[CentOS] The elephant in the room: Oracle

Johnny Hughes mailing-lists at hughesjr.com
Tue Oct 31 00:03:40 UTC 2006 

On Mon, 2006-10-30 at 14:45 -0800, Paul Heinlein wrote:
> On Mon, 30 Oct 2006, Johnny Hughes wrote:
> 
> > On Mon, 2006-10-30 at 13:25 -0800, Trevor Benson wrote:
> > > > Not at all. rhn access would be all that's required, and centos 
> > > > has such accounts. If not I'm certain that we could come up with 
> > > > a few such accounts for donation, and be right back to business 
> > > > as usual. GPL protection is a wonderful thing.
> > > 
> > > Providing the source (as required by GPL) could be in tar.gz 
> > > format. This would be adequate for GPL compliance.  Nothing in the 
> > > GPL states that a company is required to hand out their SRPM's and 
> > > the Spec file they used, or even tell you the build environment 
> > > they used to accomplish this.  Thus the source RPM and Spec file 
> > > that make CentOS possible could be ripped out of RHEL's offerings 
> > > to clients, causing harm to CentOS.
> > 
> > That is not true ... here is the quote from the GPL:
> > 
> > "The source code for a work means the preferred form of the work for 
> > making modifications to it.  For an executable work, complete source 
> > code means all the source code for all modules it contains, plus any 
> > associated interface definition files, plus the scripts used to 
> > control compilation and installation of the executable."
> > 
> > The SRPM is the mechanism by which the binary file is produced (ie, 
> > it controls it's compilation in RHEL) and it contains pre and post 
> > install scripts that control the installation. Therefore it must be 
> > distributed to anyone who has had the binaries distributed to them 
> > if they ask.
> > 
> > If you legally obtain the binaries, and ask, the source code must be 
> > provided ... and in the case of an RPM based distro, that would be 
> > the SRPM.  If someone is not providing that and you legally obtained 
> > the RPM as a customer, it is a violation of the GPL.
> 
> I'm mostly ignorant on these things, but wouldn't Red Hat be obliged 
> to supply only those SRPMs used to build software released under the 
> GPL? What about Apache, BIND, Kerberos, OpenLDAP, OpenSSH, Perl, 
> Sendmail, SQLite, TeTeX, Vim, X.org, and others?
> 
> Non-GPL licenses account for roughly 30% of packages on a 
> representative login server:
> 
> $ rpm -qa --qf '%{name}: %{license}\n' | grep -v GPL | wc -l
> 270
> $ rpm -qa | wc -l
> 851
> 
> Not that Red Hat would do such a thing! Still, it seems to me at least 
> legally plausible.

For non-GPL packages, they would have to follow the specific
requirements of the particular license, that is true.

For most of them, except BSD, that requires distributing the source and
the things required to build the source.

They would not have to distribute the BSD items though ... that is true.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20061030/d6759a1d/attachment.sig>

More information about the CentOS mailing list