Persistent patch for WDMyCloudMirror OS3 - survives reboots #10
Description
The original patch.sh script works but does not survive reboots. This is because /var/www/ is on a ramdisk and gets overwritten on every boot from the read-only squashfs image.
Solution
Add the patch as a cron entry via persistent ubifs flash storage
(/usr/local/config/config.xml).
Steps
1. Make patch.sh idempotent (only patches if still vulnerable)
#!/bin/sh
TARGET="/var/www/rest-api/api/System/config/module.config.xml"
if grep -q "<post>USER_AUTH</post>" "$TARGET"; then
sed -i 's/<post>USER_AUTH<\/post>/<post>ADMIN_AUTH<\/post>/' "$TARGET"
killall httpd
sleep 1
httpd -f /usr/local/apache2/conf/httpd.conf -k graceful &
fi
Save as /mnt/HD/HD_a2/patch.sh and make executable:
chmod +x /mnt/HD/HD_a2/patch.sh
2. Add persistent cron entry
sed -i 's|</crond>|<hdpatch><count>1</count><item id="1"><method>3</method><1>*</1><2>*</2><3>*</3><4>*</4><5>*</5><run>sh /mnt/HD/HD_a2/patch.sh</run></item></hdpatch></crond>|' /usr/local/config/config.xml
sed -i 's|</list>|<name id="10">hdpatch</name></list>|' /usr/local/config/config.xml
xmldbc -D /etc/NAS_CFG/config.xml
xmldbc -l /usr/local/config/config.xml
wd_compinit -p
3. Verify
crontab -l | grep patch
grep "<post>USER_AUTH</post>" /var/www/rest-api/api/System/config/module.config.xml || echo "PATCHED"
Tested on
- Device: WD My Cloud Mirror
- Firmware: OS3 (v2.7)