From a4cddac368976f7fd7f97f5af0cf59d7fd032dfd Mon Sep 17 00:00:00 2001
From: Rezart Qelibari <rqelibari@users.noreply.github.com>
Date: Tue, 15 Nov 2016 01:52:25 +0100
Subject: [PATCH] Update system/group.py module.

Add ability to add system groups with next free system gid (< 500) on macOS.
---
 system/group.py | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/system/group.py b/system/group.py
index f6628727808dd6..efff0f2e3ddac1 100644
--- a/system/group.py
+++ b/system/group.py
@@ -269,6 +269,11 @@ def group_add(self, **kwargs):
         cmd += [ '-o', 'create' ]
         if self.gid is not None:
             cmd += [ '-i', self.gid ]
+        elif 'system' in kwargs and kwargs['system'] == True:
+            gid = self.get_lowest_available_system_gid()
+            if gid != False:
+                self.gid = str(gid)
+                cmd += [ '-i', self.gid ]
         cmd += [ '-L', self.name ]
         (rc, out, err) = self.execute_command(cmd)
         return (rc, out, err)
@@ -291,6 +296,26 @@ def group_mod(self, gid=None):
             (rc, out, err) = self.execute_command(cmd)
             return (rc, out, err)
         return (None, '', '')
+    
+    def get_lowest_available_system_gid(self):
+        # check for lowest available system gid (< 500)
+        try:
+            cmd = [self.module.get_bin_path('dscl', True)]
+            cmd += [ '/Local/Default', '-list', '/Groups', 'PrimaryGroupID']
+            (rc, out, err) = self.execute_command(cmd)
+            lines = out.splitlines()
+            highest = 0
+            for group_info in lines:
+                parts = group_info.split(' ')
+                if len(parts) > 1:
+                    gid = int(parts[-1])
+                    if gid > highest and gid < 500:
+                        highest = gid
+            if highest == 0 or highest == 499:
+                return False
+            return (highest + 1)
+        except:
+            return False
 
 class OpenBsdGroup(Group):
     """