My relationship with Fedora is of the sort where every two years I look at screenshots and go ‘Nice, why am I not running this again?’ Then I install it and everything looks fine. Then bit by bit the seams start to show.
Fedora 26 was to have been my grand entry into all things Wayland. The laptop running Ubuntu 16.04 started to feel like it needed something fresh or maybe I was just bored. I went in with open eyes, knowing that the move from Xorg to Wayland would invalidate a whole swathe of hacks I have used since times immemorial. It was going to be painful but a) it’s the cost of progress, might as well bite the bullet now and b) something something profit? Profit being some unforeseen advantage to doing things the new way.
To cut to the punchline, Wayland-Gnome runs and is perfectly servceable and I applaud the Fedora team for being the vanguard of the future and all that. I’m just not convinced that I as a regular user want to be on that frontline.
The Wayland protocol implements a lot of security restrictions that Xorg did not. Here’s Fedora’s Matthias Clasen making it soundly eminently and annoyingly reasonable:
One reason is that Wayland is designed from the ground up to isolate clients from each other. There is no shared coordinate space. Wayland clients cannot snoop on each others input or inject fake input events. They can’t draw on each others windows or cover up windows with fake replicas.
All of these things and many other exploits are possible for malicious X clients, because the X protocol wasn’t designed for untrusted clients.
This makes Wayland a much better choice of display protocol when sandboxing untrusted applications, like xdg-app does.
If you for a second imagine the efforts being poured into making malware for more popular platforms, like Android or Windows, being directed at a Wayland-based platform, this makes sense. Even if the possibility seems remote – cue Year of the Linux Desktop jokes – security through obscurity is not a valid strategy for the developers. So I’m not saying they are wrong. What I am saying is that the end result just doesn’t feel right.
Here’s an example: No program can change the screen resolution to something other than that which is set in Gnome’s settings. Not games, not xrandr, no command line shenanigans of any any kind.
I have a laptop that is ridiculously underpowered for it’s 3200×1800 HiDPI resolution. It has a humble Haswell i5 and 4 Gbs of RAM. It was a stupid configuration to pick but I did it and now I have to live with it – at least for another year. It is enough for the OS, a browser and a terminal, definitely not enough for games running native resolution or 4k video content. So if I feel like gaming, I have always depended on being able to drop down the resolution to a more manageable full HD or even going halfsies with 1600×900.
I used to just do this in the game’s settings. Now, I have to enter Gnome settings each time and change resolution manually. Is that really so bad? Well, no, I guess not. But Gnome under Wayland doesn’t actually adjust the UI that well to changes in resolution so icons and other UI elements start looking like a kid dressed in random hand-me-downs: XXL pants paired with an S t-shirt. Since you can no longer restart Gnome Shell (just type ‘r’ in the Shell ‘run box’) under Wayland (another security feature?) I have to log out and log in. I believe on occasion a reboot was required as well. In the end the only real solution is to permanently drop the resolution to the compromise of 1920×1080. Which feels like a dumb thing to do with a 3200 pixel wide screen.
Is it a security risk to let programs change resolution? Possibly? But from my perspective it feels like a hypothetical one. Compared to the actual pain of trying to juggle multiple resolutions, I’m not really sold on this protection.
I believe the longterm solution is thought to be scaling: The application that wants to use a lower resolution, has to paint a smaller picture, then scale it up to the actual resolution of the window. Sounds good but if it depends on third party developers taking up the challenge I can’t see this working anytime soon.
As I said you cannot do Xorg-style hacks anymore: Any sort of scripting that manipulates windows is out. No more devilspie to start windows the way you want them, be that maximized, on workspaces, hovering over other windows. No more wmctrl to switch between windows or adjust their properties on the fly. All those are considered security risks and, sigh, probably rightly so.
So what do we get instead? Gnome extensions. Can I get all windows everywhere, including dialogs to be maximised by default? Yes. Can I get a list of specified windows, like Firefox’s and Nautilus’ main windows to be maximised by default without getting the right-click menus and the Open File-dialogs maximised. Not without coding my own extension at the moment. The list goes on. There are a lot more extensions now than when I last checked up on them but so many are personal one-niggle-fixes and a lot more have been abandoned in the 5-6 years before the API finally stablized. Simply, you (still) cannot even approximate with the available extensions what you could do with a few simple EWMH hacks.
So those are the drawbacks, what are the advantages to running Gnome on Wayland as opposed to on Xorg? The transition from GDM to Gnome proper is smoother and switfter. I believe that GDM in most distributions run on Wayland regardless of whether the desktop itself runs Xorg or not, so I guess that makes sense.
From my first hand experience, I’m afraid that’s it. It doesn’t feel as unstable as last time I checked in with it. I feel like I’ve lost a tiny slice of graphics performance but that may just be using 1080p whereas before I would probably have dropped down to 900p when starting a game.
I do not mean any of this as a slight on the work of Fedora, Gnome or Wayland teams. I just don’t have any incentive whatsoever to jump on the bandwagon despite it being the soon-to-be default wagon of most distros. I went along with Gnome 3 because I could see potential and because you could work around it’s (many, plentiful, bounteous) shortcomings. Hopefully Mutter will gradually acquire more hardcore features or we’ll see other compositors open for more customization but for now, I think I’ll go have a look at Debian 9, still on Xorg, with support stretching ahead for years.