(#12457) add users primary group, not Process.gid, in initgroups
The Process.gid (real gid) was always included when initialising supplementary
groups in the initgroups method (called when changing the euid via the
change_user method). This has been replaced by the primary gid of the user.
This led to a privilege leak, as well as a potential surprise when it came to
file ownership, in both the agent and the master.
Fix and analysis by Dominic Cleal <dcleal@redhat.com>
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>