Linux foundation exam handler still not support wayland in 2026
Posted by ricjuh-NL@reddit | linux | View on Reddit | 57 comments
I'm in the process of taking all the Kubestronaut exams from Linux Foundation. But the PSI secure browser that is used for the exams only works on X11 for Linux.
How does a company so big in Linux etc use a exam system that is limited on Linux.
Also officially they only support Ubuntu :/
Now i need to dual boot my system just to take their exam.
siodhe@reddit
F*ck Wayland. If you can't get X to run somehow on Linux, you've sort of already failed foundational stuff anyway. X and Wayland are different systems solving different problems. Wayland has some compatibility with X but fails to actually replace it. X itself will be around for at least another decade even if no one succeeds at getting core development restarted. So if you love Wayland, great. If you want to help other people use Linux, you're going to need to know X as well for a long, long time.
ChampionshipIcy7602@reddit
yes
siodhe@reddit
I see the Wayland fanboys have already downvoted me, but I'm right about X's ongoing relevance. Between those who understand the larger context around these two 1980s windowing systems, and the utter requirement for legacy software that will never be ported to Wayland for various reasons, X cannot be discarded in real life.
This is all so stupid. The transition from SunView (e.g.) to X was so graceful. We just ran both systems at once, with X in the overlay plane, displayed as two virtual screen you could just slide the mouse between. Switching between two completely unrelated windowing systems at the slide of a mouse. Two simultaneous systems running just fine. A natural shift done for actual, major benefits.
X to Wayland? All that's happening here is an abrupt shift to a parallel universe which just has a different window system from the same era with less remarkable objectives. At least NeWS was trying to bring us something additional. It had real features, inspired design, pixel-independent rendering, and the ability to any app to push code into the remote server and shift to a custom higher level protocol on the fly, even better than X at something Wayland doesn't even have.
This all in a cultural shift where - possibly largely thanks to the movie industry try to pass off upconverted 2D to 3D as real 3D - the idea of 3D media and a 3D modeled environment for real work on a stereo monitor has just been dropped on the floor and left to rot. Conservative, rather than revolutionary, interface design seems to be the state of things right now, and it's boring.
Kevin_Kofler@reddit
Because what they call "secure browser" is the exact opposite of the Wayland "security model". What they mean with "secure" is almost certainly an anti-cheat that looks at everything you have open on the desktop, which is exactly what Wayland considers "insecure" and disallows.
7lhz9x6k8emmd7c8@reddit
A spyware as the ones required by some expensive games.
Evidence of unaltered device is a legit need (is used in banking, exams, console). But don't use your own hardware/software for that.
Kevin_Kofler@reddit
I agree that this is unacceptable spyware, and in fact side with Wayland on the interpretation of "security" here. While there are instances where the Wayland security model is actually an obstacle for the end users (e.g., it makes screenshotting, screensharing, scripting through emulated input, etc., harder, though there are now solutions for these use cases), this kind of spyware is exactly what the security model should prevent.
I disagree that it is legit at all. It locks you into either proprietary devices (as you suggest) or proprietary spyware on your devices. And it does not actually provide the security the designers expect. E.g., for the "secure" exam, what prevents me from simply looking up the answers on the Internet using another computing device? Camera surveillance? That is both an invasion of privacy and fakeable if you control the camera. For banking, there is also no reason to assume that a rooted phone is less secure than an "unaltered" one, it is just vendor lock-in marketed as "security" by Google.
7lhz9x6k8emmd7c8@reddit
Exams: you have to show the whole room at the beginning. No need to argue here, i know it's very dubious and people will always find a way to cheta, even on-site.
Banking: the point is unaltered. Whether your device is secure or not, the responsability is on the manufacturer. With an altered/non-manufacturer-approved device, the responsability is on the user, which the banks don't want to trust.
I agree they should let it with a disclaimer. But will you sign a statement "i agree if my bank accounts are emptied due to some action on my mobile computer, i take the wole responsability"?
Future usage: with AI, no one will be able to discern AI to reality. Videos will not be evidence anymore, except if produced by unaltered signed trusted devices.
I'm ok with the game console being closed source, they're here to play. With the bank wallet and to be another physical device. With the dashcam to be certified. With using a spywared computer for my exam. The other party legit requires it.
githman@reddit
A very sensible reasoning that brings up my favorite question regarding security claims: whose security is this or that post, announcement, ad, etc. actually talking about? Because user security is one thing, supplier security may or may not contradict user security, and don't even get me started about government security.
ABotelho23@reddit
The thing that makes the browser require X11 is the same security issue that motivated Wayland's existence.
x0wl@reddit
The problem is that macOS has a very similar (if not even stricter) security model than wayland (it's more like a mobile os in that regard, with explicit permissions for stuff), and the browser supports it
ABotelho23@reddit
Portals exist.
Mordiken@reddit
But how are you gonna persuade people to put in the work to support them when they can just say "use X11" instead?
burning_iceman@reddit
X11 is falling out of use on regular desktops quickly enough, not supporting Wayland will soon be equivalent to no Linux support.
Kyle_2099@reddit
MacOS having explicit permissions for stuff makes it nothing like wayland, it's better than wayland.
While Apple go "okay, people want to do X, let's build support for X in a secure way", Wayland just goes "We won't let you do X. You're stupid for wanting to do X. If you think you need X, you're lying".
fearless-fossa@reddit
What Wayland devs actually say when you bring up a missing feature is either "it's possible by doing x, but it's rather new so many people haven't looked into it yet" or "we know, we're working on it"
Just a few months back I had a chat with a dev of another application who only supported X11 because he said "doing this (the program manipulates windows) on Wayland is impossible". After I've told him there's program y that does something similar he messaged me back half a day later that his app now also supports Wayland.
You can do a lot of stuff with Wayland, applications just haven't caught up with it yet, eg. RDP which is still an utter mess to get running on Wayland.
CrazyKilla15@reddit
Its good they've finally started changing their mind and improvements are starting to come through. Its a shame they designed it wrong from the start(it should have mirrored with permissions from the start) and took so long to admit it.
burning_iceman@reddit
It's not an issue of "permissions". It's an issue of defining a protocol for that purpose, with the difficulty of getting all interested parties on board and in agreement about what exactly the protocol should do.
CrazyKilla15@reddit
The design absolutely is the problem. It has a very poorly defined and poorly thought out threat and security model at its foundation by people who frankly didnt know what they were doing and didnt sufficiently look at existing prior art, a poor design and models we are now "stuck" with and "need" to attempt to bolt on the necessary exceptions to, which is much harder than it needs to be specifically because of the poor initial design.
If permissions, if a sane security and threat model, had been in mind from the start, permissions would've been a core protocol, one of the first, that everything else would build off of. They wouldnt need to be bolted on. Instead of denying protocols that accessibility or general power-user tools need outright because of "security", it would be designing the best interface for them to use and a standard permission set for administrators to control it.
Think similar to Android, permissions like "draw over other apps" or "reading other applications content". Those are features that 1 must exist, 2 must be denied for most applications by default for security, and 3 must be configurable by authorized users. Wayland fails, foundationally, on points 1 and 3.
Imagine a Wayland designed, from the start not as an afterthought, with permissions like that. They dont need to be fine grained at the start, again look at Android. It would have been entirely possible to start with broad and strict permissions, gradually making them fine grained as needed and to community consensus.
Imagine a Wayland where the first protocols were permissions, and all other protocols built on this form the start. What they are, what applications have what permissions.
Imagine a wayland that had seen and learned from existing security work, existing threat models, existing security systems, both in general and specifically on other display systems, learned from places like android and even MacOS.
A world where "necessary thing X"(accessibility) isnt denied outright because its "insecure" but where it was possible to say "this specific application should have these special permissions to interact with others in ways that would be insecure, if an unauthorized application did so". Where debates and consensus were merely about how best to define such a protocol and what existing or new permissions it may need, rather than whether its "worth" having accessibility tools "compromise" security for everyone.
