From 57992c1e428e8837350a5903be7dc01c562a7dff Mon Sep 17 00:00:00 2001
From: Benjamin Berg <bberg@redhat.com>
Date: Mon, 23 Sep 2019 14:10:40 +0200
Subject: [PATCH] Stop certain environment variables from leaking betweens
 sessions

https://gitlab.gnome.org/GNOME/gnome-session/merge_requests/23

Resolves: #1753191
---
 ...ome-environment-variables-on-systemd.patch | 74 +++++++++++++++++++
 gnome-session.spec                            |  8 +-
 2 files changed, 81 insertions(+), 1 deletion(-)
 create mode 100644 0001-util-Unset-some-environment-variables-on-systemd.patch

diff --git a/0001-util-Unset-some-environment-variables-on-systemd.patch b/0001-util-Unset-some-environment-variables-on-systemd.patch
new file mode 100644
index 0000000..97fa517
--- /dev/null
+++ b/0001-util-Unset-some-environment-variables-on-systemd.patch
@@ -0,0 +1,74 @@
+From 5fc69b5c8662167a3106550ad619edc2a0a5cdf6 Mon Sep 17 00:00:00 2001
+From: Benjamin Berg <bberg@redhat.com>
+Date: Mon, 23 Sep 2019 11:53:52 +0200
+Subject: [PATCH] util: Unset some environment variables on systemd
+
+Variables like GNOME_SHELL_SESSION_MODE may not always be set at login,
+causing them to survive between session. Add a list of variables that
+need to be unset, and explicitly unset them on the systemd side.
+
+The list is taken from GDMs list of variables.
+---
+ gnome-session/gsm-util.c | 25 +++++++++++++++++++++----
+ 1 file changed, 21 insertions(+), 4 deletions(-)
+
+diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
+index 1528723c..5eec41f2 100644
+--- a/gnome-session/gsm-util.c
++++ b/gnome-session/gsm-util.c
+@@ -43,6 +43,16 @@ static const char * const variable_blacklist[] = {
+     NULL
+ };
+ 
++/* The following is copied from GDMs spawn_session function */
++static const char * const variable_unsetlist[] = {
++    "DISPLAY",
++    "XAUTHORITY",
++    "WAYLAND_DISPLAY",
++    "WAYLAND_SOCKET",
++    "GNOME_SHELL_SESSION_MODE",
++    NULL
++};
++
+ char *
+ gsm_util_find_desktop_file_for_app_name (const char *name,
+                                          gboolean    look_in_saved_session,
+@@ -619,7 +629,14 @@ gsm_util_export_user_environment (GError     **error)
+         for (; variable_blacklist[i] != NULL; i++)
+                 entries = g_environ_unsetenv (entries, variable_blacklist[i]);
+ 
+-        g_variant_builder_init (&builder, G_VARIANT_TYPE ("as"));
++        g_variant_builder_init (&builder, G_VARIANT_TYPE ("(asas)"));
++
++        g_variant_builder_open (&builder, G_VARIANT_TYPE ("as"));
++        for (; variable_unsetlist[i] != NULL; i++)
++                g_variant_builder_add (&builder, "s", variable_unsetlist[i]);
++        g_variant_builder_close (&builder);
++
++        g_variant_builder_open (&builder, G_VARIANT_TYPE ("as"));
+         for (i = 0; entries[i] != NULL; i++) {
+                 const char *entry = entries[i];
+ 
+@@ -631,6 +648,7 @@ gsm_util_export_user_environment (GError     **error)
+ 
+                 g_variant_builder_add (&builder, "s", entry);
+         }
++        g_variant_builder_close (&builder);
+         g_regex_unref (regex);
+ 
+         g_strfreev (entries);
+@@ -639,9 +657,8 @@ gsm_util_export_user_environment (GError     **error)
+                                              "org.freedesktop.systemd1",
+                                              "/org/freedesktop/systemd1",
+                                              "org.freedesktop.systemd1.Manager",
+-                                             "SetEnvironment",
+-                                             g_variant_new ("(@as)",
+-                                                            g_variant_builder_end (&builder)),
++                                             "UnsetAndSetEnvironment",
++                                             g_variant_builder_end (&builder),
+                                              NULL,
+                                              G_DBUS_CALL_FLAGS_NONE,
+                                              -1, NULL, &bus_error);
+-- 
+2.21.0
+
diff --git a/gnome-session.spec b/gnome-session.spec
index 9c2f5c1..d949242 100644
--- a/gnome-session.spec
+++ b/gnome-session.spec
@@ -9,7 +9,7 @@
 
 Name: gnome-session
 Version: 3.34.0
-Release: 2%{?dist}
+Release: 3%{?dist}
 Summary: GNOME session manager
 
 License: GPLv2+
@@ -26,6 +26,7 @@ Patch4: 0001-check-accelerated-gles-Use-eglGetPlatformDisplay-EXT.patch
 Patch5: 0001-Add-support-for-new-ConfirmedRebootToBootOptions-sig.patch
 Patch6: 0002-Fedora-Set-grub-boot-flags-on-shutdown-reboot.patch
 Patch7: 0001-util-Blacklist-NOTIFY_SOCKET.patch
+Patch8: 0001-util-Unset-some-environment-variables-on-systemd.patch
 
 BuildRequires: meson
 BuildRequires: gcc
@@ -130,6 +131,11 @@ Desktop file to add GNOME on wayland to display manager session menu.
 %{_userunitdir}/gnome-session*
 
 %changelog
+* Mon Sep 23 2019 Benjamin Berg <bberg@redhat.com> - 3.34.0-3
+- Stop certain environment variables from leaking betweens sessions
+  https://gitlab.gnome.org/GNOME/gnome-session/merge_requests/23
+- Resolves: #1753191
+
 * Thu Sep 19 2019 Debarshi Ray <rishi@fedoraproject.org> - 3.34.0-2
 - Stop NOTIFY_SOCKET from leaking into the GNOME environment