Kukawka
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c23
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c24
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c25
--- Comment #25 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User coolo@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c26
Stephan Kulow
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c27
--- Comment #27 from Danny Kukawka
Danny, I wonder if /etc/hal/fdi/information/20thirdparty/ is really the right place because my HAL fdi files are no third-party software for openSUSE because the above packages sane-backends, hplip, and yast2-scanner belong to the openSUSE distribution.
The definition of information/20thirdparty/ in the hal SPEC is: "20thirdparty - from a 3rd party, not included in hal package" -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c28
--- Comment #28 from Danny Kukawka
No directory /etc/hal/fdi/information/20thirdparty/ is provided by HAL. Should or can I create arbitrary directories in /etc/hal/fdi/information/ like /etc/hal/fdi/information/20scanner/ where the name would fit better for my case?
No, you can't create /etc/hal/fdi/information/20scanner/, you have to create /usr/share/hal/fdi/information/20thirdparty as AFAICS libgphoto2 and other already do. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c29
--- Comment #29 from Danny Kukawka
But I'm not sure what this directory mess is all about either. there is policy vs. information and /usr/share vs. etc and 10osvendor vs. 20thirdparty. And if I understand Ludwig correctly, it's just about the order of the fdi files.
The problem is that the scanner file is a file with device information. Those files should be in the /usr/share/hal/fdi/information/20thirdparty or /etc/hal/fdi/information/20thirdparty (which one doesn't matter). The files in the information directory get merged into the HAL device tree before the file in the policy directory. The policy directory contains also the ACL related fdi file. To be able to set the ACLs for scanners, the info that a device is a scanner, need to be merged before the ACL-rules file. This is why the scanner file should be in one of the two 'information' directories. Btw. I wonder why this wasn't reported earlier, since there was no change in HAL recently about this. It worked this way since we removed resmgr support and replaced it with ACL HAL support. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c30
--- Comment #30 from Danny Kukawka
No, you can't create /etc/hal/fdi/information/20scanner/, you have to create /usr/share/hal/fdi/information/20thirdparty as AFAICS libgphoto2 and other already do.
either /usr/share/hal/fdi/information/20thirdparty or /etc/hal/fdi/information/20thirdparty (while I would prefer /usr/share/... since also all other packages install to this place). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c31
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c32
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c33
--- Comment #33 from Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c34
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c35
--- Comment #35 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c36
Danny Kukawka
Up to now /etc/hal/fdi/policy/10osvendor/80-scanner.fdi was created by the YaST scanner module at runtime.
Wasn't aware of this.
Should therefore the YaST scanner module create the directory /etc/hal/fdi/information/20thirdparty with whatever default permissions and write /etc/hal/fdi/information/20thirdparty/80-scanner.fdi
Correct, write it to this directory. I guess with the same permissions as the parent directory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c37
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c38
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c39
--- Comment #39 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c40
--- Comment #40 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c41
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=438867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c42
--- Comment #42 from Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=438867
User aj@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c43
--- Comment #43 from Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c44
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c45
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User dkukawka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c46
--- Comment #46 from Danny Kukawka
Ludwig, very many thanks for the analysis and the solution!
I like to state here very clearly that it was and is only Ludwig who always informed me and helped me to get this HAL mess somehow working for the current Suse Linux and openSUSE product.
Again the HAL mess changed in an incompatible way so that the fdi files need to be changed too in a non-backward compatible way. [...] The root cause of all this incredible HAL mess is of course only the totally broken way how HAL is developed (i.e. continuous incompatible changes all the time) but nevertheless as all the time in the past I accept this bug report and try again to work around the HAL mess.
Please don't spread FUD. As Ludwig already pointed out in comment #41, the problems are caused by changes in the linux kernel and the device hierarchy in the sysfs. There was nothing changed in the HAL usb related code since a long time. There are no "continuous incompatible changes all the time" in HAL. HAL and the SPEC is very stable and changes as e.g. from info.bus to info.subsystem where announced/known at least 6 months before the old keys where removed from HAL completely. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c48
--- Comment #48 from Johannes Meixner
From the HAL point of view I am HALs customer.
Probably I do not understand this all and I cannot expect to have a piece of software which lets me do hardware abstraction stuff in a stable and reliable way. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c49
--- Comment #49 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c50
--- Comment #50 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c52
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c53
--- Comment #53 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c54
--- Comment #54 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c56
Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User aorlovskyy@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c57
Alexander Orlovskyy
https://bugzilla.novell.com/show_bug.cgi?id=438867
User weigelt.bernd@web.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c58
Bernd Weigelt
https://bugzilla.novell.com/show_bug.cgi?id=438867
User aorlovskyy@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c59
--- Comment #59 from Alexander Orlovskyy
https://bugzilla.novell.com/show_bug.cgi?id=438867
User weigelt.bernd@web.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c60
--- Comment #60 from Bernd Weigelt
https://bugzilla.novell.com/show_bug.cgi?id=438867
User juergen.helmers@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c61
--- Comment #61 from Juergen Helmers
https://bugzilla.novell.com/show_bug.cgi?id=438867
User weigelt.bernd@web.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c62
--- Comment #62 from Bernd Weigelt
https://bugzilla.novell.com/show_bug.cgi?id=438867
User weigelt.bernd@web.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c63
--- Comment #63 from Bernd Weigelt
https://bugzilla.novell.com/show_bug.cgi?id=438867
User juergen.helmers@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c64
--- Comment #64 from Juergen Helmers
https://bugzilla.novell.com/show_bug.cgi?id=438867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c65
--- Comment #65 from Ludwig Nussel
Bus 005 Device 002: ID 04b8:011f Seiko Epson Corp. Perfection 1670
That scanner is commented out in /usr/share/hal/fdi/information/20thirdparty/70-scanner.fdi (line 2143) To discuss why that is the case (I don't know) it's best to open a new bug report (CC me) as this bug here is about the generic permission handling problem whereas you face a problem with your specific model only. Thanks! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c66
--- Comment #66 from Johannes Meixner
https://bugzilla.novell.com/show_bug.cgi?id=438867
User juergen.helmers@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c67
--- Comment #67 from Juergen Helmers
Nevertheless I wonder why the workaround which is shown by YaST (see comment #3) is not simply used: ----------------------------------------------------------- ... you could access the scanner via the 'saned' as a workaround. For this workaround choose 'scanning via network' and select the 'local host configuration'. ---------------------------------------------------------- In particular on a workstation in a trusted network environment (e.g. when the Suse firewall protects it from acceess from the external network zone / Internet) this workaround should cause no security problems.
Hi! Well, it does eat up resources to have another daemon running. Plus I personally use a scanning software that does not support network scanners (vuescan). Cheers Juergen -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=438867
User jsmeix@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=438867#c68
--- Comment #68 from Johannes Meixner
participants (1)
-
bugzilla_noreply@novell.com