Fedora Board Recap 2007-JUL-10
Stephen John Smoogen
smooge at gmail.com
Fri Jul 13 17:16:04 UTC 2007
On 7/13/07, Josh Boyer <jwboyer at jdub.homelinux.org> wrote:
> On Fri, 2007-07-13 at 03:34 -0800, Jeff Spaleta wrote:
> > On 7/13/07, Alexandre Oliva <aoliva at redhat.com> wrote:
> > > New builds that change licensing terms should check any library
> > > dependencies for license incompatibility. E.g., a GPLv2 program must
> > > not depend on a GPLv3+ or LGPLv3+ library, and a GPLv3+ program must
> > > not depend on a GPLv2 library. (not sure about GPLv3+ / LGPLv2
> > > compatibility, I haven't thought much about it, and IANAL :-)
> >
> >
> > I'm very wary at attempting to rely the licensing tag in spec files
> > for any automation like this out of the gate. There are packages which
> > include multiple pieces of code under different licenses and of course
> > packages with code under multiple licenses. These situations aren't
> > codified in the licensing tag.
>
> Agreed.
>
I think we went over this twice in the last 2 years.. the consensus in
the past was that the Licensing Tag was insufficient (yet another item
showing the age of RPM :)) to express the complexity of licensing of a
lot of packages. Ideas on improving things was that all applicable
licences would need to be included in
/usr/share/<package-name-version-release>/ or that a helper item be
created that could allow a package to symlink the appropriate license
to that directory. Most of the ideas required either extra bueracracy
or code changes in how we layout packages. [Everypackage requiring
fedora-licenses which would be a copy of all GPL's, MPL's, etc and
have the appropriate symlink tool].
--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the fedora-advisory-board
mailing list