Where every security-sensitive protocol didnt need to re-invent permissions somehow, and have endless debates on whether its "worth it" at all and how to do so, because the how had been settled at the start.
Much of this was solvable, many solutions and work on problems like this already existed, but Wayland didnt. They largely didnt learn from or take inspiration from prior art, its mistakes and successes, and didnt improve on it either.
And the result is that today, in practice, every desktop has XWayland, and XWayland apps can do lots of things native wayland apps "arent allowed" to in the name of security, and the boundary between XWayland and Wayland is pretty blurry.
These were all solvable problems. Many had various good solutions that wayland did not take inspiration from(color management is an especially egregious one)
burning_iceman@reddit
One core issue in this discussion in general is that there are different understandings of the word "Wayland". On the one hand there is the core display protocol. Then there's the display protocol plus the supplementary protocols developed under the Wayland team. And finally the whole ecosystem enabled by and supportive of Wayland systems - protocols/compositors/portals etc.
From the start Wayland was developed as a simple display protocol, where any additional protocols were supposed to be developed alongside by other interested parties. It's a modular approach, where the goals and scope were quite clear and contained. There was no intention of being involved in developing any additional protocols. It later became apparent that it would be easiest to provide a space where these additional protocols would be discussed and developed under the name of the Wayland project. Those are the wayland-protocols.
I'm not saying the Wayland design is as good as it could have been. I'm saying the design is not the problem that caused this to take so long: agreeing on how to standardize behavior and expectations across a variety of Wayland setups and deployment types. Even if some kind of permissions protocol had been baked in from the beginning, this would still have needed to happen.
This sounds like a fundamental misunderstanding of the situation. "Things" aren't "denied" because it's "insecure". Instead, it's not possible, since there's no relevant protocol. It's not "you're being denied passage over the bridge", it's "there is no bridge here, so we need to think about what kind of bridge serves everyone's purpose and then build it.".
Again: the discussions weren't primarily about permission (although that sometimes was also a factor) but about purpose. Why/how/what is needed to meet the requirements, which starts with understanding what the requirements even are.
Apps on XWayland can do all the things that the "XWayland-bridge" enables. The boundary between XWayland and Wayland isn't so much blurry as the term "Wayland" itself is blurry. "Wayland, the core protocol" or "Wayland, the core protocol plus supplementary protocols" are not similar to "XWayland, the software". I guess you would need to define what you're referring to by "Wayland" in order to make any similarity apparent.
Kyle_2099@reddit
If your response starts with a plea that nobody can define what wayland even is, then you're in a bad position.
The rest is an admission that the wayland project is a bikeshedding bureaucratic nightmare, which also doesn't work as a defense of wayland's bad design (in fact, you never actually address any of the points made about that), but instead just explains why they created a bad design and are bad at coping with it.
You know that's worse, right?
burning_iceman@reddit
One can. I'm pointing out that people are using it with different meanings. Similar to "Linux, the kernel" and "Linux, the OS". If you're not being clear what you're talking about, then you're pointlessly talking past the other person.
That's not an issue with the technology itself - just with discussions about the tech failing to go anywhere.
Standardization in an established sector is hard, when there previously was none. Any replacement to X11 would have had to go through this process somehow.
I'm only going to say it once more: the features are not missing due to "security". That's a red herring. They're missing because there needs to be an agreed way of doing it. We're not talking about a situation, where single actor can just choose what they think might work. It needs to work with all implementations, so all must be in agreement. Not about "security", but about how specifically the functionality is supposed to work.
How any particular security checks work is a side issue at best. No up-front security system would make the standardization difficulty any easier.
Yes, that misrepresentation of the situation is worse.
Kyle_2099@reddit
I think you're being very dishonest and not engaging with what's already been said.
Like, to repeat, wayland is missing a great many features that are hard requirements for a mainstream desktop environment to be even possible.
These features should have been designed in at the very beginning, as well as a permissions based security model which controls access to these features. An example was given of a system that successfully took this approach. It's android, which isn't exactly obscure.
