Comment 4 for bug 1830117

I took a clean VM (Bionic)
And set things up

$ sudo apt install libpam-mount
$ sudo mkdir /mnt/foo
$ sudo fallocate -l 10M /mnt/foo.img
$ sudo mkfs.ext4 /mnt/foo.img

Add the volume config:
<volume user="ubuntu" path="/mnt/foo.img" mountpoint="/mnt/foo" fstype="ext4" />

# Enable ssh login for user ubuntu and another user in my case "notubuntu"
$ id ubuntu
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),108(lxd),114(netdev)
ubuntu@bionic-ipvsadm:~$ id notubuntu
uid=1002(notubuntu) gid=1002(notubuntu) groups=1002(notubuntu)

So I could also use grp sudo and such later on.

Logging in as ubuntu gives me
ubuntu@bionic-ipvsadm:~$ mount | grep foo
/mnt/foo.img on /mnt/foo type ext4 (rw,relatime,data=ordered)

Logging in as "notubuntu" does not mount the device.

ALl as it should be right?
Now checking this volume definition:
  <volume sgrp="sudo" path="/mnt/foo.img" mountpoint="/mnt/foo" fstype="ext4" />

Still working to mount when "ubuntu" logs in (being member of sudo) and not mounting when "notubuntu" logs in.

Could you show us
$ id <yourusername>
If it even is a member of group "MYGROUP"
That pretty much sounds like a samba group which isn't what pam checks.
It checks the local systems group membership.