License text in binary packages

Ralf Corsepius rc040203 at freenet.de
Mon Sep 5 05:57:20 UTC 2005 

On Sun, 2005-09-04 at 23:38 -0500, Tom 'spot' Callaway wrote:
> On Mon, 2005-09-05 at 06:00 +0200, Ralf Corsepius wrote:
> 
> > Also, I doubt one is permitted to add license files to packages without
> > prior permission of the original authors, because this implies
> > "re-licensing" packages.
> 
> Not if the upstream author lists the license of the package. If they say
> "application foo is GPL", but do not include the license text, then
> adding the text to the binary package is not relicensing it.
Please contact Prof. Eben Mogden (The FSF's legal adviser).

I am inclined to agree wrt. the GPL, but I have doubts on other cases
and I have strong doubts on if this is applicable to people outside of
the USA.

Eg. my feel is, adding such license files is legally void in Germany,
and if so, it probably will be considered voiding the licenses of a
package as whole.

> > > Rather than submit every possible license to legal to see whether or not
> > > they would advice us to include the text or not, I proposed to the
> > > Fedora Extras Steering Committee (FESCO) that we keep the guideline as
> > > it is, and require all licenses used in a package to be included in text
> > > format, as %doc, in the %files section of that package. The proposal
> > > passed.
> > This is impracticable, because 
> > a) Licensing of sources doesn't necessarily have to match with licenses
> > of binaries.
> 
> I'm not really sure how you'd achieve this.

Ask Jeff Johnston <jjohnstn at redhat.com> and/or RH legal. Newlib is
maintained and hosted by RH.

AFACT, the trick is:

Newlib contains GPL'ed code in independent sub-packages, which is only
used in certain configurations. In these configurations, the resulting
binaries are GPL'ed, in all other cases, the resulting binaries do not
use the [L]GPL'ed code, therefore the resulting binaries are not covered
by the GPL.

>  And even if you did, you
> could include the text of the "before" and "after" licenses in %doc.
>
> > b) There exist packages, where almost each source file carries a license
> > of its own.
> > 
> > As an exercise, I'd recommend you trying to package a Fedora->Cygwin
> > cross toolchain. Binutils are GPL'ed, GCC is GPL'ed with exceptions,
> > Cygwin libs are GPL'ed, newlib binaries are "BSD-like" with several
> > dozens of different licenses, newlib sources are GPL'ed.
> 
> This simply involves multiple files in %doc.

I guess you are aware about the number of varieties of BSD'sh licenses?

>  Never said it was pretty in
> the worst corner case, but its by no means impossible.
The extremal case would be to copy the source tree, were a
"BSD-compatible" would be sufficient otherwise.

Not unlikely to happen with BSD derived code.

> > > This is MUST item number 7 in the Things To Check On Review section in
> > > the PackageReviewGuidelines:
> > > http://fedoraproject.org/wiki/PackageReviewGuidelines#head-05a78c7ca440544397657679f87fbdbd84d9be28
> > > 
> > > This is not optional, this is the direction we're taking based on review
> > > with Red Hat Legal.
> > > 
> > > Fedora Core packagers: I don't have control over how you make your
> > > packages (yet!) but you should also strongly consider doing this. 
> > Let me put it this way:
> > 
> > If this legal requirement is as important as you seem to regard it, it
> > would be legally grossly negligible to RH not to update their packages,
> > ASAP.
> > 
> > However, as RH, other Linux distributors and package vendors ship their
> > packages without it for > 10 years, I am having strong doubts on FESCO
> > decision rsp. RH-legal's advice and its importance.
> 
> Your doubts are duly noted, but Red Hat legal advised us to take this
> course of action, it was discussed by FESCO (not just me), and it was
> decided as a must.

Then let me put it a bit stronger: I think Red Hat Legal is in error and
FESCO is not qualified to decide on this (Neither am I).

Let me ask differently: Is FESCO or RH taking liability on consequences
of this decision?

> Basically, Red Hat wants us to cover all the bases legally in Extras,
> and we're going to do it, even if it could end up being unnecessary in
> the long run. As to whether it will happen in Core, I have no idea, and
> no control over that whatsoever.
> 
> If you (or anyone) comes across any complicated or difficult to decide
> cases of licensing, then we'll deal with those cases at that time.

For the moment, I have decided to suspend all Fedora activities, because
all this seems way to risky to me.

Ralf

More information about the Fedora-maintainers mailing list