You aren't engaging with this at all. Instead you're just pretending not to even understand what's being said, and are making excuses that amount to little more than "project management is very hard".
Kyle_2099@reddit
Agree with you 100% on this.
Kyle_2099@reddit
You're supposed to define a protocol for the purpose before you spend two decades developing a new "secure" windowing system and migrating half of the userbase to it, not afterwards.
CrazyKilla has elaborated on this much more than I'm willing to, but I agree with him completely, he explains it perfectly. Read what he wrote and spend some serious time mulling it over.
themanwhowillbebanne@reddit
What program is manipulating windows on wayland?
fearless-fossa@reddit
This was about one of the EVE Online window preview apps, which show a preview of each of your clients and switch focus to it when clicking on the preview. Really handy when you're managing more than two accounts.
axonxorz@reddit
Tiling window manager
Kyle_2099@reddit
Wayland is 18 years old and for the first 17 years it was nothing but as I said, them refusing to implement stuff, telling everyone they were dumb for it, and then everyone from flatpak to pipewire to all the DEs having to build workarounds. Even if wayland actually implements all that itself now, they've created nearly two decades of legacy features in hundreds of projects that will have to be supported or migrated from.
I think in another 10 years wayland will have become basically functional with no weird caveats, but this is in spite of those controlling the project, not because of it, and it's kind of embarrassing considering apple made Quartz in like 2 years.
ABotelho23@reddit
That's what portals are. It's literally what it is. It even provides interactive dialogues for certain things like screen sharing.
Kyle_2099@reddit
XDG portals are not part of wayland, they're from flatpak. I have XDG portals here on X11.
What you're missing is that not only are portals not a Wayland function, but the screen sharing that portals gatekeep is also not a part of Wayland. It's pipewire!
This is the wayland problem. They decide we shouldn't do something, they refuse to support it. In the real world this is a problem, so other projects have to create a workaround even though it's not even supposed to be their area of interest. A system to bypass wayland is created, and then, problem "solved", the Wayland Reputation Defense Force gives all the credit for it to Wayland.
bitcraft@reddit
So? Installing Linux to a software engineer is like chopping vegetables for a chef. While it’s inconvenient for you, installing another OS should not be a hassle worth complaining about.
ricjuh-NL@reddit (OP)
The point is that every major linux DE is dropping X11. They claim to Support Ubuntu 26.04 while that is wayland only:
Time is money, so every minute I'm spending on installing a extra OS just for a single purpose I'm losing to learn or do actual work I get paid for.
eldoran89@reddit
You wouldn't even need to install an entire new system. You can just install a X server over your current system...sure it takes effort but it's basically what you should be able to anyway if you want to administrate Linux in any capacity....
I mean sure it's a bit strange but as others said it's likely to to issues with anti cheat implementations. Those are always a messy business...
I did a quick search and you wouldn't even need to mess with Ubuntu's package sources because xorg and plasma-x11 are still in the regular repos...so it's literally as easy as to install packages....
diesal3@reddit
If you have GNOME 50 (which will be the standard for a lot of Ubuntu users), you can't start any X11 sessions because they borked X11 support in GDM 50.
eldoran89@reddit
Well of only we could do sth...like literally anything....
You yourself know that there are a gazillion solutions.
bitcraft@reddit
“Is dropping” is very different than “has dropped”. I understand the hype, but Wayland is not the standard yet, regardless of anyone’s expectations.
Dangerous-Report8517@reddit
Wayland has been dropping for 10 years, it's not exactly novel, you would think the Linux Foundation of all things would have figured it out by now
x0wl@reddit
Which relatively widely used distro ships an X11 session by default as of today?
GNOME has dropped support for running on X11 in GNOME 50, which means that latest Fedora 44 and Ubuntu 26.04 have no X11 support in their default DE. Pretty much all rolling distros also have GNOME 50 already as well, which means no X11 for you if you want GNOME.
Plasma will drop X11 in 6.8, which means Fedora 46 and Ubuntu 27.04 (and rolling stuff) at this point will have no support for X11 for the 2 largest desktop ecosystems.
