Were looking to use yum 2.1's ability to store repository data in /etc/yum.repos.d/ as a means of pushing updates to our mirrors list.
As an added feature, we want to host third party repository config in installable .rpm's into CentOS-Extras. So that enabling a new repository becomes as easy as "yum install <repo name>". Eg. 'yum install repo- dag'. Which would in turn drop the required repository information into /etc/yum.repos.d/, set the enabled flag, import the required gpg- key.
We are looking for package repositories, with public access who would want to be included in this setup. All supported architecture's are welcome ( x86/ia32, x86_64, ia64, s390(x)) as well as testing ( ppc ) for yum repositories. We do have apt available on x86 and ppc, so if you have an apt repository that works with CentOS4 on these architectures, we're interested.
If you run a repository or know of one which should be included : Reply to this post here with details or send me an email.
There are a few things that we ask for.
1) The repository must be complete in itself or require no more than the CentOS4 base and CentOS4 updates to pull required dependencies.
2) All packages in the repository must be signed. And the key available via public key-servers.
3) You must have both meta data ( via createrepo ) as well as the Header info ( via yum-arch ) available.
And lastly, I need some recommendations on what to call these .rpm's repo-<Repository Tag>.<ver>.rpm is one option.
- K
On Sat, 2005-02-19 at 07:40 +0000, Karanbir Singh wrote:
Were looking to use yum 2.1's ability to store repository data in /etc/yum.repos.d/ as a means of pushing updates to our mirrors list.
As an added feature, we want to host third party repository config in installable .rpm's into CentOS-Extras. So that enabling a new repository becomes as easy as "yum install <repo name>". Eg. 'yum install repo- dag'. Which would in turn drop the required repository information into /etc/yum.repos.d/, set the enabled flag, import the required gpg- key.
contributory infringement. We need to be concerned with linking to sites that host material that violates the DMCA. Providing repository files that point there is a concern, to say the least.
Why don't we rethink this - esp for those of us who live in the US and could be prosecuted by this rule.
-sv
seth vidal wrote:
On Sat, 2005-02-19 at 07:40 +0000, Karanbir Singh wrote:
Were looking to use yum 2.1's ability to store repository data in /etc/yum.repos.d/ as a means of pushing updates to our mirrors list.
As an added feature, we want to host third party repository config in installable .rpm's into CentOS-Extras. So that enabling a new repository becomes as easy as "yum install <repo name>". Eg. 'yum install repo- dag'. Which would in turn drop the required repository information into /etc/yum.repos.d/, set the enabled flag, import the required gpg- key.
contributory infringement.
? Infringement of what? Just curious, not sure what the concern is exactly.
We need to be concerned with linking to sites that host material that violates the DMCA. Providing repository files that point there is a concern, to say the least.
Why don't we rethink this - esp for those of us who live in the US and could be prosecuted by this rule.
-sv
But a valid concern for the USians ;)
-Mike
On Sat, 2005-02-19 at 15:24 -0700, Michael Best wrote:
seth vidal wrote:
On Sat, 2005-02-19 at 07:40 +0000, Karanbir Singh wrote:
Were looking to use yum 2.1's ability to store repository data in /etc/yum.repos.d/ as a means of pushing updates to our mirrors list.
As an added feature, we want to host third party repository config in installable .rpm's into CentOS-Extras. So that enabling a new repository becomes as easy as "yum install <repo name>". Eg. 'yum install repo- dag'. Which would in turn drop the required repository information into /etc/yum.repos.d/, set the enabled flag, import the required gpg- key.
contributory infringement.
? Infringement of what? Just curious, not sure what the concern is exactly.
If you link to sites that enable people to violate the DMCA you can be found guilty of contributory infringement.
infringement of copyright.
-sv
seth vidal wrote:
contributory infringement.
? Infringement of what? Just curious, not sure what the concern is exactly.
If you link to sites that enable people to violate the DMCA you can be found guilty of contributory infringement.
infringement of copyright.
-sv
I understand the term, but what is in these repositories that is infringing, I'm curious as to an example.
-Mike
On Sat, 2005-02-19 at 15:31 -0700, Michael Best wrote:
seth vidal wrote:
contributory infringement.
? Infringement of what? Just curious, not sure what the concern is exactly.
If you link to sites that enable people to violate the DMCA you can be found guilty of contributory infringement.
infringement of copyright.
-sv
I understand the term, but what is in these repositories that is infringing, I'm curious as to an example.
dvdcss, for one.
mp3 support, for another.
the list goes on and on.
-sv
On Sat, 2005-02-19 at 17:36 -0500, seth vidal wrote:
On Sat, 2005-02-19 at 15:31 -0700, Michael Best wrote:
seth vidal wrote:
contributory infringement.
? Infringement of what? Just curious, not sure what the concern is exactly.
If you link to sites that enable people to violate the DMCA you can be found guilty of contributory infringement.
infringement of copyright.
