Epson Scan 2 Not Working for Standard Users on Ubuntu 20.04 LTS: A Comprehensive Guide

At revWhiteShadow, we understand the frustration when essential hardware peripherals, like your Epson scanner, refuse to cooperate with standard user accounts on your Ubuntu 20.04 LTS system. You’ve meticulously set up your father’s notebook with a clean Ubuntu 20.04 LTS installation, configured your administrative account with all necessary privileges, and recently welcomed an Epson ET-2785 printer to your home network. While you, as the administrator, can effortlessly launch and utilize Epson Scan 2, your father, operating under a standard, non-administrative user profile, encounters a perplexing issue: Epson Scan 2 simply refuses to launch. This detailed guide aims to demystify this behavior and provide a robust solution to ensure Epson Scan 2 functionality for all users, regardless of their administrative privileges.

We’ve encountered similar scenarios where software designed with system-wide access in mind can exhibit unexpected behavior when accessed by users with restricted permissions. This is a common challenge in Linux environments, particularly when dealing with applications that require access to system resources, device files, or specific configurations that are typically managed at a higher privilege level. The fact that Epson Scan 2 works flawlessly for your administrative account, but not for your father’s standard account, points towards a permissions or configuration issue that is specific to the user context.

Our goal is to provide a solution that allows your father to scan documents using Epson Scan 2 without needing administrative intervention or the inconvenience of switching user accounts. We will delve into the underlying reasons for this behavior and offer actionable steps to rectify it, ensuring a seamless scanning experience for everyone in your household. We will approach this problem methodically, examining potential causes from application dependencies to device file permissions, and ultimately equip you with the knowledge to overcome this hurdle.

Understanding the Root Cause: Permissions and User Context

The core of this issue lies in how Linux manages user permissions and how applications interact with system resources. When you launch an application like Epson Scan 2 from the graphical interface, it runs within the context of the currently logged-in user. If the application requires access to resources that are not available or properly configured for that user’s permissions, it may fail to launch or operate correctly.

In the case of Epson Scan 2, it’s highly probable that the application, during its installation or initial setup, either requires access to specific system libraries, device nodes (like /dev/usb/* or network interface configurations), or configuration files that are not universally readable or executable by all users by default. When launched by a standard user, the application might encounter a roadblock, preventing it from initializing its graphical interface or establishing a connection with the scanner hardware.

We have observed that many scanning utilities, especially those developed for broader operating system compatibility, may not always implement the most granular Linux-specific permission handling. This often leads to scenarios where system-wide installations of drivers or applications inadvertently create dependencies on elevated privileges, even for operations that seem routine.

The Sudoers List and Standard User Limitations

Your father’s user account, by design, does not have sudo privileges. This means it cannot execute commands that require root (administrator) permissions. While you are not explicitly using sudo to launch Epson Scan 2 from the terminal, the application itself might be attempting to access resources or perform actions that implicitly require these elevated permissions. This could involve:

  • Accessing Device Files: The scanner, whether connected via USB or accessed over the network, is represented by device files in the Linux system. Standard users might lack the necessary permissions to read from or write to these device files, which are essential for communication with the scanner.
  • Reading Configuration Files: Epson Scan 2 likely relies on configuration files that store settings, preferences, and perhaps even driver information. If these files are owned by root or have restricted read permissions, a standard user might not be able to access them.
  • Utilizing System Libraries: Certain libraries or shared objects that Epson Scan 2 depends on might have been installed with permissions that only allow execution or access by privileged users.
  • Network Interface Access: Given that the printer is connected via WiFi, the application might need specific permissions to interact with network interfaces or services that manage network device discovery and communication.

The discrepancy you observe – working for the admin user and not for the standard user – strongly suggests that the administrative user’s session has a broader set of permissions that allow it to overcome these access restrictions, even without direct sudo commands being typed.

Troubleshooting Steps: A Detailed Approach

To resolve the Epson Scan 2 issue for your father’s standard user account, we will follow a structured troubleshooting process. This involves verifying the installation, checking critical permissions, and potentially reconfiguring the application or its dependencies.

1. Verifying Epson Scan 2 Installation and Dependencies

First, let’s ensure that Epson Scan 2 is correctly installed and that all its dependencies are met for all users.

1.1. Re-checking the Installation Process

While you’ve likely followed standard Ubuntu software installation procedures, it’s worth revisiting the process to ensure no steps were missed that might have specifically affected non-admin users.

  • Download Location: Confirm that you downloaded the correct .deb package for your Ubuntu version from the official Epson website. Ensure it’s the 64-bit version if your Ubuntu 20.04 LTS is 64-bit (which is the most common).
  • Installation Command (for reference): Although you launch via the GUI, understanding the underlying command is useful. Typically, you would install a .deb file using:
    sudo dpkg -i epsonscan2_*.deb
sudo apt --fix-broken install
    The sudo prefix here is critical for system-wide installation. This means the application and its associated files are placed in system directories, and their permissions are set based on the assumption of root installation.

1.2. Identifying and Installing Missing Dependencies

Sometimes, the .deb package might not automatically pull in all necessary libraries, or these libraries might have permission issues.

  • Using ldd: To inspect which shared libraries Epson Scan 2 relies on, you can use the ldd command. First, you need to find the executable for Epson Scan 2. It’s often located in /usr/bin/epsonscan2.
    ldd /usr/bin/epsonscan2
    Examine the output for any lines that say “not found.” If you find any, you’ll need to identify the corresponding package and install it using sudo apt install <package_name>.
  • System Library Permissions: Ensure that critical system libraries, particularly those related to image processing or scanning (e.g., libjpeg, libpng, libraries from sane-utils), have read and execute permissions for all users. Generally, these are set correctly by default on a standard Ubuntu installation, but it’s a point to be aware of.

2. Addressing Device File Permissions

This is often the most common culprit for hardware access issues with non-administrative users. Scanner devices, particularly when connected via USB, are represented by files in /dev/. Even though your printer is on WiFi, the system might still create or reference device-related entries that require specific permissions.

2.1. Understanding udev Rules

In Linux, udev is the device manager responsible for creating device nodes in /dev/ and handling device-specific permissions. Epson scanners might require specific udev rules to be created to allow standard users to access them.

  • Epson’s udev Rules: Epson typically provides udev rules that are installed along with their drivers. These rules are usually placed in /etc/udev/rules.d/. A common filename might be 50-epson.rules or similar.
  • Examining Existing Rules: Let’s check if these rules are present and what permissions they are trying to set.
    ls -l /etc/udev/rules.d/
    Look for files that seem related to Epson or scanning.
  • Checking Rule Content: If you find an Epson-related rule file, inspect its content:
    cat /etc/udev/rules.d/50-epson.rules  # Replace with the actual filename
    Look for lines that assign group ownership or permissions to the scanner devices. For example, you might see something like: SUBSYSTEM=="usb", ATTR{idVendor}=="04b8", ATTR{idProduct}=="XXXX", MODE="0660", GROUP="scanner" or SUBSYSTEM=="usb", ATTR{idVendor}=="04b8", ATTR{idProduct}=="XXXX", ENV{libsane_GROUP}="scanner"

2.2. Creating or Modifying udev Rules for Broader Access

If the existing rules are too restrictive or are missing, we can create a new rule or modify an existing one to grant broader access.

  • Identifying Vendor and Product IDs: You need to identify the Vendor ID and Product ID of your Epson ET-2785.

    • Using lsusb: Connect the scanner (even if it’s via USB for identification purposes) and run:
      lsusb
      Look for an entry that mentions Epson. It will be in the format Bus XXX Device XXX: ID yyyy:zzzz Epson Corp. ..... The yyyy is the Vendor ID, and zzzz is the Product ID. For Epson, the Vendor ID is usually 04b8. You’ll need the specific Product ID for the ET-2785.
    • Using usb-devices: A more detailed command:
      usb-devices | grep -i epson
      This will provide more information, including the IDs.

