SANE Network Daemon question
punosevac at math.arizona.edu
Sat Dec 8 18:17:57 PST 2007
> On Saturday 08 December 2007 20:39:06 Predrag Punosevac wrote:
>> I was just looking at the documentation on SANE web-site about network
>> and I noticed that /etc/services on my i386 does not include line like
>> sane-port 6566/tcp # SANE network scanner daemon
>> which is used by saned (Sane Network Daemon to enable scanning over the
>> The /etc/inetd.conf file is also missing line (of course should be
>> commented by default)
>> sane-port stream tcp nowait saned.saned /usr/local/sbin/saned saned
>> The handbook is also mute about the scanning over the network.
>> Is anybody using scanners on the network on FreeBSD? Handbook article
>> should also be appended.
>> I might try to play with it and see how it goes. I could contribute the
>> documentation if the community has interest in it.
> I wanted to do this but I could not find a package for it. In Linux, I use
> sane-utils to do this.
Saned (Sane Daemon) is included in the standard distribution of
sane-backhands. I checked sane-utils on the Debian web-site and seems it
is just idiotic GUI.
I have to go very carefully through sane documentation and all files
that come with the sane-backhands.
My hunch would be that one needs to do at least following steps for
For the purposes of this example I will assume that scanner already
works properly on a machine which we will refer as server.
Our goal is to make this scanner usable to other machines which we call
clients on our local network. The following scenario looks likely. We
have a small computer lab of 10 machines running FreeBSD, 2 printers and
a scanner. We want people who use these work stations to be able to use
any of these two printers and the scanner regardless of the fact if the
printer or a scanner is physically attached to
a particular workstation.
Step 1 Edit /etc/services with (probably both on server and on the
sane-port 6566/tcp # SANE network scanner daemon
Step 2 Edit /etc/inetd.conf as (on the server and on the client
sane-port stream tcp nowait saned.saned /usr/local/sbin/saned saned
Step 3 Edit /etc/rc.conf with (on the server and on the client machine)
Step 4 One probably also needs to edit /etc/hosts to add the host server
to which sane is attached. (this is probably only on the client machine)
Step 5 Edit file /usr/local/etc/sane.d/net.conf which as default looks like
# This is the net config file. Each line names a host to attach to.
# If you list "localhost" then your backends can be accessed either
# directly or through the net backend. Going through the net backend
# may be necessary to access devices that need special privileges.
on the client side. Maybe on the server side too.
Step 6 Edit file /usr/local/etc/sane.d/saned.conf which as default looks
# The contents of the saned.conf file is a list of host names, IP
# addresses or IP subnets (CIDR notation) that are permitted to use local
# SANE devices. IPv6 addresses must be enclosed in brackets, and should
# always be specified in their compressed form.
# The hostname matching is not case-sensitive.
# NOTE: /etc/inetd.conf (or /etc/xinetd.conf) and
# /etc/services must also be properly configured to start
# the saned daemon as documented in saned(8), services(4)
# and inetd.conf(4) (or xinetd.conf(5)).
probably both on local and server side.
I probably skipped some steps both on the client and on the server side.
Step 7 Reboot server and clients for daemons to start.
I do not know of the web configuration utility to do this like the one
for Samba (which also uses inetd) and it will probably make
system administration just less transparent.
I do not fully understand the security implication of the running
daemon. It looks to me that the daemon is running around as a supper user
and that might be very serious thing.
Probably above should be tried only behind the PF but how to configure
the PF so that the daemon is invisible to anybody who is outside of our
local network? I have more questions at this point than the answers and
I just thought of this for half an hour.
I will play with my local network after the Christmas holidays and
report on the results.
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions