[Alix (and similar)] How to add custom pages to ZS web GUI

Home Page Forums Network Management ZeroShell [Alix (and similar)] How to add custom pages to ZS web GUI

This topic contains 1 reply, has 0 voices, and was last updated by  PatrickB 2 years, 5 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #44567

    PatrickB
    Member

    Hello.

    This is related to my proposition in this topic:
    https://www.zeroshell.org/forum/viewtopic.php?t=4964

    I hope the 2 softlinks could become standard in next version, since they have quite no cost, they can break nothing for Users not using them, and they open the feature to people needing it.
    In the meantime I added them by myself, what means to modify the read-only partition ‘cdrom’.
    Please notice that performing a standard update of Zeroshell will crush this change.
    Please notice that doing this may be dangerous, you can mess your CF card, and not only the ‘cdrom’ partition ! I recommend that you take a full copy of it before, in case of.

    The operation requires a PC with Linux and a CF card slot (or USB reader).
    Some entries may require ‘sudo’, of course. Here I write the/my method the simple way…

    Identify the partition to be modified

    Mount the CF on the PC and explore the ‘cdrom’ partitions (I have 2).
    There is inside a folder named with the kernel version.
    For me it was the ‘cdrom’ mounted as /dev/sdb2, so partition #2.

    Locate, size and extract the data pattern

    > parted -a optimal /dev/sdb

    (parted) unit b
    (parted) print
    Modele: Generic- USB3.0 CRW -0 (scsi)
    Disque /dev/sdb : 4009549824B
    Taille des secteurs (logiques/physiques): 512B/512B
    Table de partitions : msdos

    Numero Debut Fin Taille Type Systeme de fichiers Fanions
    1 1048576B 221249535B 220200960B primary ext3 demarrage
    2 221249536B 556793855B 335544320B primary <
    This one
    3 556793856B 892338175B 335544320B primary
    4 892338176B 2017419263B 1125081088B primary ext4

    (parted) quit

    > dd if=/dev/sdb of=/cdrom-janus.iso bs=1M skip=221249536 count=335544320 iflag=skip_bytes,count_bytes conv=notrunc,noerror,sync
    320+0 read
    320+0 written
    335544320 bytes (336 MB) copied, 18,2247 s, 18,4 MB/s

    Make a writeable copy of the directory tree

    > mkdir /mnt/iso
    > mount -o loop -t iso9660 /cdrom-janus.iso /mnt/iso
    (here it should say that it mounts in read-only, of course)

    > mkdir /cdrom-janus
    > cp -pRf /mnt/iso /cdrom-janus
    (cp -pRf to preserve the attributes)

    Create the needed files in it

    > cd /cdrom-janus/iso/usr/local/apache2

    Here I just need 2 softlinks as explained in the project.

    > ln -s /opt/webtools/cgi-bin cgi-bin/tools
    > ln -s /opt/webtools/htdocs htdocs/tools

    > cd

    Get information about the original ISO structure

    > isoinfo -d -i cdrom-janus.iso

    CD-ROM is in ISO 9660 format
    System id: LINUX
    Volume id: CDROM
    Volume set id:
    Publisher id:
    Data preparer id:
    Application id: GENISOIMAGE ISO 9660/HFS FILESYSTEM CREATOR (C) 1993 E.YOUNGDALE (C) 1997-2006 J.PEARSON/J.SCHILLING (C) 2006-2007 CDRKIT TEAM
    Copyright File id:
    Abstract File id:
    Bibliographic File id:
    Volume set size is: 1
    Volume set sequence number is: 1
    Logical block size is: 2048
    Volume size is: 136332
    El Torito VD version 1 found, boot catalog is in sector 3016
    NO Joliet present
    Rock Ridge signatures version 1 found
    Eltorito validation header:
    Hid 1
    Arch 0 (x86)
    ID ''
    Key 55 AA
    Eltorito defaultboot header:
    Bootid 88 (bootable)
    Boot media 0 (No Emulation Boot)
    Load segment 0
    Sys type 0
    Nsect 4
    Bootoff BC9 3017

    This tells what to require from ‘genisoimage’, but we are not ready yet.
    As you can check, the directory tree is about 575Mb while ‘dd’ said it retrieved 336Mb.
    The ISO must be compressed properly.

    Compile a compressed ISO

    > cd /cdrom-janus

    > mkzftree –force iso iso.z
    (may take half a minute)

    The boot image itself must not be compressed, so replace with the original folder.

    > rm -rf iso.z/isolinux
    > cp -pRf iso/isolinux iso.z/isolinux

    Run the ‘genisoimage’ with all the parameters referencing the ISO’s root.

