This file is indexed.

/usr/share/weblogin/generic/templates/pwchange.tmpl is in webauth-weblogin 4.5.5-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <http-equiv="pragma" content="no-cache">
    <title>WebAuth Password Change</title>
  </head>

  [% IF notdefined %]
<!--
This is the template for the WebAuth password change page.  This page is
called from pwchange.fcgi script on the weblogin server.  It displays a form
asking the user for username, current password, and two prompts for the
new password (for confirmation).  Variables used:

error                  : some error occurred
err_username           : no username error
err_password           : no old password error
err_newpassword        : no new password error
err_newpassword_match  : new passwords do not match
err_loginfailed        : username and password were incorrect
err_rejected           : username not permitted to authenticate
err_pwweak             : password changed for the password being too weak
err_pwchange           : actual password change failed (see err_msg for why)
err_msg                : extra text describing an error
RT                     : Response Token
ST                     : Service Token
CPT                    : kadmin/changepw Token
remember_login         : set if single sign-on cookies should be generated
skip_username          : suppress display of an entry box for the username
username               : the username
password               : the old password
new_passwd1            : the new password (first)
new_passwd2            : the new password (second)
changepw               : set to show this is not our first visit
expired                : set when sent here for expired password login fail

You may customize this file however you wish for your site.

The authors hereby relinquish any claim to any copyright that they may
have in this work, whether granted under contract or by operation of law
or international treaty, and hereby commit to the public, at large, that
they shall not, at any time in the future, seek to enforce any copyright
in this work against any person or entity, or prevent any person or
entity from copying, publishing, distributing or creating derivative
works of this work.
-->
  [% END %]

  <body onload="document.pwchange.username.focus();">
    <h1 align="center">WebAuth Password Change</h1>
    [% IF error %]
      <div class="error" align="center">
        <p><strong>
          [% IF err_username && err_password %]
            <!-- Error: no username or password submitted. -->
            Error: Enter your username and password.
          [% ELSIF err_username %]
            <!-- Error: no username submitted. -->
            Error: Enter your username.
          [% ELSIF err_password %]
            <!-- Error: no password submitted. -->
            Error: Enter your password.
          [% END %]
          [% IF err_newpassword %]
            <!-- Error: at least one of the new password fields was empty. -->
            Error: Enter your new password twice.
          [% END %]
          [% IF err_newpassword_match %]
            <!-- Error: new passwords do not match. -->
            Error: The two entries for your new password must match.
          [% END %]

          [% IF err_loginfailed %]
            <!-- Error: login failed. -->
            Error: You entered an incorrect username or password (or both).
          [% END %]

          [% IF err_rejected %]
            <!-- Error: user principal rejected. -->
            Error: That username may not authenticate to this service.
          [% END %]

          [% IF err_pwweak %]
            <!-- Error: password was too weak. -->
            Error: The password given failed strength checking.
            Please enter a more difficult password not based on a dictionary
            word.
          [% END %]

          [% IF err_pwchange %]
            <!-- Error: password change attempted, failed. -->
            Error: [% err_msg FILTER html %].
          [% END %]

        </strong></p>
        <p>Click <a href="/help.html">help</a> for assistance.</p>
      </div>
    [% END %]

    <div class="loginbox" align="center">
      <table border="1" width="70%">
        [% IF success %]
          <tr>
            <td><img alt="Confirm" src="/images/confirm.png"
                     width="160" height="160"/></td>
            <td>
              <div class="logintext">
                <p>You have successfully changed your password.</p>
                <p><strong>Protect your assets:</strong><br/>
                   Quit your web browser when you are finished (see below
                   for more details)</p>
              </div>
            </td>
          </tr>
        [% ELSE %]
          <tr>
            <td><img alt="Login" src="/images/login.png"
                     width="160" height="160"/></td>
            <td>
              <div class="loginform">
                <form name="pwchange"
                      action="[% script_name FILTER html %]"
                      method="post" autocomplete="OFF"
                      enctype="application/x-www-form-urlencoded">
                  <input type="hidden" name="rm" value="pwchange">
                  <input type="hidden" name="RT"
                         value="[% RT FILTER html %]">
                  <input type="hidden" name="ST"
                         value="[% ST FILTER html %]">
                  <input type="hidden" name="CPT"
                         value="[% CPT FILTER html %]">
                  <input type="hidden" name="remember_login"
                         value="[% remember_login FILTER html %]">
                  <input type="hidden" name="changepw" value="yes">
                  <input type="hidden" name="expired"
                         value="[% expired FILTER html %]">
                  [% IF skip_username %]
                    <input type="hidden" name="username"
                           value="[% username FILTER html %]">
                    <input type="hidden" name="skip_username" value="1">
                  [% END %]
                  <table>
                    [% UNLESS skip_username %]
                      <tr>
                        <td><strong>Username:</strong></td>
                        <td><input name="username" type="text"
                                   value="[% username FILTER html %]"
                                   size="18"><br/></td>
                      </tr>
                    [% END %]
                    [% UNLESS skip_password %]
                      <tr>
                        <td><strong>Old Password:</strong></td>
                        <td><input name="password" type="password" size="18"></td>
                      </tr>
                    [% END %]
                    <tr>
                      <td><strong>New Password (enter twice):</strong></td>
                      <td>
                          <input name="new_passwd1" type="password" size="18"><br/>
                          <input name="new_passwd2" type="password" size="18">
                      </td>
                    </tr>
                    <tr>
                      <td colspan="2" align="right">
                        <input type="submit" name="Submit" value="Change Password">
                      </td>
                    </tr>
                  </table>
                </form>
              </div>
              <div class="loginlinks">
                <a href="/help.html">help</a>
              </div>
            </td>
          </tr>
        [% END %]
      </table>
    </div>

    <div class="trailer">
      <h2>Caution:</h2>

      <p>Never enter your WebAuth username and password on a web page
      unless the page is a page directly served by the WebAuth login
      server.</p>
    </div>
  </body>
</html>