mirror
/
sane-project-backends
kopia lustrzana https://gitlab.com/sane-project/backends
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

doc: merge changes from default, related to removal of init system config.

666-epsonds-has-issues-with-saned
Ralph Little 2023-02-20 20:14:58 -08:00
rodzic 06280f15c1
commit 2b20ad5b12
1 zmienionych plików z 23 dodań i 281 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

304
doc/saned.man
Wyświetl plik

@ -207,285 +207,6 @@ scan\-client.somedomain.firm
.PP
The case of the host names does not matter, so AHost.COM is considered
identical to ahost.com.
.SH SERVER DAEMON CONFIGURATION
For
.B saned
to work properly in its default mode of operation, it is also necessary to
add the appropriate configuration for
.BR xinetd (8),
.BR inetd (8)
or
.BR systemd (1)
(see below).
Note that your
.BR inetd (8)
must support IPv6 if you want to connect to
.B saned
over IPv6;
.BR xinetd (8),
.BR openbsd-inetd (8)
and
.BR systemd (1)
are known to support IPv6, check the documentation for your
.BR inetd (8)
daemon.
.PP
In the sections below the configuration for
.BR inetd (8),
.BR xinetd (8)
and
.BR systemd (1)
are described in more detail.
.PP
For the configurations below it is necessary to add a line of the following
form to
.IR /etc/services :
.PP
.RS
sane\-port 6566/tcp # SANE network scanner daemon
.RE
.PP
The official IANA short name for port 6566 is "sane\-port". The older name
"sane" is now deprecated.
.SH INETD CONFIGURATION
It is required to add a single line to the
.BR inetd (8)
configuration file
.IR (/etc/inetd.conf)
.
.PP
The configuration line normally looks like this:
.PP
.RS
sane\-port stream tcp nowait saned.saned @SBINDIR@/saned saned
.RE
.PP
However, if your system uses
.BR tcpd (8)
for additional security screening, you may want to disable
.B saned
access control by putting ``+'' in
.IR saned.conf
and use a line of the following form in
.IR /etc/inetd.conf
instead:
.PP
.RS
sane\-port stream tcp nowait saned.saned /usr/sbin/tcpd @SBINDIR@/saned
.RE
.PP
Note that both examples assume that there is a
.B saned
group and a
.B saned
user. If you follow this example, please make sure that the
access permissions on the special device are set such that
.B saned
can access the scanner (the program generally needs read and
write access to scanner devices).
.SH XINETD CONFIGURATION
If
.BR xinetd (8)
is installed on your system instead of
.BR inetd (8)
the following example for
.I /etc/xinetd.conf
may be helpful:
.PP
.RS
.ft CR
.nf
# default: off
# description: The sane server accepts requests
# for network access to a local scanner via the
# network.
service sane\-port
{
port = 6566
socket_type = stream
wait = no
user = saned
group = saned
server = @SBINDIR@/saned
}
.fi
.ft R
.RE
.SH SYSTEMD CONFIGURATION
.B saned
can be compiled with explicit
.BR systemd (1)
support. This
will allow logging debugging information to be forwarded
to the
.BR systemd (1)
journal. The
.BR systemd (1)
support requires compilation with the
.BR systemd (1)
development package installed on the system. This is the preferred option.
.B saned
can be used with
.BR systemd (1)
without the
.BR systemd (1)
integration compiled in, but then logging of debug information is not supported.
The
.BR systemd (1)
configuration is different for the 2 options, so both are described below.
.SH Systemd configuration for
.B saned
with systemd support compiled in
For
.BR systemd (1)
configuration we need to add 2 configuration files in
.IR /etc/systemd/system .
.PP
The first file we need to add here is called
.IR saned.socket .
It shall have
the following contents:
.PP
.RS
.ft CR
.nf
[Unit]
Description=saned incoming socket
[Socket]
ListenStream=6566
Accept=yes
MaxConnections=1
[Install]
WantedBy=sockets.target
.fi
.ft R
.RE
.PP
The second file to be added is
.I saned@.service
with the following contents:
.PP
.RS
.ft CR
.nf
[Unit]
Description=Scanner Service
Requires=saned.socket
[Service]
ExecStart=/usr/sbin/saned
User=saned
Group=saned
StandardInput=null
StandardOutput=syslog
StandardError=syslog
Environment=SANE_CONFIG_DIR=@CONFIGDIR@
# If you need to debug your configuration uncomment the next line and
# change it as appropriate to set the desired debug options
# Environment=SANE_DEBUG_DLL=255 SANE_DEBUG_BJNP=5
[Install]
Also=saned.socket
.fi
.ft R
.RE
.PP
You need to set an environment variable for
.B SANE_CONFIG_DIR
pointing to the directory where
.B saned
can find its configuration files.
You will have to remove the # on the last line and set the variables
for the desired debugging information if required. Multiple variables
can be set by separating the assignments by spaces as shown in the
example above.
.PP
Unlike
.BR xinetd (8)
and
.BR inetd (8),
.BR systemd (1)
allows debugging output from backends set using
.B SANE_DEBUG_XXX
to be captured. See the man-page for your backend to see what options
are supported.
With the service unit as described above, the debugging output is
forwarded to the system log.
.SH Systemd configuration when saned is compiled without systemd support
This configuration will also work when
.B saned
is compiled WITH
.BR systemd (1)
integration support, but it does not allow debugging information to be logged.
.PP
For
.BR systemd (1)
configuration for
.BR saned ,
we need to add 2 configuration files in
.IR /etc/systemd/system .
.PP
The first file we need to add here is called
.IR saned.socket .
It is identical to the version for
.BR systemd (1)
with the support compiled in.
It shall have the following contents:
.PP
.RS
.ft CR
.nf
[Unit]
Description=saned incoming socket
[Socket]
ListenStream=6566
Accept=yes
MaxConnections=1
[Install]
WantedBy=sockets.target
.fi
.ft R
.RE
.PP
The second file to be added is
.IR saned@.service .
This one differs from the version with
.BR systemd (1)
integration compiled in:
.PP
.RS
.ft CR
.nf
[Unit]
Description=Scanner Service
Requires=saned.socket
[Service]
ExecStart=/usr/sbin/saned
User=saned
Group=saned
StandardInput=socket
Environment=SANE_CONFIG_DIR=/etc/sane.d
[Install]
Also=saned.socket
.fi
.ft R
.RE
.PP
.SH FILES
.TP
.I /etc/hosts.equiv
@ -529,6 +250,28 @@ and
.I "@CONFIGDIR@"
being searched (in this order).
.SH NOTES
.B saned
does
.I not
provide confidentiality when communicating with clients. If
.B saned
is exposed directly on the network, other users may be able to intercept
scanned images, or learn passwords for connecting to
.BR saned ,
with little effort. Client systems should connect to
.B saned
through a secure tunnel to the server instead.
.PP
.B saned
is not a trusted program and should not run with root privileges.
.PP
Refer to
.I @DOCDIR@/saned/saned.install.md
for details on configuring
.B saned
as a service.
.SH "SEE ALSO"
.BR sane (7),
.BR scanimage (1),
@ -536,12 +279,11 @@ being searched (in this order).
.BR xcam (1),
.BR sane\-dll (5),
.BR sane\-net (5),
.BR sane\-"backendname" (5),
.BR inetd (8),
.BR xinetd (8),
.BR systemd (1)
.br
Backend-specific man pages.
.br
.I http://www.penguin-breeder.org/?page=sane\-net
.SH AUTHOR
David Mosberger