From b48e86dded0bf7f6b8d1272c6a78cace7bd7b730 Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Tue, 20 Apr 2021 23:44:25 +0300
Subject: [PATCH 1/6] Use new API with old `changepass.pl` for compatibility

---
 changepass.pl | 107 ++------------------------------------------------
 1 file changed, 4 insertions(+), 103 deletions(-)

diff --git a/changepass.pl b/changepass.pl
index 0e55ead2a..b6c201495 100755
--- a/changepass.pl
+++ b/changepass.pl
@@ -3,109 +3,11 @@
 # Script for the user to change their webmin password
 
 # Check command line arguments
-require "./acl/md5-lib.pl";
 usage() if (@ARGV != 3);
-($config, $user, $pass) = @ARGV;
-if (!-d $config) {
-	print STDERR "The config directory $config does not exist\n";
-	exit 2;
-	}
-if (!open(CONF, "<$config/miniserv.conf")) {
-	print STDERR "Failed to open $config/miniserv.conf : $!\n";
-	print STDERR "Maybe $config is not the Webmin config directory.\n";
-	exit 3;
-	}
-while(<CONF>) {
-	if (/^([^=]+)=(\S+)/) { $config{$1} = $2; }
-	}
-close(CONF);
-if (!open(CONF, "<$config/config")) {
-	print STDERR "Failed to open $config/config : $!\n";
-	print STDERR "Maybe $config is not the Webmin config directory.\n";
-	exit 3;
-	}
-while(<CONF>) {
-	if (/^([^=]+)=(\S+)/) { $gconfig{$1} = $2; }
-	}
-close(CONF);
 
-# Update the users file
-if (!open(USERS, "<".$config{'userfile'})) {
-	print STDERR "Failed to open Webmin users file $config{'userfile'} : $!\n";
-	exit 4;
-	}
-while(<USERS>) {
-	s/\r|\n//g;
-	local @user = split(/:/, $_);
-	if (@user) {
-		$users{$user[0]} = \@user;
-		push(@users, $user[0]);
-		}
-	}
-close(USERS);
-$uinfo = $users{$user};
-if (!defined($uinfo)) {
-	print STDERR "The Webmin user $user does not exist\n";
-	print STDERR "The users on your system are: ",join(" ", @users),"\n";
-	exit 5;
-	}
-$uinfo->[1] = encrypt_password($pass);
-$uinfo->[6] = time();
-if (!open(USERS, ">$config{'userfile'}")) {
-	print STDERR "Failed to open Webmin users file $config{'userfile'} : $!\n";
-	exit 6;
-	}
-foreach $v (values %users) {
-	print USERS join(":", @$v),"\n";
-	}
-close(USERS);
-print "Updated password of Webmin user $user\n";
-
-# Send a signal to have miniserv reload it's config
-if (open(PID, "<".$config{'pidfile'})) {
-	$pid = <PID>;
-	$pid =~ s/\r|\n//;
-	close(PID);
-	if (!$pid) {
-		print STDERR "Webmin is not running - cannot refresh configuration\n";
-		}
-	elsif (!kill('USR1', $pid)) {
-		print STDERR "Failed to signal process $pid - cannot refresh configuration\n";
-		}
-	}
-else {
-	print STDERR "Webmin is not running - cannot refresh configuration\n";
-	}
-
-sub encrypt_password
-{
-my ($pass) = @_;
-if ($gconfig{'md5pass'} == 1) {
-	# Use MD5 encryption
-	return &encrypt_md5($pass);
-	}
-elsif ($gconfig{'md5pass'} == 2) {
-	# Use SHA512 encryption
-	return &encrypt_sha512($pass);
-	}
-else {
-	# Use Unix DES
-	srand(time() ^ $$);
-	$salt ||= chr(int(rand(26))+65).chr(int(rand(26))+65);
-	return &unix_crypt($pass, $salt);
-	}
-}
-
-sub unix_crypt
-{
-local ($pass, $salt) = @_;
-if ($use_perl_crypt) {
-	return Crypt::UnixCrypt::crypt($pass, $salt);
-	}
-else {
-	return crypt($pass, $salt);
-	}
-}
+my ($config, $user, $pass) = @ARGV;
+my $status = system("webmin passwd --config $config --user $user --pass $pass");
+exit $status;
 
 sub usage
 {
@@ -115,9 +17,8 @@ usage: changepass.pl <config-dir> <login> <password>
 This program allows you to change the password of a user in the Webmin
 password file. For example, to change the password of the admin user
 to foo, you would run:
-	changepass.pl /etc/webmin admin foo
+  - changepass.pl /etc/webmin admin foo
 This assumes that /etc/webmin is the Webmin configuration directory.
 EOF
 exit 1;
 }
-

From 86fe633785a98571b28757e5e27ae2151afa4556 Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Wed, 21 Apr 2021 11:43:45 +0300
Subject: [PATCH 2/6] Use the full path to `webmin` command

---
 changepass.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changepass.pl b/changepass.pl
index b6c201495..373bfccec 100755
--- a/changepass.pl
+++ b/changepass.pl
@@ -6,7 +6,7 @@
 usage() if (@ARGV != 3);
 
 my ($config, $user, $pass) = @ARGV;
-my $status = system("webmin passwd --config $config --user $user --pass $pass");
+my $status = system("/usr/bin/webmin passwd --config $config --user $user --pass $pass");
 exit $status;
 
 sub usage

From 3b8861b1c92eda5c78f53735db5ac3b783b63048 Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Thu, 22 Apr 2021 14:01:20 +0300
Subject: [PATCH 3/6] Fix script to consider command path
 https://github.com/webmin/webmin/pull/1477#discussion_r618115481

---
 changepass.pl | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/changepass.pl b/changepass.pl
index 373bfccec..2379260c9 100755
--- a/changepass.pl
+++ b/changepass.pl
@@ -2,11 +2,23 @@
 # changepass.pl
 # Script for the user to change their webmin password
 
+# Get Webmin directory
+my $cwd = $0;
+$cwd =~ s/(.*)\/.*/$1/;
+
 # Check command line arguments
 usage() if (@ARGV != 3);
 
 my ($config, $user, $pass) = @ARGV;
-my $status = system("/usr/bin/webmin passwd --config $config --user $user --pass $pass");
+my $status = system("$cwd/bin/webmin passwd --config $config --user $user --pass $pass");
+if ($status != 0) {
+	if ($! =~ /no such file/i) {
+		print "Error: Webmin CLI command cannot be found\n";
+		}
+	else {
+		print "Error: $!\n";		
+	}
+}
 exit $status;
 
 sub usage

From a8927f42f16a436b22a9fc16a25c0cc30ea336e2 Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Thu, 22 Apr 2021 14:02:11 +0300
Subject: [PATCH 4/6] Fix formatting

---
 changepass.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changepass.pl b/changepass.pl
index 2379260c9..f3f30dab1 100755
--- a/changepass.pl
+++ b/changepass.pl
@@ -17,7 +17,7 @@ if ($status != 0) {
 		}
 	else {
 		print "Error: $!\n";		
-	}
+		}
 }
 exit $status;
 

From c974590077d160b4c0c3e2eb06d9282f4677fdb7 Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Thu, 22 Apr 2021 14:02:33 +0300
Subject: [PATCH 5/6] Fix more formatting

---
 changepass.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changepass.pl b/changepass.pl
index f3f30dab1..746e8cae1 100755
--- a/changepass.pl
+++ b/changepass.pl
@@ -18,7 +18,7 @@ if ($status != 0) {
 	else {
 		print "Error: $!\n";		
 		}
-}
+	}
 exit $status;
 
 sub usage

From f437eab3c4cb5bdc4b07980e394ba9f012739ffb Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Sun, 25 Apr 2021 12:34:40 +0300
Subject: [PATCH 6/6] Improve passwd change command
 https://github.com/webmin/webmin/pull/1477#issuecomment-825446689

  1. Allow passing username as regular param
  2. Do no print verbose `Success:` on success
---
 bin/passwd | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/bin/passwd b/bin/passwd
index e996d4753..26ffc5605 100755
--- a/bin/passwd
+++ b/bin/passwd
@@ -16,10 +16,18 @@ sub main
                'config|c=s'   => \$opt{'config'},
                'user|u=s'     => \$opt{'user'},
                'password|p=s' => \$opt{'password'});
-    pod2usage(0) if ($opt{'help'} || !$opt{'user'});
 
-    $opt{'config'}   ||= "/etc/webmin";
+    # If username passed as regular param
+    my $user = scalar(@ARGV) == 1 && $ARGV[0];
 
+    # Show usage
+    pod2usage(0) if ($opt{'help'} || (!$opt{'user'} && !$user));
+
+    # Assign defaults
+    $opt{'config'} ||= "/etc/webmin";
+    $opt{'user'} = $user if ($user && !$opt{'user'});
+
+    # Catch kill signal
     my $sigkill = sub {
         system("stty echo");
         print "\n^C";
@@ -28,6 +36,7 @@ sub main
     };
     $SIG{INT} = \&$sigkill;
 
+    # Run change password command
     change_password(\%opt);
 
     return 0;
@@ -87,7 +96,7 @@ sub change_password
 
     # Check for main user file
     &$conf_check([$minserv_uconf_file]);
-    
+
     # Read and parse `miniserv.users` config file
     read_file($minserv_uconf_file, \%lusers, undef, undef, ":");
     @users = keys %lusers;
@@ -104,7 +113,7 @@ sub change_password
     }
 
     # Ask for password on stdin
-    my $suc_pre_msg = GREEN . 'Success:' . RESET;
+    my $suc_pre_msg = "";
     my $suc_msg     = 'updated successfully';
     if (!$pass) {
         print "Enter password for user ", BRIGHT_YELLOW, $user, RESET, ":";
@@ -123,7 +132,7 @@ sub change_password
         }
         chomp $pass;
         if (!$pass) {
-            $suc_pre_msg = BOLD BRIGHT_RED ON_WHITE . 'Warning:' . RESET;
+            $suc_pre_msg = BOLD BRIGHT_RED ON_WHITE . 'Warning:' . RESET . " ";
             $suc_msg     = "has been removed, enabling anyone to login without authentication";
         }
     }
@@ -142,7 +151,7 @@ sub change_password
     system("$confdif/start >/dev/null 2>&1");
 
     # Print user message
-    say "$suc_pre_msg Password for Webmin user ", BRIGHT_YELLOW, $user, RESET, " $suc_msg";
+    say "${suc_pre_msg}Password for Webmin user ", BRIGHT_YELLOW, $user, RESET, " $suc_msg";
 
     exit 0;
 }
@@ -199,6 +208,8 @@ Print this usage summary and exit.
 
 Examples of usage:
 
+ - passwd root
+
  - passwd --user root
  
  - passwd --user root --password ycwyMQRVAZY