    > cd iso.z

    > genisoimage -U -r -v -z -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o ../../patched-cdrom-janus.iso .
    (care of the final spaced dot: the source is the current directory)

    ...
    60.16% done, estimate finish Fri May 27 21:28:40 2016
    63.71% done, estimate finish Fri May 27 21:28:40 2016
    67.24% done, estimate finish Fri May 27 21:28:40 2016
    70.78% done, estimate finish Fri May 27 21:28:40 2016
    74.32% done, estimate finish Fri May 27 21:28:40 2016
    77.85% done, estimate finish Fri May 27 21:28:40 2016
    81.40% done, estimate finish Fri May 27 21:28:40 2016
    84.93% done, estimate finish Fri May 27 21:28:40 2016
    88.48% done, estimate finish Fri May 27 21:28:40 2016
    92.01% done, estimate finish Fri May 27 21:28:40 2016
    95.55% done, estimate finish Fri May 27 21:28:40 2016
    99.09% done, estimate finish Fri May 27 21:28:40 2016
    Total translation table size: 2048
    Total rockridge attributes bytes: 2223149
    Total directory bytes: 6057984
    Path table size(bytes): 26644
    Done with: The File(s) Block(s) 138131
    Writing: Ending Padblock Start Block 141140
    Done with: Ending Padblock Block(s) 150
    Max brk space used 127a000
    141290 extents written (275 MB)

    Finally it is a little smaller: 275Mb.

    Insert a valid checksum in the result.

    > implantisomd5 ../../patched-cdrom-janus.iso
    Inserting md5sum into iso image…
    md5 = ff02545a7cafc9a02d9542923cc24012
    Inserting fragment md5sums into iso image…
    fragmd5 = 3f2878fc36fed4b558c3dbd46be45dfd6b211f47fb82c2317ff8f13b1b2e
    frags = 20
    Setting supported flag to 0

    Let’s verify the result.

    > isoinfo -d -i ../../patched-cdrom-janus.iso

    CD-ROM is in ISO 9660 format
    System id: LINUX
    Volume id: CDROM
    Volume set id:
    Publisher id:
    Data preparer id:
    Application id: GENISOIMAGE ISO 9660/HFS FILESYSTEM CREATOR (C) 1993 E.YOUNGDALE (C) 1997-2006 J.PEARSON/J.SCHILLING (C) 2006-2007 CDRKIT TEAM
    Copyright File id:
    Abstract File id:
    Bibliographic File id:
    Volume set size is: 1
    Volume set sequence number is: 1
    Logical block size is: 2048
    Volume size is: 141290
    El Torito VD version 1 found, boot catalog is in sector 3009
    NO Joliet present
    Rock Ridge signatures version 1 found
    Eltorito validation header:
    Hid 1
    Arch 0 (x86)
    ID ''
    Key 55 AA
    Eltorito defaultboot header:
    Bootid 88 (bootable)
    Boot media 0 (No Emulation Boot)
    Load segment 0
    Sys type 0
    Nsect 4
    Bootoff BC2 3010

    Implant the modified partition

    Reminder: Here I do recommend to take an image of the whole CF before, you will be happy to have it it no longer boots…

    > umount /mnt/iso
    > mount -o loop -t iso9660 /patched-cdrom-janus.iso /mnt/iso

    ❗ Care: the ‘if/of’ but also ‘iflag/oflag’ are different from previous ‘dd’.

    > dd if=/patched-cdrom-janus.iso of=/dev/sdb bs=1M seek=221249536 count=335544320 iflag=count_bytes oflag=seek_bytes conv=notrunc,noerror,sync
    275+1 read
    276+0 written
    289406976 bytes (289 MB) copied, 43,909 s, 6,6 MB/s

    The moment of truth

    Insert the CF in the Alix box, plug and… Yes it boots ! 😀 8) 😉

    And… What can we do with that ?

    Now the folders ‘/opt/webtools/htdocs‘ and ‘/opt/webtools/cgi-bin‘ can be created in a writeable partition but they are virtually inside the authorized HTML and CGI contents of the Apache server.

    If you create a valid web page ‘index.html’ in ‘/opt/webtools/htdocs’, pointing the web browser to this address will display it:
    https:///tools/

    Then a link or a form in this HTML that invokes a script ‘do-something’ located in ‘/opt/webtools/cgi-bin’ should reference it as:

    Limitations:

    This ‘pirate’ extension of Zeroshell’s GUI does not cooperate with the official master script ‘kerbynet’, then it does not share the session and permissions. Some parallel security could be implemented but it does not come by itself…

    It’s visibility can be controlled only by the firewall, what means that the whole GUI, this included, is visible or not: my LAN Master’s GUI is visible only on LAN side, of course.

    So the contents and commands it may present should be carefully evaluated in terms of security.

    The main advantage is to use the existing Apache server and not have to install a second one in /opt, using a specific port etc. just to display a custom page of information. On a small embedded system this would cause a not acceptable performance hit.

    Feel free to comment and report your use cases for this feature.

    Best regards. 🙂

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.