Erik Williamson wrote 2003-10-02
I inquired about what would happen if one was to (after one year) simply get the SRPMS that are released as updates, compile and redistribute to existing machines... but that's a no-no.
And what would happen if (after one year) one downloads the update SRPMS to existing machines and compiles independently the same packages in everyone of them?
Thanks Erik,
Miguel
_________________________________________________________________ Instant message in style with MSN Messenger 6.0. Download it now FREE! http://msnmessenger-download.com
On Thu, 2003-10-02 at 20:34, Miguel M wrote:
Erik Williamson wrote 2003-10-02
I inquired about what would happen if one was to (after one year) simply get the SRPMS that are released as updates, compile and redistribute to existing machines... but that's a no-no.
And what would happen if (after one year) one downloads the update SRPMS to existing machines and compiles independently the same packages in everyone of them?
I've been staying out of this one, but I will clear this up. You're free to do whatever you want with the SRPMS. Distributing the binary updates that Red Hat delivers for RHEL is a no-no, but you can make your own binaries from the SRPMS and build a pirate ship out of them if it makes you happy.
We don't have to do this (SuSE doesn't do this for SLES). We're just that nice. :)
~spot --- Tom "spot" Callaway <tcallawa(a)redhat*com> LCA, RHCE Red Hat Sales Engineer || Aurora SPARC Linux Project Leader
"The author's mathematical treatment of the conception of purpose is novel and highly ingenious, but heretical and, so far as the present social order is concerned, dangerous and potentially subversive. Not to be published." -- Aldous Huxley
On Thu, 2003-10-02 at 19:34, Miguel M wrote:
Erik Williamson wrote 2003-10-02
I inquired about what would happen if one was to (after one year) simply get the SRPMS that are released as updates, compile and redistribute to existing machines... but that's a no-no.
And what would happen if (after one year) one downloads the update SRPMS to existing machines and compiles independently the same packages in everyone of them?
It doesn't matter either way. The SRPMS are covered by the GPL. The SRPMS are available on the ftpsite. The RHN/Service you pay for is support service and access to *binaries* of the updates. There is nothing RH can do if you download a SRPM of a GPLed program and then put it on other machines, built or not.
On Thu, 2003-10-02 at 19:39, Tom 'spot' Callaway wrote:
On Thu, 2003-10-02 at 20:34, Miguel M wrote:
Erik Williamson wrote 2003-10-02
I inquired about what would happen if one was to (after one year) simply get the SRPMS that are released as updates, compile and redistribute to existing machines... but that's a no-no.
And what would happen if (after one year) one downloads the update SRPMS to existing machines and compiles independently the same packages in everyone of them?
I've been staying out of this one, but I will clear this up. You're free to do whatever you want with the SRPMS. Distributing the binary updates that Red Hat delivers for RHEL is a no-no, but you can make your own binaries from the SRPMS and build a pirate ship out of them if it makes you happy.
<the whirring sound of a can opener is heard> If the binary is GPL, really I don't see how you stop that from being redistributed either. That is an additional encumbrance not compatible with the GPL.
We don't have to do this (SuSE doesn't do this for SLES). We're just that nice. :)
Nope, you don't have to. But I am glad you do. :)
Bill Anderson wrote:
It doesn't matter either way. The SRPMS are covered by the GPL. The SRPMS are available on the ftpsite. The RHN/Service you pay for is support service and access to *binaries* of the updates. There is nothing RH can do if you download a SRPM of a GPLed program and then put it on other machines, built or not.
This document http://www.linuxmafia.com/~rick/linux-info/rhel-isos has more information about RHEL license, ISO images, ... Maybe should be created a RHEL FAQ FUD ;-)
On Thu, 2003-10-02 at 19:54, Xose Vazquez Perez wrote:
Bill Anderson wrote:
It doesn't matter either way. The SRPMS are covered by the GPL. The SRPMS are available on the ftpsite. The RHN/Service you pay for is support service and access to *binaries* of the updates. There is nothing RH can do if you download a SRPM of a GPLed program and then put it on other machines, built or not.
This document http://www.linuxmafia.com/~rick/linux-info/rhel-isos has more information about RHEL license, ISO images, ... Maybe should be created a RHEL FAQ FUD ;-)
Other than being flat out wrong on an item or two, it looks decent.
[ Thought ] Does anyone else feel like this is... dodgy? I want my site to be running RHEL as much as the next. But if we can't pay for it, we can't, and we'll find some other way to do it. I *know* that all of their work is covered by the GPL. But I feel that RedHat has paid their dues, and deserves to make money. It's just too bad that it can't be a bit more affordable.
[ Rant ] It looks like my department is jumping ship; they just won't cough up for it. Which sucks, as I see lots of profs wondering how to blow the rest of their grant money and spending it on useless crap. Grrrr. I could put that to good use.
Meh.
On Thu, 2003-10-02 at 19:45, Bill Anderson wrote:
<the whirring sound of a can opener is heard> If the binary is GPL, really I don't see how you stop that from being redistributed either. That is an additional encumbrance not compatible with the GPL.
Join the group of people who have asked the FSF opinion on this, doing anything else is just wasting electrons..
The only legal reading I have heard of it (not from RH) was that the GPL only really covers that a binary given will be given source code. It doesnt say that a person cant put addition restrictions on the binary.. only that it cant put restrictions on the distribution of the source code.
Quoting Stephen Smoogen smoogen@lanl.gov:
The only legal reading I have heard of it (not from RH) was that the GPL only really covers that a binary given will be given source code.
Or the "source code is made available" in some manner.
It doesnt say that a person cant put addition restrictions on the binary.. only that it cant put restrictions on the distribution of the source code.
Correct. But it doesn't guarantee you won't be charged for it either. But once you _do_ get it, there is no restrictions on it.
On Thursday, October 2, 2003, at 06:39 PM, Tom 'spot' Callaway wrote:
I've been staying out of this one, but I will clear this up. You're free to do whatever you want with the SRPMS. Distributing the binary updates that Red Hat delivers for RHEL is a no-no, but you can make your own binaries from the SRPMS and build a pirate ship out of them if it makes you happy.
We don't have to do this (SuSE doesn't do this for SLES). We're just that nice. :)
If you're just doing this to be nice, and SuSE "is not nice", how does SuSE publish the source files for the packages it uses? I believe this is a requirement of the GPL.
If you publish a product (sell it, whatever) where any portion of it uses GPL code, you must make freely available the full source of your product. I doubt that freely available means if you ask really nicely someone in Europe will send a CD.
I dont see how you "dont have to" do this. Your packages are often made according to rules listed in GPL'd spec files, which means you would have to publish those as well. There doesn't seem to be anything in a SRPM that you are not legally required to disclose under GPL.
Federico
Rocks Cluster Group, San Diego Supercomputing Center, CA
As I have been reading it and seeing it interpreted, someone can create a software package containing both proprietary and open source code. There are restrictions on how to keep the proprietary from becoming open source but if a product contains proprietary information, the source code to that information does not have to be distributed but the open source source code must be distributed EXACTLY as it was used in the compiled binary. On is not permitted to create a program and deliver modified source code for it. Therefore a binary distribution could be restricted without question.
If 100% of the code and project were open source, the person who compiles it can distribute that compile, ever if it were exactly the same and therefore negate the "no distribution" clause. Proprietary components such as trademarks and graphics appear to be enough to allow for a no-distribution and force a would-be cloner to make code changes to redistribute the package under a different name.
If I remember what I read correctly, Red Hat allows the trademarks and graphics from Fedora to be distributed with the binary IF there is no alteration from the original. If the code is changed or re-compiled, then the copy has to be stripped of all of the trademarks and whatever graphics are proprietary.
Buck
-----Original Message----- From: fedora-list-admin@redhat.com [mailto:fedora-list-admin@redhat.com] On Behalf Of Stephen Smoogen Sent: Friday, October 03, 2003 12:15 PM To: fedora-list@redhat.com Subject: Re: Fedora and the System Administrator
On Thu, 2003-10-02 at 19:45, Bill Anderson wrote:
<the whirring sound of a can opener is heard> If the binary is GPL, really I don't see how you stop that from being redistributed either. That is an additional encumbrance not compatible
with the GPL.
Join the group of people who have asked the FSF opinion on this, doing anything else is just wasting electrons..
The only legal reading I have heard of it (not from RH) was that the GPL only really covers that a binary given will be given source code. It doesnt say that a person cant put addition restrictions on the binary.. only that it cant put restrictions on the distribution of the source code.
Federico Sacerdoti wrote:
If you're just doing this to be nice, and SuSE "is not nice", how does SuSE publish the source files for the packages it uses? I believe this is a requirement of the GPL.
If you publish a product (sell it, whatever) where any portion of it uses GPL code, you must make freely available the full source of your product. I doubt that freely available means if you ask really nicely someone in Europe will send a CD.
I dont see how you "dont have to" do this. Your packages are often made according to rules listed in GPL'd spec files, which means you would have to publish those as well. There doesn't seem to be anything in a SRPM that you are not legally required to disclose under GPL.
GPL says nothing about putting it on the NET.
1)"..You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee."
3a) "..which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange.."
SuSE only has released United 1.0 sources at ftp://ftp.suse.com/pub/unitedlinux/1.0/src/ but no updates. Neither public sources nor binaries, only to his customers.
Buck wrote:
As I have been reading it and seeing it interpreted, someone can create a software package containing both proprietary and open source code.
GPL is very clear: let's go to read http://www.gnu.org/licenses/gpl.html
On Friday, October 3, 2003, at 11:22 AM, Xose Vazquez Perez wrote:
If you publish a product (sell it, whatever) where any portion of it uses GPL code, you must make freely available the full source of your product. I doubt that freely available means if you ask really nicely someone in Europe will send a CD.
I dont see how you "dont have to" do this. Your packages are often made according to rules listed in GPL'd spec files, which means you would have to publish those as well. There doesn't seem to be anything in a SRPM that you are not legally required to disclose under GPL.
GPL says nothing about putting it on the NET.
1)"..You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee."
3a) "..which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange.."
I could reliably argue that this (3a) means the Internet. A vast majority of software in our realm is distributed this way, etc.
Also, an argument could also be made that the source must be available over the same medium as the binaries. If you distribute your binary via the Internet, the source must also be available over the Internet. Otherwise, you are making the source "more difficult" to get in some sense, and are violating 3a) almost by definition.
Federico
Rocks Cluster Group, San Diego Supercomputing Center, CA
Federico Sacerdoti wrote:
I could reliably argue that this (3a) means the Internet. A vast majority of software in our realm is distributed this way, etc. Also, an argument could also be made that the source must be available over the same medium as the binaries. If you distribute your binary via the Internet, the source must also be available over the Internet. Otherwise, you are making the source "more difficult" to get in some sense, and are violating 3a) almost by definition.
We were talking about Enterprise distributions. Neither RHEL nor United Linux binaries or ISO were distributed freely over the NET.
On Friday, October 3, 2003, at 11:37 AM, Xose Vazquez Perez wrote:
Federico Sacerdoti wrote:
I could reliably argue that this (3a) means the Internet. A vast majority of software in our realm is distributed this way, etc. Also, an argument could also be made that the source must be available over the same medium as the binaries. If you distribute your binary via the Internet, the source must also be available over the Internet. Otherwise, you are making the source "more difficult" to get in some sense, and are violating 3a) almost by definition.
We were talking about Enterprise distributions. Neither RHEL nor United Linux binaries or ISO were distributed freely over the NET.
We are talking in general terms about the GPL and its requirements. I agree that some RedHat products are not available over the Internet.
Federico
Rocks Cluster Group, San Diego Supercomputing Center, CA
Quoting Xose Vazquez Perez xose@wanadoo.es:
SuSE only has released United 1.0 sources at ftp://ftp.suse.com/pub/unitedlinux/1.0/src/ but no updates. Neither public sources nor binaries, only to his customers.
While you are very correct, I think there is something else that is not considered.
You _can_ bundle GPL and non-GPL software together, even non-GPL "compatible" software. You just can't have GPL software rely on non-GPL "compatible" software (except for the system-level exception).
In the case of a distro, you do _not_ need YaST to run the software. Yes, it makes it a pain to support (let alone install). And you are _free_ to take all the 100% redistributable components off the SuSE distro.
But make no mistake, SuSE does _not_ release a CD image that is 100% freely redistributable. Many components have _strict_ redistribution requirements.
In the case of Red Hat, this is _only_ its trademarks (which is for support reasons). But Red Hat _does_ make it semi-easy to remove them via Anaconda, and I assume Fedora will make this even easier.
I much prefer Red Hat's strategy.
On Oct 3, 2003, Federico Sacerdoti fds@sdsc.edu wrote:
3a) "..which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange.."
I could reliably argue that this (3a) means the Internet.
