From 5c6beb0d6abda1f5dff264120b9616d083bf7dc8b4bfd64c2ada05a9cf65ff14 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= <tchvatal@suse.com>
Date: Thu, 26 Sep 2019 12:31:52 +0000
Subject: [PATCH 1/2] Accepting request 732909 from
 home:iznogood:branches:multimedia:libs

- Pass --disable-running-from-build-tree to configure for improving
  build reproducibility.
- Add pulseaudio-rpmlintrc: Filter out false positive warnings
  about hidden files in pulseaudio-gdm-hooks.

OBS-URL: https://build.opensuse.org/request/show/732909
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/pulseaudio?expand=0&rev=213
---
 pulseaudio-rpmlintrc | 3 +++
 pulseaudio.changes   | 8 ++++++++
 pulseaudio.spec      | 2 ++
 3 files changed, 13 insertions(+)
 create mode 100644 pulseaudio-rpmlintrc

diff --git a/pulseaudio-rpmlintrc b/pulseaudio-rpmlintrc
new file mode 100644
index 0000000..3876101
--- /dev/null
+++ b/pulseaudio-rpmlintrc
@@ -0,0 +1,3 @@
+# Filter out warnings about hidden files in pulseaudio-gdm-hooks -- they are ok/expected
+addFilter("hidden-file-or-dir .*/usr/share/factory/var/lib/gdm/.pulse")
+addFilter("hidden-file-or-dir .*/var/lib/gdm/.pulse")
diff --git a/pulseaudio.changes b/pulseaudio.changes
index a7aa25c..ed99d30 100644
--- a/pulseaudio.changes
+++ b/pulseaudio.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Sun Sep 22 19:40:15 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Pass --disable-running-from-build-tree to configure for improving
+  build reproducibility.
+- Add pulseaudio-rpmlintrc: Filter out false positive warnings
+  about hidden files in pulseaudio-gdm-hooks.
+
 -------------------------------------------------------------------
 Mon Sep 16 08:42:14 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
 
diff --git a/pulseaudio.spec b/pulseaudio.spec
index 7179646..957c9fd 100644
--- a/pulseaudio.spec
+++ b/pulseaudio.spec
@@ -41,6 +41,7 @@ Source6:        disable_flat_volumes.conf
 Source7:        pulseaudio.tmpfiles
 Source8:        pulseaudio-gdm-hooks.tmpfiles
 Source9:        client-system.conf
+Source98:       pulseaudio-rpmlintrc
 Source99:       baselibs.conf
 Patch0:         disabled-start.diff
 Patch1:         suppress-socket-error-msg.diff
@@ -355,6 +356,7 @@ export CFLAGS="%{optflags} -fPIE"
 %configure \
 	--disable-static \
 	--disable-rpath \
+	--disable-running-from-build-tree \
 %ifarch armv5tel armv6hl
 	--disable-neon-opt \
 %endif

From af64dda064efedf0d6df6fd6db495c25289dd40b0467b7b6ceefda4c9ffed9b5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= <tchvatal@suse.com>
Date: Wed, 9 Oct 2019 10:41:25 +0000
Subject: [PATCH 2/2] Accepting request 735898 from
 home:fcrozat:pulseaudio-gdm-fix

- Update pulseaudio-gdm-hooks.tmpfiles to use the same ownership
  and permissions as in specfile for pulseaudio files.
- Update default.pa-for-gdm to not load bluetooth support in
  pulseaudio gdm instance. This ensure headset are not stolen by
  gdm instance instead of user instance. Idea from ArchLinux.
- Update pulseaudio-old-systemd-workaround.patch to disable
  LockPersonality also on Leap 15.x.

