If a group is defined in /etc/authpf/authpf.allowed and a user,
which is not in the defined group, tries to login with authpf, the login
attempt will fail. If the user is in the defined group and the group is not the
last entry in /etc/group, the login will also fail <- wrong.
Is the user not a member of any group defined as allowed in the authpf
file, but the user is member of the group which is the last entry in /etc/group, the
login will work <- wrong.
1. Create a authpf setup for e.g. test_user1.
2. Add test_user1 to a group which isn't the last entry in /etc/group e.g. network.
3. Add a group to /etc/authpf/authpf.allowed which not includes the user test_user1 e.g. proxy.
4. Try to login -> login isn't possible.
5. Change the placement of the group network (which includes the user) to be the last entry in /etc/group.
6. Try to login -> login is possible.
1. Change /etc/authpf/authpf.allowed to include the group network (which include the user test_user1).
2. Change the position of the group network in /etc/group, so it isn't the last entry.
3. Try to login -> login isn't possible.
Workaround (Thanks to Luigi):
--- authpf.c_orig Mon Nov 29 21:57:04 2010
+++ authpf.c Thu Nov 10 17:07:30 2011
@@ -518,18 +518,18 @@
struct group *group;