Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: SSH and USB

  1. #11
    Join Date
    Jan 2011
    Beans
    193

    Re: SSH and USB

    I have to check for the permisions I have in bothe cases, but I get the idea 12.04 does something different then 11.10 I use.
    Unfortunedly I cannot check it right now, but I will post them!

  2. #12
    Join Date
    Mar 2010
    Location
    Metro-ATL; PM free zone.
    Beans
    Hidden!
    Distro
    Lubuntu 14.04 Trusty Tahr

    Re: SSH and USB

    Console users have special permissions to local devices. Start there. I've seen this with audio playback. I used to be able to ssh in and control speakers connected to the server. At some point, that stopped and I honestly never had a need to research it further.

    Strangely, I was in the /etc/fuse.conf file and noticed a setting there #user_allow_other - seems that local users can fuse mount drives.

    I bet all the code used to make this happen was seen as a great solution to some other problems. Perhaps if you add both your IDs to the scanner group? The plugdev group might have something to do with this too, but I'm 100% guessing on that.

  3. #13
    Join Date
    Jan 2011
    Beans
    193

    Re: SSH and USB

    Well, if read the story well, then georgesgiralt is running in a gui, on both machines, and just wants to scan from the commandline.

    I did the test and see the same permissions as you do, but I can scan ! Maybe its an issue with vuescan, I do'nt know.
    This is what I did and saw :
    Code:
    Bus 002 Device 002: ID 04b8:011b Seiko Epson Corp. Perfection 2400 Photo
    wim@grey:~$ ls -l /dev/bus/usb/002/002
    crw-rw-r--+ 1 root root 189, 129 2013-03-07 12:51 /dev/bus/usb/002/002
    wim@grey:~$ getfacl /dev/bus/usb/002/002
    getfacl: Removing leading '/' from absolute path names
    # file: dev/bus/usb/002/002
    # owner: root
    # group: root
    user::rw-
    user:wim:rw-
    group::rw-
    group:scanner:rw-
    mask::rw-
    other::r--
    
    wim@grey:~$ ssh -X browser@localhost
    browser@localhost's password: 
    Welcome to Ubuntu 11.10 (GNU/Linux 2.6.38-16-generic i686)
    
     * Documentation:  https://help.ubuntu.com/
    
    32 packages can be updated.
    32 updates are security updates.
    
    New release '12.04.2 LTS' available.
    Run 'do-release-upgrade' to upgrade to it.
    
    Last login: Wed Mar  6 16:13:23 2013 from 192.168.123.117
    browser@grey:~$ ls -l /dev/bus/usb/002/002
    crw-rw-r--+ 1 root root 189, 129 2013-03-07 12:51 /dev/bus/usb/002/002
    browser@grey:~$ getfacl /dev/bus/usb/002/002
    getfacl: Removing leading '/' from absolute path names
    # file: dev/bus/usb/002/002
    # owner: root
    # group: root
    user::rw-
    user:wim:rw-
    group::rw-
    group:scanner:rw-
    mask::rw-
    other::r--
    
    browser@grey:~$ scanimage -x 100 -y 100 --format=tiff >out.tiff
    browser@grey:~$
    I ran it indeed from the localhost to the localhost using ssh -X, because there is no difference with a reel remote host.
    May be, to be shure, you could test with scanimage? I don't see a clue to why it does not work at your site.

  4. #14
    Join Date
    Jan 2011
    Beans
    193

    Re: SSH and USB

    Wow, just an update, I oversaw this,

    To use the scanner you must be a member of the group scanner or the owner of the device.
    So root can do all, but in the last pane, george is not in the group scanner while lightdm is owner.

    I think you have to add george to the scanner group.

    When I try to use the scanner over ssh, with a user not in the scannergroup, i get the error:
    scanimage: no SANE devices found

    So that must be your solution.


    ( I think lightdm becomes owner of the device, because it is locked by lightdm for the already logged-in user )
    Last edited by kuifje09; March 7th, 2013 at 04:32 PM.

  5. #15
    Join Date
    Apr 2008
    Beans
    64

    Re: SSH and USB

    Hello !
    I did not make myself clear.
    If I log in using the graphical console, and then, start a shell and launch Vuescan, I can access the scanner and do my job. Even if someone else is *already* logged on on the console.
    If I log in using ssh I get the shell directly. Why the heck can't I access the scanner ? Am I a second class user ? What is different in the login process between the graphical user interface and ssh ? And why is there THIS difference ? (if there is one, and actually there is, what else is different? .....)
    And why are the ACL on the device file change so often.... (in this case, before I log in, the device file belongs to root with an acl to nicole, then when I log in on the graphical interface, the acl gives me the right to use the scanner. Then, when I log out, the device acl does not revert to nicole but to lightdm.... Nonsense.)
    Since then, I've found a workaround, but .... intellectually, this is not good enough.

  6. #16
    Join Date
    Jan 2011
    Beans
    193

    Re: SSH and USB

    Hi georgesgiralt,

    Thats exact the problem...

    You never are member of the scannergroup, so if you are the first to log in, you are the owner of the scanner.
    When you login as second or via the network you must exist in the scanner group.
    So you must be the owner of the scanner, check with "getfacl", or must be member of the scannergroup, check with "id".

  7. #17
    Join Date
    Apr 2008
    Beans
    64

    Re: SSH and USB

    No, I *do* disagree.
    The system behind the graphical login does idiot things. It changes acl of devices files without mercy nor rationality. I would understand if the acl gives ownership of the scanner to "nicole", the first logged user. I am dubious of the fact that the owner change to "georges" when I log in graphically. But this whole things becomes stupid when it revert the acl to "lightdm" when I log out. Worse than stupid. Add to this that this mechanism is not triggered at all when logged through ssh and you have an useless and stupid thing.
    And this is not related to scanner also. This behavior is the same for a whole bunch of devices....

  8. #18
    Join Date
    Jan 2011
    Beans
    193

    Re: SSH and USB

    I understand what you mean but I think it is a little different organized.
    It may look as strange behaviour, but also it is just a way it is designed. And I am shure, I couldnt do it better.
    And last but not least, if you are in the scanner group, you can alway access the scanner, so what's the point.
    Over the network you never become the owner of the scanner, so take it or leave it. ( I dont mean this in a bad way. )
    I would say , better al devices are from root or the display manager. Although I don't know what the display manager has to deal with devices at all.
    It could be considered as a bit more secure when you can oly use a device when it is stricly given to you. As now by the group permission.
    But either way , it is a choice.

    Maybe add yourself to the scanner group and tell if thats a working solution. It can be at help for others.

Page 2 of 2 FirstFirst 12

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •