Describe the feature

macos_user should be able to update passwords and be more atomic

Describe the reasoning behind the feature

The macos_user resource is currently inconsistent about what it does with the password parameter. For a brand new user, invoking the :create action will cause a new user to be created with whatever password you specify. Everything is initialized in a consistent manner.

• This makes a user that logs in with the password you specified.
• The user's keychain uses a password you specified.
• Autologin uses the password you specified.

But if you invoke the :create action for an existing user but specify a new password, only the autologin password is updated. Resulting in a machine that won't autologin since the passwords are out of sync.

This results in the awkward situation that I need to use just one resource to create a brand new user that is completely configured with a particular password, but I have to write my own resources in order to update that user's password after the fact, a different resource to update the keychain's password (or accept that it will have to start over from scratch), and still call the macos_user to get the autologin password updated.