IANAL, but IMHO you're be arguing wrong. It can be any medium customarily used for software interchange. As cheating as it might sound, I don't think there's anything wrong with `you get the binaries on CD, and the sources in a pile of 500 floppy disks' :-) Heck, even downloading the binaries from the net without offering the sources for download would be legitimate, as long as the pile of 500 floppy disks would be shipped to any third party who demanded them.
I don't see it as different if the sources come only in a DVD, while binaries come in CD. DVDs are customarily used for software interchange these days, aren't they? But what if I don't have a DVD player? The GPL doesn't have to be convenient for me, just like it doesn't have to be inconvenient to the distributor.
Otherwise, you are making the source "more difficult" to get in some sense, and are violating 3a) almost by definition.
The thing to keep in mind is that downloading being easier for you doesn't make it easier for everybody. Those behind slow network connections, or paying for the amount of traffic, or even without a network connection, could be not-exactly-pleased if the only way they could get the sources is by downloading them.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 3 Oct 2003 11:13:21 -0700, Federico Sacerdoti wrote:
If you publish a product (sell it, whatever) where any portion of it uses GPL code, you must make freely available the full source of your product.
You must make available the source code _only_ to the party which gets the binary portion. In Red Hat's case that are RHEL customers.
- -- Michael, who doesn't reply to top posts and complete quotes anymore.
Quoting Michael Schwendt ms-nospam-0306@arcor.de:
You must make available the source code _only_ to the party which gets the binary portion. In Red Hat's case that are RHEL customers.
*BUT* there are _no_ restrictions on RHEL customers sharing any GPL code with anyone else without restriction (other than those of the GPL).
But Red Hat puts all RHEL GPL code in SRPMS on its site.
Michael, who doesn't reply to top posts and complete quotes anymore.
Ye'olde UseNet guy concurs. I use the O'Reilly guidelines.
On Oct 3, 2003, Michael Schwendt ms-nospam-0306@arcor.de wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Bryan J. Smith wrote:
*BUT* there are _no_ restrictions on RHEL customers sharing any GPL code with
^^^^^^^^^^^^ Red Hat, EL or Linux, bring source code under GPL or BSD or Xfree or others OSI licenses. But binary code, ISO images, Red Hat logos, and the *Red Hat(TM)* do not are under those licenses, instead -> http://www.redhat.com/licenses/rhel_us_2-1.html?country=United+States&
On Fri, 2003-10-03 at 10:15, Stephen Smoogen wrote:
On Thu, 2003-10-02 at 19:45, Bill Anderson wrote:
<the whirring sound of a can opener is heard> If the binary is GPL, really I don't see how you stop that from being redistributed either. That is an additional encumbrance not compatible with the GPL.
Join the group of people who have asked the FSF opinion on this, doing anything else is just wasting electrons..
The only legal reading I have heard of it (not from RH) was that the GPL only really covers that a binary given will be given source code. It doesnt say that a person cant put addition restrictions on the binary.. only that it cant put restrictions on the distribution of the source code.
Section 3 says that Sections 1 and 2 apply to" object or executable code" distribution. Also a Binary is a "work based on the Program". Thus, it applies. In particular to this thread: Section 6.
On Fri, 2003-10-03 at 12:54, Federico Sacerdoti wrote:
On Friday, October 3, 2003, at 11:37 AM, Xose Vazquez Perez wrote:
Federico Sacerdoti wrote:
I could reliably argue that this (3a) means the Internet. A vast majority of software in our realm is distributed this way, etc. Also, an argument could also be made that the source must be available over the same medium as the binaries. If you distribute your binary via the Internet, the source must also be available over the Internet. Otherwise, you are making the source "more difficult" to get in some sense, and are violating 3a) almost by definition.
We were talking about Enterprise distributions. Neither RHEL nor United Linux binaries or ISO were distributed freely over the NET.
We are talking in general terms about the GPL and its requirements. I agree that some RedHat products are not available over the Internet.
No, we are talking about products you can not download freely on the net.
However, even by your invalid assertion, you are still incorrect. The GPL only requires ONE of the following: """ a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) """
So you see, there is: a) no requirement that you put the sources on the net. b) No requirement you makes sources available to people you didn't distribute it to.
That is why RH putting the SRPMS on the ftp site is beyond the call required by the GPL.
SuSE and RH distributions include the source on CD/DVD (a "medium customarily used for software exchange"), thus they meet that requirement of the GPL.
As to the question of whether the spec file is covered by the GPL, yes it is. The GPL requires the scripts/files/etc/ used to build the binary, as noted in Section 3: "the scripts used to control compilation and installation of the executable".
