Fix login for users which already logged in with previous authd version

We only store the UGID of users since
edd2399, which has not been released
yet. Therefore, we also need to search groups by name to avoid that we
try to generate a new GID for them (which involves registering a
temporary name, which fails because the name already exists).

internal/users/manager.go

@@ -161,14 +161,12 @@ func (m *Manager) UpdateUser(u types.UserInfo) (err error) {
 		}
 
 		// Check if the group already exists in the database
-		// We search by UGID because this is a non-local group
-		// and it should have a unique UGID
-		oldGroup, err := m.cache.GroupByUGID(g.UGID)
+		oldGroup, err := m.findGroup(g)
 		if err != nil && !errors.Is(err, cache.NoDataFoundError{}) {
 			return err
 		}
 		// Keep the old GID if the group already exists in the database, to avoid permission issues
-		if !errors.Is(err, cache.NoDataFoundError{}) {
+		if err == nil {
 			g.GID = &oldGroup.GID
 		}
 
@@ -213,6 +211,21 @@ func (m *Manager) UpdateUser(u types.UserInfo) (err error) {
 	return nil
 }
 
+func (m *Manager) findGroup(group types.GroupInfo) (oldGroup cache.GroupDB, err error) {
+	// Search by UGID first to support renaming groups
+	oldGroup, err = m.cache.GroupByUGID(group.UGID)
+	if err != nil && !errors.Is(err, cache.NoDataFoundError{}) {
+		return oldGroup, err
+	}
+	if err == nil {
+		return oldGroup, nil
+	}
+
+	// The group was not found by UGID. Search by name, because we didn't store the UGID in 0.3.7 and earlier.
+	log.Debugf(context.Background(), "Group %q not found by UGID %q, trying by name", group.Name, group.UGID)
+	return m.cache.GroupByName(group.Name)
+}
+
 // checkHomeDirOwnership checks if the home directory of the user is owned by the user and the user's group.
 // If not, it logs a warning.
 func checkHomeDirOwnership(home string, uid, gid uint32) error {