<ixr3:matrix.org> forums.whonix.org/t/monero-wallet-gui-appimage-no-longer-runs/22980

<ixr3:matrix.org> @ixr3:matrix.org: The Whonix team requests that reporters reach out to the Monero developers

<ixr3:matrix.org> Monero uses X11, which is less secure. Security-focused desktops are deprecating or disabled X11, so Monero’s GUI can't run on those systems.

<ixr3:matrix.org> Wayland support is desired

<ofrnxmr:xmr.mx> @ixr3:matrix.org: Iiuc, =wayland does always work

<ofrnxmr:xmr.mx> But on a system that is wayland-only, and soecified with x11-fallback, then it doesnt work

<ixr3:matrix.org> @ofrnxmr:xmr.mx: Not in Whonix. Must use =xcb

<ixr3:matrix.org> The same for secureblue

<ofrnxmr:xmr.mx> =wayland doesnt use xwayland

<ofrnxmr:xmr.mx> Nobody in that thread suggested to use =wayland

<ofrnxmr:xmr.mx> Tbf i dont use any wayland hosts for desktops, so i have no idea. It "just works" here

<ixr3:matrix.org> @ofrnxmr:xmr.mx: xcb does

<ixr3:matrix.org> @ofrnxmr:xmr.mx: Right now Monero GUI do not work on some Wayland desktops without setting =xcb, which is less secure and disabled on some security-focused desktops.

<ixr3:matrix.org> Flatpak has known security limitations and vulnerabilities often app.opencve.io/cve/CVE-2026-34078. I'd prefer to run Monero's signed binaries in a stronger Wayland-only sandbox because X11 is prone to sandbox escapes

<ixr3:matrix.org> I will open an issue on github in a few days

<ofrnxmr:xmr.mx> According to bigpixel, =wayland works > <@ixr3:matrix.org> xcb does

<ofrnxmr:xmr.mx> monero-project/monero-gui #4014#issuecomment-1224339036

<ixr3:matrix.org> In 2022

<ixr3:matrix.org> I'm testing right now. It does not work

<ofrnxmr> What changed?

<ixr3:matrix.org> @ofrnxmr: I don't know. I will look into it more carefully before I open an issue in the next days

<ixr3:matrix.org> In 2022 all desktops used qt5 and now qt6

<ixr3:matrix.org> A Whonix dev says:

<ixr3:matrix.org> What went wrong here is that the Monero GUI appears to contain an embedded copy of Qt that only has the X11 adapter. Whonix 18 uses a Wayland display server, and tries to tell all applications to use the Wayland adapter for security reasons.

<ixr3:matrix.org> I don't know if that is true

<jpk68:matrix.org> This could be solved by Whonix just shipping xwayland but I could be wrong

<jpk68:matrix.org> I'd assume the Monero GUI is far from the only application that wouldn't work. For example, I need xwayland to use KeePassXC on Wayland

<jpk68:matrix.org> Maybe that's too much of a security risk for them

<ixr3:matrix.org> @jpk68:matrix.org: Yes they do. It works with =xcb there. But it's not ideal. Less secure inside a sandbox

<ixr3:matrix.org> The issue is that security focused desktops are slowly deprecating xwayland.

<ixr3:matrix.org> @jpk68:matrix.org: The security measures in Wayland break some KeePassXC functionality. KeePassXC does run on Wayland. Upstream is broken as far as I know. Qt6 issues

lhttps://github.com/monero-project/monero-gui/blob/master/Dockerfile.linux#L216

removing skip qwayland here should solve it, can be done in the next release

<ixr3:matrix.org> selsta: Great! Will you open the PR? I do not have a github account

yes

<ixr3:matrix.org> Ok. I will share it on the whonix forum

let's see if this compiles or if I need a submodule for it monero-project/monero-gui #4587

<ixr3:matrix.org> forums.kicksecure.com/t/wayland-only-or-noland/1170 > <@ixr3:matrix.org> The issue is that security focused desktops are slowly deprecating xwayland.

<ixr3:matrix.org> Secureblue did it, whonix and Qubes will follow

<ixr3:matrix.org> selsta: I think it is also better if you set Wayland as default. It do not make much sense to have X11 as default. Almost every DE use Wayland by default.

<ixr3:matrix.org> monero-project/monero-gui #4014#issuecomment-3687144633

ixr3: monero-project/monero-gui #4588

<ixr3:matrix.org> Thank you

<ixr3:matrix.org> selsta: * // platform xcb by default

<ixr3:matrix.org> * // platform wayland by default

fixed

<ixr3:matrix.org> selsta: You got another "Thank you" from the Whonix admin

do you use wayland? can you test if the binary from CI build works with wayland;xcb ?

<ixr3:matrix.org> Do I need to build it?