-sv
I understand the term, but what is in these repositories that is infringing, I'm curious as to an example.
dvdcss, for one.
mp3 support, for another.
the list goes on and on.
Same fun coming to Europe with the Copyright Directive from the EC (EU?) and software patents don't seem to want to die there either, so MP3, AAC, CDparanoia and many other things could fall under either copyright or patent infringement in Europe too.
It's looking like it might not be just an issue for us the live in the USA .... welcome to the 21st century.
Paul
On Saturday, 19 February 2005, at 17:36:34 (-0500), seth vidal wrote:
mp3 support, for another.
MP3 decoders are okay. It's the *en*coders that are restricted. As long as we don't sell anything, we can distribute MP3 decoders for free all we want.
http://www.newsforge.com/business/02/08/29/1633205.shtml?tid=17
Michael
On Sun, 2005-02-20 at 13:09 -0500, Michael Jennings wrote:
On Saturday, 19 February 2005, at 17:36:34 (-0500), seth vidal wrote:
mp3 support, for another.
MP3 decoders are okay. It's the *en*coders that are restricted. As long as we don't sell anything, we can distribute MP3 decoders for free all we want.
http://www.newsforge.com/business/02/08/29/1633205.shtml?tid=17
Michael
I don't think that Tomson Electronics terms are compatible with the GPL because of the restrictions. I believe LAME (or any other MP3 CODEC under the GPL) is, in the USA and a few other countries, not legally GPLed because of the patent issues. Because no commercial disto can include it legally for encoding or decoding.
Tomson/Fraunhofer may or may not have changed their minds in the past. They certainly could in the future if the wanted to.
External repositories could certainly if they wanted to make it easy enough to add themselves to CentOS by installing a RPM.
[rant] Frankly putting a note in the FAQ about the Patent/Copyright issues might be a little bit of encouragement for people that are not currently under such restrictions as USA, Australia (I believe), England, Japan and a few others I can't remember now to keep on their toes and block passage of such legislation.
If enough countries don't follow the USA's restrictions maybe us in the USA have a chance to overturn the restrictions we currently are under so that US companies can compete with the more rational world. [/rant]
Paul
Actually it's 'grey' in Australia.
The government and law makers are totally confused down here...
On Sun, 20 Feb 2005 20:11:21 -0600, Paul subsolar@subsolar.org wrote:
On Sun, 2005-02-20 at 13:09 -0500, Michael Jennings wrote:
On Saturday, 19 February 2005, at 17:36:34 (-0500), seth vidal wrote:
mp3 support, for another.
MP3 decoders are okay. It's the *en*coders that are restricted. As long as we don't sell anything, we can distribute MP3 decoders for free all we want.
http://www.newsforge.com/business/02/08/29/1633205.shtml?tid=17
Michael
I don't think that Tomson Electronics terms are compatible with the GPL because of the restrictions. I believe LAME (or any other MP3 CODEC under the GPL) is, in the USA and a few other countries, not legally GPLed because of the patent issues. Because no commercial disto can include it legally for encoding or decoding.
Tomson/Fraunhofer may or may not have changed their minds in the past. They certainly could in the future if the wanted to.
External repositories could certainly if they wanted to make it easy enough to add themselves to CentOS by installing a RPM.
[rant] Frankly putting a note in the FAQ about the Patent/Copyright issues might be a little bit of encouragement for people that are not currently under such restrictions as USA, Australia (I believe), England, Japan and a few others I can't remember now to keep on their toes and block passage of such legislation.
If enough countries don't follow the USA's restrictions maybe us in the USA have a chance to overturn the restrictions we currently are under so that US companies can compete with the more rational world. [/rant]
Paul
CentOS mailing list CentOS@caosity.org http://lists.caosity.org/mailman/listinfo/centos
On Sat, 2005-02-19 at 10:58 -0500, seth vidal wrote:
On Sat, 2005-02-19 at 07:40 +0000, Karanbir Singh wrote:
contributory infringement. We need to be concerned with linking to sites that host material that violates the DMCA. Providing repository files that point there is a concern, to say the least.
I was unaware of this issue, thank you bringing it up.
Why don't we rethink this - esp for those of us who live in the US and could be prosecuted by this rule.
Based on your email and the ones that follow, completely rethunk(!) this one. Its on freeze.
Is it at all possible to scan through contributed repositories for such violations ?
Based on your email and the ones that follow, completely rethunk(!) this one. Its on freeze.
Is it at all possible to scan through contributed repositories for such violations ?
Not trivially, no. But if a repository doesn't explicitly state that they do not provide files which violate the dmca or any patents in place, then you're running the risk.
We've had to go through this with Fedora Extras quite a bit b/c lots of folks want things like the nvidia and ati binary-only drivers or mp3 playing or dvd decrypting and we just can't do it.
-sv
-
Karanbir Singh -
Matt Bottrell -
Michael Best -
Michael Jennings -
Paul -
seth vidal