13:49:29 https://forums.whonix.org/t/monero-wallet-gui-appimage-no-longer-runs/22980 13:52:31 @ixr3:matrix.org: The Whonix team requests that reporters reach out to the Monero developers 13:56:35 Monero uses X11, which is less secure. Security-focused desktops are deprecating or disabled X11, so Monero’s GUI can't run on those systems. 14:33:25 Wayland support is desired 14:37:04 @ixr3:matrix.org: Iiuc, =wayland does always work 14:37:27 But on a system that is wayland-only, and soecified with x11-fallback, then it doesnt work 14:38:38 @ofrnxmr:xmr.mx: Not in Whonix. Must use =xcb 14:38:58 The same for secureblue 14:41:16 =wayland doesnt use xwayland 14:41:19 Nobody in that thread suggested to use =wayland 14:42:09 Tbf i dont use any wayland hosts for desktops, so i have no idea. It "just works" here 14:44:33 @ofrnxmr:xmr.mx: xcb does 14:46:26 @ofrnxmr:xmr.mx: Right now Monero GUI do not work on some Wayland desktops without setting =xcb, which is less secure and disabled on some security-focused desktops. 14:50:55 Flatpak has known security limitations and vulnerabilities often https://app.opencve.io/cve/CVE-2026-34078. I'd prefer to run Monero's signed binaries in a stronger Wayland-only sandbox because X11 is prone to sandbox escapes 15:00:52 I will open an issue on github in a few days 15:14:19 According to bigpixel, =wayland works > <@ixr3:matrix.org> xcb does 15:14:49 https://github.com/monero-project/monero-gui/issues/4014#issuecomment-1224339036 15:16:00 In 2022 15:16:26 I'm testing right now. It does not work 15:16:52 What changed? 15:29:40 @ofrnxmr: I don't know. I will look into it more carefully before I open an issue in the next days 15:30:14 In 2022 all desktops used qt5 and now qt6 15:31:26 A Whonix dev says: 15:31:27 What went wrong here is that the Monero GUI appears to contain an embedded copy of Qt that only has the X11 adapter. Whonix 18 uses a Wayland display server, and tries to tell all applications to use the Wayland adapter for security reasons. 15:31:27 I don't know if that is true 15:32:15 This could be solved by Whonix just shipping xwayland but I could be wrong 15:32:44 I'd assume the Monero GUI is far from the only application that wouldn't work. For example, I need xwayland to use KeePassXC on Wayland 15:33:01 Maybe that's too much of a security risk for them 15:34:00 @jpk68:matrix.org: Yes they do. It works with =xcb there. But it's not ideal. Less secure inside a sandbox 15:35:04 The issue is that security focused desktops are slowly deprecating xwayland. 15:46:04 @jpk68:matrix.org: The security measures in Wayland break some KeePassXC functionality. KeePassXC does run on Wayland. Upstream is broken as far as I know. Qt6 issues 15:53:47 lhttps://github.com/monero-project/monero-gui/blob/master/Dockerfile.linux#L216 15:54:05 removing skip qwayland here should solve it, can be done in the next release 15:57:32 selsta: Great! Will you open the PR? I do not have a github account 15:57:47 yes 15:58:24 Ok. I will share it on the whonix forum 16:35:20 let's see if this compiles or if I need a submodule for it https://github.com/monero-project/monero-gui/pull/4587 17:52:14 https://forums.kicksecure.com/t/wayland-only-or-noland/1170 > <@ixr3:matrix.org> The issue is that security focused desktops are slowly deprecating xwayland. 17:52:14 Secureblue did it, whonix and Qubes will follow 18:03:11 selsta: I think it is also better if you set Wayland as default. It do not make much sense to have X11 as default. Almost every DE use Wayland by default. 18:03:11 https://github.com/monero-project/monero-gui/issues/4014#issuecomment-3687144633 18:48:56 ixr3: https://github.com/monero-project/monero-gui/pull/4588 18:49:51 Thank you 19:01:09 selsta: * // platform xcb by default 19:01:09 * // platform wayland by default 19:05:16 fixed 19:08:47 selsta: You got another "Thank you" from the Whonix admin 19:09:51 do you use wayland? can you test if the binary from CI build works with wayland;xcb ? 19:10:40 Do I need to build it? 19:11:02 Give me the binary please. I will run it without internet 19:12:37 do you have a github account? 