<ixr3:matrix.org> Give me the binary please. I will run it without internet

do you have a github account?

with linux account you can download it here under "docker-linux-static" github.com/monero-project/monero-gui/actions/runs/25508976703?pr=4587

without gh account this link might work github.com/monero-project/monero-gu…ns/25508976703/artifacts/6862011054

<ixr3:matrix.org> I will make an account in 1 hour and test it

the second link should work without account

otherwise i can rehost it somewhere

ixr3: tobtoht thinks that just removing skip qt-wayland isn't enough, i have to add the submodule and dependencies

.merge+ 4589

Added

<ixr3:matrix.org> selsta: Can you? Easier for me. Second link says "page not found"

<ixr3:matrix.org> selsta: I can run a test

it's likely not going to work, I will find a proper solution with tobtoht that tests wayland output in CI with weston headless

once that works I can send you the binary to separately confirm it

<ixr3:matrix.org> selsta: Ok

<ixr3:matrix.org> It's a good idea. Most major distro's/DEs have moved to Wayland in their latest stable releases, and others that still use X11 are in the process of migrating very soon. Largely for improved security and sandboxing that Wayland enables. Applications are following the same trend. It will prevent many future issue tickets on Git [... too long, see mrelay.p2pool.observer/e/nrKf7oALeFVNdndG ]

<ixr3:matrix.org> selsta: Yes Feather got support too. tobtoht should know how it works

When I was working on adding Wayland support to Feather there were a lot of issues in earlier versions of QtWayland. I don't know if any fixes were backported to the Qt 5.12 branch. GUI may need to switch to Qt 6 first.

<ixr3:matrix.org> tobtoht: Yes you should move to qt6 ASAP.

<ixr3:matrix.org> "After May 26, 2025, there will be no community updates or security patches for Qt 5"

<ixr3:matrix.org> End of Support

It is known. Nobody has stepped up to work on this.

<jpk68:matrix.org> tobtoht: Do you think it's actually worth doing if the build process is eventually going to be migrated to Guix anyways?

<jpk68:matrix.org> *when Guix is on master

It's a copy paste job from Feather, but it'll need Guix on Monero's master branch first.

release branch*

Whonix shouldn't set QT_QPA_PLATFORM. It breaks a bunch of statically linked Qt applications including Bitcoin Core.

<ixr3:matrix.org> Tails do too

I thought they reverted that.

<ixr3:matrix.org> Yes and brought it back

If they did GUI would be broken on Tails too. But let me check

<ixr3:matrix.org> I will test it too

It isn't set in latest Tails.

5.12? for Docker we use 5.15

typo

meant 5.15

I think patrick misread. It wasn't reintroduced in 2014, the PR was closed: gitlab.tails.boum.org/tails/tails/-/merge_requests/1387

<ixr3:matrix.org> I see. Closed

<ixr3:matrix.org> Yes I tested it too > <tobtoht> It isn't set in latest Tails.

<ixr3:matrix.org> They want to force it for security reasons > <tobtoht> Whonix shouldn't set QT_QPA_PLATFORM. It breaks a bunch of statically linked Qt applications including Bitcoin Core.

Applications which don't support wayland will simply not run then.

<ixr3:matrix.org> Whonix is definitely stricter than Tails

<ixr3:matrix.org> Security trade off

<ixr3:matrix.org> Whonix/Tails are planning to disable xwayland too

<ixr3:matrix.org> I thought Qt5 packages were removed from the official Ubuntu 26.04 archive > <tobtoht> It is known. Nobody has stepped up to work on this.

Qt is linked statically, the libraries don't need to be installed on the host for it to run.

<ixr3:matrix.org> I did not test it. It is released 2 weeks ago

<ixr3:matrix.org> Ok

For development, that's a bit of a pain though.

<ixr3:matrix.org> transitions.ubuntu.com/html/qt5-rem…d,bad,partial,unknown,!notintesting

<ixr3:matrix.org> Flatpak will give End-of-Life Runtime Warnings and will say it is insecure. The community will make some noise hahaha > <@ixr3:matrix.org> Yes you should move to qt6 ASAP.

<ixr3:matrix.org> @ixr3:matrix.org: Including "Please ask your application developer to migrate to...."

<jpk68:matrix.org> tobtoht: Yeah, my bad, I meant when the core release branch with Guix is in the master branch of the GUI

<ixr3:matrix.org> @ixr3:matrix.org: It should be ok for a long time since the Qt is linked statically

<tobtoht> GUI Flatpak doesn't link Qt statically afaik, only the release binaries.

<ixr3:matrix.org> @tobtoht: Ok

<ixr3:matrix.org> Monero flatpak:

<ixr3:matrix.org> org.kde.Platform

<ixr3:matrix.org> runtime-version: 5.15-25.08

<ixr3:matrix.org> sdk: org.kde.Sdk

<ixr3:matrix.org> [... more lines follow, see mrelay.p2pool.observer/e/uvj_8YALcUQ4TFIy ]