PAM is reverting the group of devices to user IDs, creating arbitrary wrong results.

Examples (nobody logged on from console as no keyboard is attached):
(1) (The usual setup)
/etc/security/console.perms:
[...]
<console>  0600 <sound>      0660 root.audio 
[...]
# pam_console_apply -r
# ll /dev/sound/dsp
crw-rw----  1 root root 14, 3 11. Nov 23:57 /dev/sound/dsp

Result: wrong group on device

(2) (A test with my user)
[...]
<console>  0600 <sound>      0660 christian.users
[...]
# pam_console_apply -r
# ll /dev/sound/dsp
crw-rw----  1 christian 1000 14, 3 11. Nov 23:57 /dev/sound/dsp

Result: wrong group 1000 on device, this group does not exist, but is the user id(!) of user christian

(3) (A test with a random user)
[...]
<console>  0600 <sound>      0660 cyrus.audio
[...]
# pam_console_apply -r
# ll /dev/sound/dsp
crw-rw----  1 cyrus usb 14, 3 11. Nov 23:57 /dev/sound/dsp
# grep cyrus /etc/passwd
cyrus:x:85:12::/usr/cyrus:/bin/false
# grep usb /etc/group
usb:x:85:

Result: PAM has used the group ID of the user instead of the supplied group in console.perms or at least the correct group id of the user.


Reproducible: Always
Steps to Reproduce:
1. Set up revert permissions in console.perms to a revert-owner that has a group id different from the user id
2. run "pam_console_apply -r" with nobody logged on at the console
3. check group of the affected device

Actual Results:  
The user id of the revert-owner is used as group on the device

Expected Results:  
The supplied revert-group id from console.perms should have been used or at
least the group id of the revert-owner

I'm running a pure udev system without device tarball:
conf.d/rc:RC_DEVICE_TARBALL="no"

Installed packages:
sys-libs/pam-0.77-r1  
sys-apps/baselayout-1.9.4-r6  
sys-apps/shadow-4.0.5-r2  

# emerge info
Portage 2.0.51-r3 (default-linux/x86/2004.3, gcc-3.3.4, glibc-2.3.4.20040808-r1,
2.6.9-gentoo-r1 i686)
=================================================================
System uname: 2.6.9-gentoo-r1 i686 Intel(R) Celeron(R) CPU 1.70GHz
Gentoo Base System version 1.4.16
distcc 2.16 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r5
Automake: sys-devel/automake-1.8.5-r1
Binutils: sys-devel/binutils-2.14.90.0.8-r1
Headers:  sys-kernel/linux26-headers-2.6.8.1
Libtools: sys-devel/libtool-1.5.2-r5
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
COMPILER=""
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config
/usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown
/usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache distcc distlocks sandbox sfperms"
GENTOO_MIRRORS="ftp://ftp.tu-clausthal.de/pub/linux/gentoo/
ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo
http://gentoo.oregonstate.edu/
http://www.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X alsa apm arts avi bitmap-fonts cdr cups dvd dvdr encode f77 fam flac
foomaticdb fortran gif gpm gtk2 imlib java jpeg junit kde libwww mmx mozilla
mpeg ncurses nls nptl oggvorbis pam pdflib perl png ppds python qt readline sdl
slang spell ssl svga tcpd tiff truetype usb x86 xml2 xmms xv zlib linguas_de"