HTML as a Graphical User Interface for Sys Admin Tasks
This article is a practical tutorial for developing
Language (HTML)-based GUI UNIX administration tools.
I present a simple
login audit tool (La Tool), which generates reports
for a userid
selected from a dropdown scroll list. Details of how
to restrict access
to these HTML-based tools are outlined with respect
to NCSA's httpd v1.3
World Wide Web (WWW) server.
Why use an HTML browser for system administration tasks?
UNIX system administration consisted mostly of editing
text files in
obscure directories; however, text-only interfaces are
inadequate in a
modern UNIX environment dominated by graphical user
interfaces such as
X11. X11 has allowed various workstation manufacturers
to build GUIs for
sys admin tasks. Unfortunately, X11 programming is cumbersome
readily portable to non-UNIX systems.
A nonplatform-specific way of presenting and acting
graphical/textual data across networks would be ideal.
portable GUI solution is available in the form of WWW
technology. A web server not only delivers HTML files,
but also can act
upon information coming from the browser. Mechanisms
for data processing
on the server end are described by the common gateway
CGI allows complex administration scripting on the server
HTML and WWW Client/Server Interaction:
The connection between a WWW browser and server is stateless.
bit of data an HTML document requires, a communication
method must be
specified. This communication method can be thought
of as a server
command, with additional hidden information. Getting
files from the
server requires the get method, while sending information
accomplished via the post method. If a CGI program only
command-line parameter, data is bundled with the get
stateless transaction paradigm requires user authentication
handled by the server, with implicit acknowledgment
by the browser. You
have the option of typing in the user name/password
once to access a
document or CGI binary. Otherwise you would have to
type the login
ID/password for each element retrieved. The browser
information cached until you quit. This is a low level
of security, but
no worse than an open telnet connection.
HTML is a set of commands that can be embedded in text
embedded commands partition text into logical format
and link elements.
The characters <, >, and / differentiate HTML
commands from regular
text. A logical partition beginning for text is specified
<HTML_ELEMENT>. The end of the text partition
is specified by
</HTML_ELEMENT>. Some HTML elements don't specifically
operate on the
text in a document. Instead, they are inclusive, such
graphics or specialized format elements, such as paragraph
elements don't require </HTML_ELEMENT>. Listed
below are HTML examples,
for inline graphics, for making text bold and italic,
for inserting a
horizontal bar, and for specifying the end of a paragraph
<B><I>Bold and Italic!!</I></B>
This sentence appears directly below the horizontal bar.
Text is displayed without any formatting information.
Without a paragraph break, the next bit of text
would be appended to this rambling monologue.<P>
This is the next sentence, and it starts a new paragraph.
The above commands are good for display purposes, but
the most important
HTML element is the anchor. With it you can make text
or a logical HTML
partition point to any Internet host in the world. Here
is a bit of text
turned into an HTML anchor:
Charles Bundy's home page.</A>
Anchor elements are important, because they give users
local control of
data, while supporting global accessibility. If you
authentication set up, "global" refers to
machine type, rather than
The example anchor command requires a hypertext reference
(HREF). The HREF parameter is a Uniform Resource Locator
or URL. The URL
is split into three parts. The first two parts are network
specify what kind of resource server to contact. If
specifies http the browser would use default port number
80 and expect
httpd to accept commands. If, instead, the URLspecified
ftp, the browser
would use port number 21 and expect ftpd to accept commands.
after ://, is the machine address of where to send server
third part of a URL specifies which file to retrieve.
The path to this
file is relative to the default HTML document directory.
My http server
uses /http/htdocs as the default HTML document directory.
If a ~USERID
is specified, httpd goes to that user's home directory
and appends a
default HTML document subdirectory. If an HTML document/path
specified, a default file name is used. In the anchor
example above, the
browser opens a connection to the University of Virginia
Science WWW server. It sends a get method to port number
that the default file index.html be retrieved from the
Common Gateway Interface (CGI)
Under most circumstances a browser will send commands
that the server
directly processes. Most of these commands are "get
a file and send it
to me." Once the file gets to the browser, either
it is displayed or a
helper application is called. Web browsers can process
HTML and GIF
data, but don't have a built-in WordPerfect viewer.
would be called as a "helper application"
to display a datastream that
is foreign to the browser. The reverse case would be
when a browser
needed to send something that required complex processing
on the server
Servers cannot do generic processing. They must pass
data to a local
program that can act upon the information. The mechanism
data to a program and sending the results (usually HTML)
back to a
browser is defined by the CGI. CGI isn't a programming
language, it is
simply a definition of how data is to be transferred.
methods are specified in the HTML 1.0 standard: standard
environment variables, and command-line parameters.
Most CGI binaries
use a combination of standard input and environment
variables, and La
Tool does this as well.
For detailed documentation, tutorials, and examples
Example: La Tool
La Tool is a CGI application, written as a C program.
interactively communicates with an administrator via
a Web-browser and
appropriate server. La Tool receives information which
the local server
has extracted from an HTML form (submitted by the administrator).
Tool acts on this information by performing some administration
function, and then packages the results as HTML documents
passed to the server for return to the administrator,
where they are
formated for display by the browser.
La Tool is written in C instead of in an interpreted
such as perl. Those of you who know perl will probably
be asking "Why?"
(For an explanation, see perl sidebar.) Suffice to say,
I am more
comfortable with C than perl.