19:12:54 with linux account you can download it here under "docker-linux-static" https://github.com/monero-project/monero-gui/actions/runs/25508976703?pr=4587 19:13:11 without gh account this link might work https://github.com/monero-project/monero-gui/actions/runs/25508976703/artifacts/6862011054 19:13:57 I will make an account in 1 hour and test it 19:14:13 the second link should work without account 19:14:16 otherwise i can rehost it somewhere 20:15:16 ixr3: tobtoht thinks that just removing skip qt-wayland isn't enough, i have to add the submodule and dependencies 20:35:20 .merge+ 4589 20:35:20 Added 20:43:50 selsta: Can you? Easier for me. Second link says "page not found" 20:44:15 selsta: I can run a test 20:45:45 it's likely not going to work, I will find a proper solution with tobtoht that tests wayland output in CI with weston headless 20:45:56 once that works I can send you the binary to separately confirm it 20:46:52 selsta: Ok 21:12:05 It's a good idea. Most major distro's/DEs have moved to Wayland in their latest stable releases, and others that still use X11 are in the process of migrating very soon. Largely for improved security and sandboxing that Wayland enables. Applications are following the same trend. It will prevent many future issue tickets on Git [... too long, see https://mrelay.p2pool.observer/e/nrKf7oALeFVNdndG ] 21:12:30 selsta: Yes Feather got support too. tobtoht should know how it works 21:33:45 When I was working on adding Wayland support to Feather there were a lot of issues in earlier versions of QtWayland. I don't know if any fixes were backported to the Qt 5.12 branch. GUI may need to switch to Qt 6 first. 21:38:51 tobtoht: Yes you should move to qt6 ASAP. 21:38:51 "After May 26, 2025, there will be no community updates or security patches for Qt 5" 21:39:21 End of Support 21:39:24 It is known. Nobody has stepped up to work on this. 21:40:10 tobtoht: Do you think it's actually worth doing if the build process is eventually going to be migrated to Guix anyways? 21:40:11 *when Guix is on master 21:40:41 It's a copy paste job from Feather, but it'll need Guix on Monero's master branch first. 21:41:14 release branch* 21:41:48 Whonix shouldn't set QT_QPA_PLATFORM. It breaks a bunch of statically linked Qt applications including Bitcoin Core. 21:42:31 Tails do too 21:42:56 I thought they reverted that. 21:43:42 Yes and brought it back 21:44:32 If they did GUI would be broken on Tails too. But let me check 21:45:40 I will test it too 21:47:01 It isn't set in latest Tails. 21:50:38 5.12? for Docker we use 5.15 21:50:54 typo 21:51:03 meant 5.15 21:54:07 I think patrick misread. It wasn't reintroduced in 2014, the PR was closed: https://gitlab.tails.boum.org/tails/tails/-/merge_requests/1387 22:00:22 I see. Closed 22:00:29 Yes I tested it too > It isn't set in latest Tails. 22:01:19 They want to force it for security reasons > Whonix shouldn't set QT_QPA_PLATFORM. It breaks a bunch of statically linked Qt applications including Bitcoin Core. 22:01:45 Applications which don't support wayland will simply not run then. 22:01:47 Whonix is definitely stricter than Tails 22:02:16 Security trade off 22:03:01 Whonix/Tails are planning to disable xwayland too 22:07:30 I thought Qt5 packages were removed from the official Ubuntu 26.04 archive > It is known. Nobody has stepped up to work on this. 22:08:20 Qt is linked statically, the libraries don't need to be installed on the host for it to run. 22:08:20 I did not test it. It is released 2 weeks ago 22:08:35 Ok 22:08:53 For development, that's a bit of a pain though. 22:09:40 https://transitions.ubuntu.com/html/qt5-removal.html#!good,bad,partial,unknown,!notintesting 22:20:53 Flatpak will give End-of-Life Runtime Warnings and will say it is insecure. The community will make some noise hahaha > <@ixr3:matrix.org> Yes you should move to qt6 ASAP. 22:26:20 @ixr3:matrix.org: Including "Please ask your application developer to migrate to...." 22:53:05 tobtoht: Yeah, my bad, I meant when the core release branch with Guix is in the master branch of the GUI 22:56:13 @ixr3:matrix.org: It should be ok for a long time since the Qt is linked statically 23:00:32 GUI Flatpak doesn't link Qt statically afaik, only the release binaries. 23:03:10 @tobtoht: Ok 23:23:17 Monero flatpak: 23:23:17 org.kde.Platform 23:23:17 runtime-version: 5.15-25.08 23:23:17 sdk: org.kde.Sdk 23:23:17 [... more lines follow, see https://mrelay.p2pool.observer/e/uvj_8YALcUQ4TFIy ]