  • Creating a Custom udev Rule: Let’s create a rule that grants read/write access to the scanner device for all users, or preferably, for members of a specific group that includes your father.

    Option A: Granting Access to a Specific Group (Recommended)

    1. Create a new group: A common group for scanner access is scanner.
      sudo groupadd scanner
    2. Add your father’s user to the scanner group:
      sudo usermod -aG scanner ${FATHERS_USERNAME}  # Replace ${FATHERS_USERNAME} with your father's actual username
      You will need to log out and log back in for this group membership to take effect.
    3. Create a new udev rule file:
      sudo nano /etc/udev/rules.d/99-epson-scanner.rules
    4. Add the following content, replacing 04b8 and XXXX with your scanner’s IDs:
      SUBSYSTEM=="usb", ATTR{idVendor}=="04b8", ATTR{idProduct}=="XXXX", MODE="0666", GROUP="scanner"
      The MODE="0666" grants read and write permissions to everyone. GROUP="scanner" assigns ownership to the scanner group.
    5. Reload udev rules:
      sudo udevadm control --reload-rules
sudo udevadm trigger
    6. Reboot the system: A reboot is often the most reliable way to ensure all udev changes are applied correctly.

    Option B: Granting Universal Read/Write Access (Less Secure, Use with Caution)

    If the group method is still problematic, you can try granting broader permissions directly.

    1. Create a new udev rule file:
      sudo nano /etc/udev/rules.d/99-epson-scanner-all.rules
    2. Add the following content, replacing 04b8 and XXXX with your scanner’s IDs:
      SUBSYSTEM=="usb", ATTR{idVendor}=="04b8", ATTR{idProduct}=="XXXX", MODE="0666"
      The MODE="0666" here means read and write permissions for the owner, group, and others.
    3. Reload udev rules:
      sudo udevadm control --reload-rules
sudo udevadm trigger
    4. Reboot the system.

  • Note on WiFi: While udev rules are primarily for USB devices, some network scanner configurations might still leverage certain system interfaces that could be affected by these rules if the driver installation process broadly applies them. It’s worth trying these steps even for a network scanner.

3. Checking Network Scanner Configuration and Permissions

Since your Epson ET-2785 is connected via WiFi, the access mechanism might differ slightly from a direct USB connection. Epson Scan 2 typically discovers network scanners using protocols like SLP (Service Location Protocol) or by querying the network directly.

3.1. Ensuring Network Discovery Works for All Users

  • Network Services: Ensure that network discovery services are running and accessible to standard users. On Ubuntu, this typically involves services related to CUPS (Common Unix Printing System) and potentially Avahi for mDNS/Bonjour discovery.
  • Firewall Rules: While unlikely to be the cause if it works for admin, a misconfigured firewall could block scanner discovery. However, if it works for admin, this is less probable. Check your firewall status:
    sudo ufw status
    If it’s active, ensure that incoming traffic on relevant ports (e.g., for SLP, mDNS) isn’t blocked for local network access.

3.2. Epson Scan 2 Network Configuration

Epson Scan 2 itself might have an internal configuration for how it handles network scanner discovery and access.

  • Application Settings: When you launch Epson Scan 2 as admin, check if there are any settings related to network scanner registration or a default scanning profile that your father’s user might not be inheriting.
  • Configuration Files: Epson Scan 2 likely stores its configuration in the user’s home directory, specifically in hidden directories like ~/.config/epsonscan2/ or ~/.local/share/epsonscan2/.
    • When logged in as your father, check if these directories are created. If not, it might indicate an issue with the application creating its user-specific configuration upon first launch.
    • If the directories exist, examine the permissions of the files within them.
      ls -la ~/.config/epsonscan2/
ls -la ~/.local/share/epsonscan2/
      Ensure that your father’s user has read and write permissions to these files and directories.

