On Mon, 2006-10-30 at 13:25 -0800, Trevor Benson wrote: > > Not at all. rhn access would be all that's required, and > > centos has such accounts. If not I'm certain that we could > > come up with a few such accounts for donation, and be right > > back to business as usual. > > GPL protection is a wonderful thing. > > Providing the source (as required by GPL) could be in tar.gz format. > This would be adequate for GPL compliance. Nothing in the GPL states > that a company is required to hand out their SRPM's and the Spec file > they used, or even tell you the build environment they used to > accomplish this. Thus the source RPM and Spec file that make CentOS > possible could be ripped out of RHEL's offerings to clients, causing > harm to CentOS. That is not true ... here is the quote from the GPL: "The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable." The SRPM is the mechanism by which the binary file is produced (ie, it controls it's compilation in RHEL) and it contains pre and post install scripts that control the installation. Therefore it must be distributed to anyone who has had the binaries distributed to them if they ask. If you legally obtain the binaries, and ask, the source code must be provided ... and in the case of an RPM based distro, that would be the SRPM. If someone is not providing that and you legally obtained the RPM as a customer, it is a violation of the GPL. > > My brother noted in the user mail list I believe that Unbreakable from > Oracle appeared to have CentOS/RHEL spec files as well (I think it was > CentOS actually, not RHEL but whichever). The point being is that if > Oracle is using SRPM's/Spec files from RHEL or CentOS to make this > Enterprise operating system I see no requirement on RedHat's part to > keep providing the SRPM/Spec's if they so choose to pull those. The > RHN could get you source, but again, if provided in tar.gz with no > spec file, how many hours of work do you think this could bring down > CentOS, or require adequate funding for developers to compensate. It > would be great to hear that the funding is already their in donations > to keep going (Just In Case), although that seems unlikely. As I posted above, for RPMS the SRPM must be provided. For other distribution methods, the tar.gz file would be fine. As for access to RHN, CentOS could obtain the SRPMS from there if Red Hat decided to to publish SRPMS to public FTP servers. (I don't see this happening any time soon, even with the Oracle issue ... that is just not how Red Hat does business). -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20061030/7674681f/attachment-0005.sig>