Since introduction of the DAC security driver we've documented that
seclabels with a leading + can be used with numerical uid. This would
not work though with the rest of libvirt if the uid was not actually
used in the system as we'd fail when trying to get a list of
supplementary groups for the given uid. Since a uid without entry in
/etc/passwd (or other user database) will not have any supplementary
groups we can treat the failure to obtain them as such.

This patch modifies virGetGroupList to not report the error for missing
users and makes it return an empty list or just the group specified in
@gid.

All callers will grant less permissions to a user in case of failure of
this function and thus this change is safe.