4. Reinstalling Epson Scan 2 with User-Specific Considerations

If the permission-based solutions don’t yield results, a reinstallation might be necessary, with a focus on how the application is integrated into the system.

4.1. Clean Uninstallation

Before reinstalling, it’s best to perform a clean uninstall to remove any potentially corrupted configuration files or incorrect permissions.

  1. Uninstall Epson Scan 2:
    sudo apt remove epsonscan2
sudo apt purge epsonscan2
  2. Remove Associated Configuration Files: Manually remove any remaining Epson Scan 2 configuration files from your home directory and system-wide locations if they were not purged.
    rm -rf ~/.config/epsonscan2
rm -rf ~/.local/share/epsonscan2
# Also check /etc/opt/epsonscan2/ or similar system directories if they exist.

4.2. Reinstalling and Testing

  1. Download the latest driver package from Epson’s support website for your ET-2785 and Ubuntu 20.04 LTS.
  2. Install the .deb package:
    sudo dpkg -i epsonscan2_*.deb
sudo apt --fix-broken install
  3. Apply udev rules as described in Section 2.2.
  4. Log in as your father’s user and attempt to launch Epson Scan 2 from the application menu (the 9-dot icon).

5. Advanced Troubleshooting: SELinux and AppArmor

While less common for standard application issues on Ubuntu (which primarily uses AppArmor), security modules like SELinux or AppArmor could theoretically interfere with application execution if misconfigured.

  • AppArmor: Ubuntu uses AppArmor to confine applications to a limited set of resources. Epson Scan 2 might have an AppArmor profile.
    • Check AppArmor status:
      sudo aa-status
    • Check logs for AppArmor denials:
      sudo grep -i 'DENIED' /var/log/audit/audit.log  # If auditd is installed and running
sudo grep -i 'DENIED' /var/log/syslog
      Look for any denials related to epsonscan2 or its components. If denials are found, you might need to adjust the AppArmor profile for Epson Scan 2, which can be a complex process.

6. Confirming Scanner Availability for the User

A simple check to see if the scanner is even recognized by the system under your father’s user context.

  • Using scanimage (from sane-utils): First, ensure sane-utils is installed:
    sudo apt install sane-utils
    Log in as your father, open a terminal, and run:
    scanimage -L
    If Epson Scan 2 is correctly configured to be accessible by standard users, scanimage -L should list your scanner. If it doesn’t, it confirms a fundamental access problem that needs to be addressed at the system or driver level, likely related to udev or sane backend permissions.

Final Considerations and Best Practices

  • User Accounts and Permissions: It’s crucial to understand the distinction between administrative users and standard users in Linux. Always perform system-wide installations and configurations with sudo. For everyday tasks, standard user accounts enhance security.
  • Printer Setup: While your primary issue is with scanning, ensure that printing also works correctly for your father’s user. The CUPS printing system generally handles permissions well, but it’s a good cross-check.
  • Documentation: Keep a record of the udev rules you create or modify, as well as any other configuration changes. This will be invaluable if you need to troubleshoot similar issues in the future or if system updates inadvertently revert your changes.
  • Epson Support: If all these steps fail, consider reaching out to Epson’s technical support. While they may not always have specific Ubuntu 20.04 LTS troubleshooting steps for non-admin users, they might provide insights into the application’s underlying requirements.

By systematically working through these steps, particularly focusing on udev rules and group permissions, we are confident that you will be able to resolve the issue of Epson Scan 2 not working for standard users on your Ubuntu 20.04 LTS system. This ensures that all members of your household can benefit from your new Epson scanner without any user-level restrictions, making your scanning experience smooth and efficient. We at revWhiteShadow are dedicated to providing detailed and effective solutions to such common yet frustrating computing challenges.