I mean there are still other DEs and WMs, but "has dropped" very much applies to the current state of Linux desktop, as your only options for GNOME X11 are pretty much Debian or RHEL (rebuilds).
Indolent_Bard@reddit
Mint.
bitcraft@reddit
So it’s being phased out aggressively this year. We are 4 months into the year and it’s unreasonable to expect everyone to keep up with that pace. Many companies are still running old centos/rhel/ubuntu LTS and will wait until the new one has its issues worked out.
Not all companies are running the absolute latest distro. In fact many large companies are running very old releases and just update key parts.
Anyway, I’m done with this because this sub doesn’t like it when they experience different opinions and interpretations.
x0wl@reddit
I mean, I'm not denying your perspective. In some environments, X11 will never die. Ubuntu 24.04 will be supported until 2039 if you're willing to pay, so it will be used somewhere.
I just wanted to say that significant parts of the ecosystem have already gone wayland-only.
It was nice talking to you and for the record, I did not downvote any of your comments.
Razangriff-Raven@reddit
Here comes the "time is money".
You can't be "focused professional hustle man" and "boo hoo I have to dual boot :((((" in the same thread. Choose one. Your opening post makes that "time is money" statement sound faker than a wooden dollar.
Zatujit@reddit
its annoying
Novero95@reddit
I understand it being a hassle if you do not have spare disks to install a second OS and you need to backup your main PC and wipe it
BortGreen@reddit
The new LTS Ubuntu comes with wayland-only GNOME so if they don't want to be stuck with 24.04 or require the install of a different environment something will need to change
SunlightScribe@reddit
They'll probably tell you to run on a live USB and link to a distro that supports X11. It doesn't sound like something they would be willing to give up on.
pfp-disciple@reddit
I'm guessing but because one of Wayland's features is security, that might make it difficult for any anti-cheat features of the browser. I wonder if XWayland works? Maybe running Ubuntu in a VM?
Pierma@reddit
Virtual Machines are explicitly forbidden
Blu3iris@reddit
Funny, I had this same issue last night. I was applying to an aerospace company and needed to take an accessment test and saw Linux was supported. I look at the requirements and they list recent Ubuntu versions, but I decided to try anyway with my fedora laptop.
My laptop passed all the preliminary webcam checks and everything, but as soon as I opened PSI secure browser, it said Wayland only. Running fedora 43, that leaves me out.
I then proceeded to dig out my old Surface Pro 4 with Windows 10 to take the test. Initially it started out OK, only for the system to randomly crash on me about 1hr 45min into the assessment test.
So I waved the white flag and went to bed as it was already late at that point. What should have been a simple 2 hr test turned into pure frustration.
pfp-disciple@reddit
FYI, Fedora 43 XFCE spin still uses X11 (XFCE doesn't work well with Wayland yet). if you're in this situation again, maybe boot the installer and use that.
s_elhana@reddit
You can simply install x11 + xfce packages too.
pfp-disciple@reddit
I kind of assumed that, but I don't use Fedora so I didn't know if that might make things "weird"
natermer@reddit
If you were running silverblue you could use rpm-ostree to install the packages and then do a rpm-ostree rollback the changes and go back to the default install.
https://coreos.github.io/rpm-ostree/administrator-handbook/
Journeyj012@reddit
when in doubt, timeshift
Content_Chemistry_44@reddit
Well, technically they are right. Fedora uses Torvald's kernel, Ubuntu does the same. So, it is still Linux, and they clearly say "Linux".
CrazyKilla15@reddit
The security features of Wayland interfere with the stalkerware that they wish to use.
Content_Chemistry_44@reddit
Torvald's only maintains and develops a kernel. He has nothing to do with operating systems and their components.
Ubuntu is just a GNU operating system with Torvald's kernel. It's only up to GNU distributor what component they package.
And kernel isn't supposed to do any graphics server's stuff. It is not his problem. Kernel only does hardware support and management, that is what Torvalds does.