The source code is broken into four parts, shown in
Listings 1 through
4. Listing 6 is the makefile used to create La Tool.
Listing 5 is the
include file that specifies the size of the log record
array, and the
GIF logo and background picture URLs. If you hate to
type, a source code
bundle including latool.gif and chalk.gif is available
Development should be kept separate from the production
(Dadmintool). I advise creating a Dsrc/Dtool subdirectory
extracting/creating the source listings there.
To Process or Not, That Is the Question
Listing 1 contains the main() procedure. main() does
and then gets the environment variable REQUEST_METHOD.
one of several standard environment variables that the
server exports to
child processes. If REQUEST_METHOD is set to POST, La
Tool will extract
the userid from stdin and call check() (Listing 4) to
process and return
the results. Otherwise, La Tool calls fillitForm() to
send an HTML form
for a sys admin to select the userid.
This is the standard method of determining whether a
script needs to
process information or send some sort of input form.
thing to note is line 23:
The server normally sends this line and a blank line
based upon file
extensions. That is, if a get method is issued for an
Content-TYPE is returned as shown above. When a CGI
binary is called,
the WWW server doesn't make any assumptions about the
Thus your CGI program has to explicitly tell the browser
that it is
sending text containing HTML commands (or a GIF file,
When the browser issues a post method, La Tool prints
out HTML wrapper
information and calls check(). check() does all the
work of reading the
wtmp file and printing out login statistics independent
of the HTML
interface. Thus, you can use La Tool as a skeleton for
any admin code
you are using now. Substitute your code for check(),
fillitForm() to suit your input needs, and modify the
parsing of stdin.
There you have instant HTML GUI, with one caveat. If
needs to send more than one item of information, you
will need to break
up stdin by watching for ?. Browser return data is of
The ? separates variable assignment pairs. La Tool only
passes one item
of information; thus, a typical stdin stream would be:
User Interface fillitForm() and seluser()
Listing 2 (fillitForm()) contains the code that prints
out an HTML input
form (see Figure 2). This form was designed for Netscape,
but looks the
same under Mosaic v2.x. If the La Tool interface doesn't
browser, eliminate offending HTML elements.
Input elements are contained within the HTML FORM element.
the action to be taken for a group of HTML input elements,
<SELECT>. Input elements have a NAME and usually
a default value, unless
they are freeform. The following is an example of a
freeform text entry
<INPUT TYPE="text" NAME="ut_name" SIZE=12>
The user interface presented by La Tool tries to minimize
by querying the UNIX passwd file and presenting a selection
login IDs. The first version of La Tool had a text box
in which you
typed the login ID.
That version was very unfriendly, because you had to
know the exact
login ID before running La Tool, but has now been rectified
(Listing 3). seluser() uses the <SELECT> element
to build a dropdown
list of valid login IDs.
seluser() builds this list by parsing the /etc/passwd
file. There is a
drawback La Tool decides upon the input choices for
a user. La Tool's
idea of what is valid may not contain all possible valid
inputs. If you
are running NIS, you can't get all the user names from
this instance a freeform text box would be better. The
might not have all user information but the login ID
will always be
recorded in wtmp.
Because this is a distributed GUI, information about
which machine you
are querying is presented. The logging file is also
displayed, though it
might be better to make this a user input. To make sure
no one file has
more lines than La Tool can handle (specified by NUMREC,
see Listing 5),
you might prune /var/adm/wtmp on a monthly basis. La
Tool could present
another <SELECT> list that lets a user pick a
particular month/year file
Presentation of Results -- check()
Listing 4 contains check(), which does the complex processing
Tool. Unlike the other routines, which are mostly HTML
statements, check() prints out very little HTML. It
parameters, a userid and the log file, to process. check()
reads in the
log file and then starts at the first record. If the
record contains a
login name that matches the userid parameter, a second
The search starts at the next record and terminates
when a matching tty
logout record is discovered. The search also terminates
if a shutdown
record is encountered. Online time is calculated from
the start and end
records, and this information is printed along with
the two records.
Online time is added to the accumulated time, which
is printed when all
the records have been scanned. The unit time is seconds,
but hours and
minutes are printed using a modulus/unit conversion
factor. Any error
messages or warnings are printed for display by the
Compiling and Running
If you have all six listings present in Dsrc/Dtool,
edit Listing 5,
latool.h. Set ACTION_URL to the machine on which latool
is installed. I
used the IP address, but you can use a domain name like:
If you have the archive latool.tar.Z, you will have
chalk.gif. Put these into your default HTML system directory
directory). Now change BACK_URL and LOGO_URL so they
point to the proper
machine/path. For example, assume httpd is on a local
rodan, and the gifs are in the HTML default system directory.
statements would be:
#define BACK_URL "http://rodan/chalk.gif"
#define LOGO_URL "http://rodan/latool.gif"
If you didn't get the source archive, you can create
a background and
logo gif using any paint program.
Now type make to create the latool binary. Move latool
administration directory (Dadmintool). Launch your favorite
and try to access latool. If you copied the ScriptAlias
as described in
security setup, the URL for rodan would be:
La Tool is a simple CGI program that does a form of
administration. It demonstrates basic concepts, but
doesn't go in depth
about various input elements. The following books provide
information about CGI and elements such as radio buttons.
Murdy, Robert J. Serving the Web. Coriolis Group.
Graham, Ian S. HTML SourceBook. John Wiley & Sons.
About the Author
Charles Bundy received B.S. and M.CS degrees from the
Virginia. He is currently a programmer/analyst for the
Department of Transportation and has implemented a statewide
program using surplus equipment and Linux OS. He also
Internet technology transfer program.