[Fedora-packaging] Licensing guidelines suggestions

Tom "spot" Callaway tcallawa at redhat.com
Mon Aug 6 20:48:07 UTC 2007

On Mon, 2007-08-06 at 23:05 +0300, Ville Skyttä wrote:
> Hello,
> Here's a few notes/questions that IMO need to be addressed in the new 
> licensing guidelines in Wiki.  IANAL, etc, but anyway, something for near 
> future FPC meetings (which I still probably won't be able to attend to for a 
> couple of weeks):
> 1) The licensing pages strongly imply that OSI-approved licenses are ok.  
> However for example the original Artistic license is OSI-approved but listed 
> in Wiki page as "bad".  Something needs real fixing - "ask upstream to move 
> to a "good" Artistic license" is IMO just a band aid.
> http://fedoraproject.org/wiki/Licensing
> http://www.opensource.org/licenses/artistic-license.php

I think we're going to need the Fedora Board to decide this. Its a
little outside of our jurisdiction, unfortunately.

> 2) The Wiki pages refer to "files" and "content" without specifying whether 
> those refer to files/content in the source rpm, the resulting binary rpms, or 
> both.
> Example case: an upstream source tarball contains source files under let's say 
> BSD, LGPLv2.1+ and GPLv2+ licenses.  That would mean that let's say a binary 
> built from all those would fall under GPLv2+.  Specifying GPLv2+ as the 
> License tag would be misrepresenting the copyrights of the files in the 
> source rpm that carry BSD and LGPLv2.1+ notices.  Specifying "BSD and 
> LGPLv2.1+ and GPLv2+" would be misrepresenting the copyright of the combined 
> work in the resulting binary.

My interpretation is that the License: tag represents the
license/copyright on the bits in the binary rpm.

Again, keep in mind that the License: tag is not legally binding, so its
more of a helpful tool for initial auditing, and not much more.

> 3) Source licenses are not the only thing that affect the distributables' 
> copyrights.  For example when something is built from let's say LGPLv2+ 
> sources but linked with a GPLv2+ library, the resulting binary will be 
> GPLv2+, while the sources are still LGPLv2+ (unless their embedded copyright 
> notices are changed to GPLv2+, but that can't be done for many *GPL 
> licenses).
> Suggested combined fix for 2) and 3) above: change the licensing guidelines to 
> prominently note something like that the value of the License tag represents 
> the copyright/license info of binary packages only, and only when built in 
> the configuration specified by the Fedora build system, build 
> dependencies/conflicts in the specfile, and no non-Fedora software installed 
> that will affect the build in any way.  Source rpms' copyrights are 
> determined by the sources and other content included in them.

This seems fine to me. I'll work on drafting a change for vote.


More information about the Fedora-packaging mailing list