local tArgs = {...}

if #tArgs < 1 then
 kerneldraw.printAppInfo("passwd", "Specify a user")
 return
end

if not security.getSU() then
 exception.throw("RestrictedOpsException")
 return
end

if fs.exists("/etc/passwd/"..tArgs[1]..".dat") and not fs.isDir("/etc/passwd/"..tArgs[1]..".dat") then
 local passwd = nil
 local passwd_reenter = nil
 passwd =  kernel.secureInputReturn("New Password: ")
 os.pullEvent = function()
  local eventData = { os.pullEventRaw( _sFilter ) }
  if eventData[1] == "terminate" then
   error( "Terminated", 0 )
  end
  return unpack( eventData )
 end
 if passwd == "" or passwd == nil then
  kerneldraw.printAppInfo("passwd","Invalid password")
  return
 else
  passwd_reenter = kernel.secureInput("Reenter: ", passwd)
  os.pullEvent = function()
   local eventData = { os.pullEventRaw( _sFilter ) }
   if eventData[1] == "terminate" then
    error( "Terminated", 0 )
   end
   return unpack( eventData )
  end
  if not passwd == passwd_reenter then
   kerneldraw.printAppInfo("passwd","Passwords don't match")
   return
  end
 end
 if security.passbyte(tArgs[1], passwd) then
  kerneldraw.printAppSuccess("passwd", "Password of user "..tArgs[1].." changed")
  log.writeSecurity("Password of user "..tArgs[1].." changed")
 else
  kerneldraw.printAppInfo("passwd", "Failed to change password")
  log.writeSecurity("Failed to change password")
 end
else
 kerneldraw.printAppInfo("security", "User " .. tArgs[1] .. " does not exist")
end