src/passwd.c: add audit messages for passwd

src/passwd.c: add audit messages for passwd

Add comprehensive audit messages for password operations, including
unlock, delete and expire operations.

Change update_shadow() to look up the actual target user instead of
using a dummy `passwd` struct. This ensures audit logging gets the
correct target UID. Audit logs should record the UID of the user being
affected (target), not the UID of whoever is running the passwd command
(source).

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>