OBS-URL: https://build.opensuse.org/request/show/735898
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/pulseaudio?expand=0&rev=214
---
 default.pa-for-gdm                      | 14 ++++++++++++++
 pulseaudio-gdm-hooks.tmpfiles           |  4 ++--
 pulseaudio-old-systemd-workaround.patch | 15 ++++++++++++---
 pulseaudio.changes                      | 11 +++++++++++
 4 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/default.pa-for-gdm b/default.pa-for-gdm
index 62d820b..43dc7ed 100644
--- a/default.pa-for-gdm
+++ b/default.pa-for-gdm
@@ -10,3 +10,17 @@ load-module module-suspend-on-idle
 load-module module-console-kit
 load-module module-position-event-sounds
 
+### unload driver modules for Bluetooth hardware
+### this ensure Bluetooth headset are not stolen by gdm pulseaudio instance
+.nofail
+
+.ifexists module-bluetooth-policy.so
+unload-module module-bluetooth-policy
+.endif
+
+.ifexists module-bluetooth-discover.so
+unload-module module-bluetooth-discover
+.endif
+
+.fail
+
diff --git a/pulseaudio-gdm-hooks.tmpfiles b/pulseaudio-gdm-hooks.tmpfiles
index 3a9be6b..66cd32b 100644
--- a/pulseaudio-gdm-hooks.tmpfiles
+++ b/pulseaudio-gdm-hooks.tmpfiles
@@ -1,2 +1,2 @@
-d /var/lib/gdm/.pulse 0755 - - -
-C /var/lib/gdm/.pulse/default.pa 0644 - - - /usr/share/factory/var/lib/gdm/.pulse/default.pa
+d /var/lib/gdm/.pulse 0700 gdm gdm -
+C /var/lib/gdm/.pulse/default.pa 0600 gdm gdm - /usr/share/factory/var/lib/gdm/.pulse/default.pa
diff --git a/pulseaudio-old-systemd-workaround.patch b/pulseaudio-old-systemd-workaround.patch
index 4ab5b9d..110a3db 100644
--- a/pulseaudio-old-systemd-workaround.patch
+++ b/pulseaudio-old-systemd-workaround.patch
@@ -2,9 +2,18 @@
  src/daemon/systemd/user/pulseaudio.service.in |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
---- a/src/daemon/systemd/user/pulseaudio.service.in
-+++ b/src/daemon/systemd/user/pulseaudio.service.in
-@@ -24,7 +24,7 @@ NoNewPrivileges=yes
+Index: pulseaudio-13.0/src/daemon/systemd/user/pulseaudio.service.in
+===================================================================
+--- pulseaudio-13.0.orig/src/daemon/systemd/user/pulseaudio.service.in	2019-09-13 15:10:23.000000000 +0200
++++ pulseaudio-13.0/src/daemon/systemd/user/pulseaudio.service.in	2019-10-07 17:43:52.208067968 +0200
+@@ -18,13 +18,13 @@
+ 
+ [Service]
+ ExecStart=@PA_BINARY@ --daemonize=no
+-LockPersonality=yes
++#LockPersonality=yes
+ MemoryDenyWriteExecute=yes
+ NoNewPrivileges=yes
  Restart=on-failure
  RestrictNamespaces=yes
  SystemCallArchitectures=native
diff --git a/pulseaudio.changes b/pulseaudio.changes
index ed99d30..b6e4339 100644
--- a/pulseaudio.changes
+++ b/pulseaudio.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Mon Oct  7 15:25:25 UTC 2019 - Frederic Crozat <fcrozat@suse.com>
+
+- Update pulseaudio-gdm-hooks.tmpfiles to use the same ownership
+  and permissions as in specfile for pulseaudio files.
+- Update default.pa-for-gdm to not load bluetooth support in 
+  pulseaudio gdm instance. This ensure headset are not stolen by
+  gdm instance instead of user instance. Idea from ArchLinux.
+- Update pulseaudio-old-systemd-workaround.patch to disable
+  LockPersonality also on Leap 15.x.
+
 -------------------------------------------------------------------
 Sun Sep 22 19:40:15 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>