Simplify homedir content and junk removal.

Give _x11 access to the authorization file.

x11/gnome/gdm/Makefile

@@ -1,9 +1,10 @@
-# $OpenBSD: Makefile,v 1.282 2020/05/14 15:25:53 ajacoutot Exp $
+# $OpenBSD: Makefile,v 1.283 2020/07/04 17:19:20 ajacoutot Exp $
 
 COMMENT=		GNOME display manager
 
 GNOME_PROJECT=		gdm
 GNOME_VERSION=		3.36.2
+REVISION=		0
 
 DISTFILES=		${DISTNAME}${EXTRACT_SUFX} puflogh1000X248.gif:0
 EXTRACT_ONLY=		${DISTNAME}${EXTRACT_SUFX}
@@ -105,10 +106,6 @@ post-install:
 		${PREFIX}/share/glib-2.0/schemas/10_org.gnome.login-screen.gschema.override
 	mv ${WRKINST}/etc/gdm ${PREFIX}/share/examples/gdm/etc
 	mv ${WRKINST}/etc/dbus-1 ${PREFIX}/share/examples/gdm/etc
-	mv ${WRKINST}/var/db/gdm ${PREFIX}/share/examples/gdm/var/db
-	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/gdm/var/db/gdm/.pulse
-	${INSTALL_DATA} ${FILESDIR}/client.conf \
-		${PREFIX}/share/examples/gdm/var/db/gdm/.pulse
 	${INSTALL_DATA} ${FILESDIR}/locale.conf \
 		${PREFIX}/share/examples/gdm/etc/gdm/locale.conf
 	${SUBST_CMD} -m 0555 -c -o ${BINOWN} -g ${BINGRP} \

x11/gnome/gdm/files/client.conf

@@ -1,2 +0,0 @@
-autospawn = no
-daemon-binary = /usr/bin/true

x11/gnome/gdm/patches/patch-daemon_gdm-display-access-file_c

@@ -0,0 +1,39 @@
+$OpenBSD: patch-daemon_gdm-display-access-file_c,v 1.1 2020/07/04 17:19:20 ajacoutot Exp $
+
+The X(7) server runs as the _x11 user, so give it read access to the
+authorization file to prevent:
+(EE) Failed to open authorization file "/var/run/gdm/auth-for-_gdm-XXXXXX/database": Permission denied
+
+Index: daemon/gdm-display-access-file.c
+--- daemon/gdm-display-access-file.c.orig
++++ daemon/gdm-display-access-file.c
+@@ -256,6 +256,7 @@ _create_xauth_file_for_user (const char  *username,
+         FILE   *fp;
+         uid_t   uid;
+         gid_t   gid;
++        gid_t   x11_gid;
+ 
+         g_assert (filename != NULL);
+ 
+@@ -339,7 +340,7 @@ _create_xauth_file_for_user (const char  *username,
+         errno = 0;
+         fd = g_open (auth_filename,
+                      O_RDWR | O_CREAT | O_EXCL | O_BINARY,
+-                     S_IRUSR | S_IWUSR);
++                     S_IRUSR | S_IWUSR | S_IRGRP);
+ 
+         if (fd < 0) {
+                 g_set_error (error,
+@@ -351,9 +352,10 @@ _create_xauth_file_for_user (const char  *username,
+                 goto out;
+         }
+ 
+-        g_debug ("GdmDisplayAccessFile: chowning %s to %u:%u", auth_filename, (guint)uid, (guint)gid);
++        x11_gid = 35;
++        g_debug ("GdmDisplayAccessFile: chowning %s to %u:%u", auth_filename, (guint)uid, (guint)x11_gid);
+         errno = 0;
+-        if (fchown (fd, uid, gid) < 0) {
++        if (fchown (fd, uid, x11_gid) < 0) {
+                 g_set_error (error,
+                              G_FILE_ERROR,
+                              g_file_error_from_errno (errno),

x11/gnome/gdm/pkg/PLIST

@@ -1,16 +1,10 @@
-@comment $OpenBSD: PLIST,v 1.96 2020/05/14 15:25:54 ajacoutot Exp $
+@comment $OpenBSD: PLIST,v 1.97 2020/07/04 17:19:20 ajacoutot Exp $
 @comment starts a full gnome-session as _gdm which requires a valid homedir
 @newgroup _gdm:676
 @newuser _gdm:676:_gdm:daemon:GNOME Display Manager:/var/db/gdm:/sbin/nologin
-@extraunexec find /var/db/gdm/.pulse -type f ! -name client.conf -exec rm -f '{}' \;
-@extraunexec rm -rf /var/db/gdm/.ICEauthority
-@extraunexec rm -rf /var/db/gdm/.aucat_cookie
-@extraunexec rm -rf /var/db/gdm/.cache
-@extraunexec rm -rf /var/db/gdm/.color
-@extraunexec rm -rf /var/db/gdm/.dbus
-@extraunexec rm -rf /var/db/gdm/.config
-@extraunexec rm -rf /var/db/gdm/.gvfs
-@extraunexec rm -rf /var/db/gdm/.local/share/{sounds,icc,gnome-shell,telepathy}
+@extraunexec rm -rf /var/db/gdm/.local/share/applications/*
+@extraunexec rm -rf /var/db/gdm/.local/share/!(applications)
+@extraunexec rm -rf /var/db/gdm/.!(local)
 @extraunexec rm -rf /var/db/gdm/*
 @extraunexec rm -rf /var/cache/gdm/*
 @extraunexec rm -rf /var/log/gdm/*
@@ -98,12 +92,6 @@ share/examples/gdm/var/db/gdm/.local/share/
 @sample /var/db/gdm/.local/share/
 share/examples/gdm/var/db/gdm/.local/share/applications/
 @sample /var/db/gdm/.local/share/applications/
-@mode 0700
-share/examples/gdm/var/db/gdm/.pulse/
-@sample /var/db/gdm/.pulse/
-@mode
-share/examples/gdm/var/db/gdm/.pulse/client.conf
-@sample /var/db/gdm/.pulse/client.conf
 @owner
 @group
 share/gdm/gdb-cmd