Fedora Extras License Audit

Tom 'spot' Callaway tcallawa at redhat.com
Wed Jan 24 05:45:51 UTC 2007


On Tue, 2007-01-23 at 19:02 -0300, Horst H. von Brand wrote:

> Any list of acceptable licenses? Or a standard way to list "License is OK,
> look at..."?

Yes, and no. This is how the Fedora licensing works (at this moment in
time):

http://fedoraproject.org/wiki/Packaging/Guidelines#LegalLicensing

Here is the relevant section:

"The goal of The Fedora Project is to work with the Linux community to
build a complete, general purpose operating system exclusively from open
source software. In accordance with that, all packages included in
Fedora must be covered under an open source license. 

We clarify an open source license in three ways: 

      * OSI-approved license. You can find the list of OSI approved
        licenses here: [WWW]http://www.opensource.org/licenses/ 
        
      * GPL-Compatible, Free Software Licenses. You can find the list
        here:
        [WWW]http://www.gnu.org/philosophy/license-list.html#GPLCompatibleLicenses 
        
      * GPL-Incompatible, Free Software Licenses. You can find the list
        here:
        [WWW]http://www.gnu.org/philosophy/license-list.html#GPLIncompatibleLicenses 
        
"

So, you can look at the FSF and OSI lists for licenses for 99% of the
cases. The remaining 1% are licenses which, while not explicitly listed
on the FSF's page, have been approved by the FSF as GPL-Compat Free, or
GPL-Incompat Free. In those cases, I know which licenses have been
approved. Part of this process will be me documenting this, so everyone
else can know this too.

The end result of this will be the list of currently acceptable
licenses. :)

> How are you proposing to split this up? 237 people telling you GCC is OK
> helps very little...

Fedora Core is actually done. Has been done for a while. :) But I see
what you're asking. I have a list of the packages which need auditing,
and I'm giving a copy of that list to volunteers, and "assigning" them a
subset of the packages on that list to audit, along with some basic
instructions on how to do it.

> Any requisites applicants have to fullfill? I.e., I could take a look at
> some packages, but I'm not blessed into Fedora in any way (just slightly
> soft in the head, running rawhide ;-)

One needs only to be able to:

- Read English
- Be able to download SRPMS, and run rpmbuild -bp --nodeps.
- Use grep -ir
- Use OpenOffice.org
- Have a basic grasp of how open source licensing works (and even this
isn't really required, you can just ask me about it as we go).

Honestly, I fully expect that the majority of the Extras packages will
be OK. However, I've already caught a few mislicensed packages. :) This
will just go a lot faster with more people helping out.

~spot




More information about the fedora-extras-list mailing list