To put it plainly, if I modify a GPLed work, and give it to my wife, you have no right to the modified source code or the program. Period. I did not distribute it to you. Thus, unless you get a copy of RHEL or SLES, you have no rights to the source for it/them. Period. Even if you wrote the original GPLed code.
On Fri, 2003-10-03 at 14:24, Alexandre Oliva wrote:
On Oct 3, 2003, Michael Schwendt ms-nospam-0306@arcor.de wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 03 Oct 2003 20:27:05 +0200, Xose Vazquez Perez wrote:
Buck wrote:
As I have been reading it and seeing it interpreted, someone can create a software package containing both proprietary and open source code.
GPL is very clear: let's go to read http://www.gnu.org/licenses/gpl.html
Be sure to read the FAQ.
The GPL alone is not that clear with regard to "combining" proprietary software with GPL'ed programs, e.g. whether a plug-in interface to the open source part is enough to separate it from the proprietary part. There are different opinions on that.
- -- Michael, who doesn't reply to top posts and complete quotes anymore.
RTFL.
3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)
On Fri, 2003-10-03 at 15:08, Bill Anderson wrote:
On Fri, 2003-10-03 at 14:24, Alexandre Oliva wrote:
On Oct 3, 2003, Michael Schwendt ms-nospam-0306@arcor.de wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03 Oct 2003 15:08:20 -0600, Bill Anderson wrote:
On Fri, 2003-10-03 at 14:24, Alexandre Oliva wrote:
On Oct 3, 2003, Michael Schwendt ms-nospam-0306@arcor.de wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
http://www.gnu.org/licenses/gpl-faq.html#WhatDoesWrittenOfferValid
- --
On Fri, 2003-10-03 at 16:42, Michael Schwendt wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03 Oct 2003 15:08:20 -0600, Bill Anderson wrote:
On Fri, 2003-10-03 at 14:24, Alexandre Oliva wrote:
On Oct 3, 2003, Michael Schwendt ms-nospam-0306@arcor.de wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
http://www.gnu.org/licenses/gpl-faq.html#WhatDoesWrittenOfferValid
That is not in accordance with what was claimed. Note that the reference indicates parties who received a copy of the work. If I ship you a binary, and you give that binary to George, George has the rights because they go with the distribution. However, Joe, who does not have a copy, has no rights to the source. Period. Read it.
Speciifcally the last sentence: "The reason we require the offer to be valid for any third party is so that people who receive the binaries indirectly in that way can order the source code from you."
Note, again, that is is only for those with the binaries. Why? becuase the offer for source is transferred with the binaries. So, again, RH is only required to provide the source to those with binaries. Further, an offer for source is only one option. If you distribute source with the binaries *AS REDHAT DOES*, then there is no offer to be transferred, Indeed, at that point whomever distributed the binaries only is the responsible party for providing sources.
The devil is in the details, folks.
On Fri, 2003-10-03 at 16:31, Stephen Smoogen wrote:
RTFL.
I have, and I can see that you must do ONE of those three options. That is what "one of" and "or" means. It is not "AND".
I've also done a step better and read the FAQ: """ What does this "written offer valid for any third party" mean? Does that mean everyone in the world can get the source to any GPL'ed program no matter what? "Valid for any third party" means that anyone who has the offer is entitled to take you up on it.
If you commercially distribute binaries not accompanied with source code, the GPL says you must provide a written offer to distribute the source code later. When users non-commercially redistribute the binaries they received from you, they must pass along a copy of this written offer. This means that people who did not get the binaries directly from you can still receive copies of the source code, along with the written offer.
The reason we require the offer to be valid for any third party is so that people who receive the binaries indirectly in that way can order the source code from you. """
Which stands in opposition to the claim. As I stated, only those who have the binaries, those whom the work has been distrrbuted to, have a right to the source. Period.
Further, it is my understanding that RGEL comes with the source on CD, thus eliminating the whole application of the clause anyway. I'm sure if I am wrong on that, someone will correct me.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Still waiting for someone to show where RH must put the SRPMs available on the web for *anyone* and *everyone*. Fortunately, I'm not holding my breath.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03 Oct 2003 16:48:19 -0600, Bill Anderson wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
http://www.gnu.org/licenses/gpl-faq.html#WhatDoesWrittenOfferValid
That is not in accordance with what was claimed. Note that the reference indicates parties who received a copy of the work.
That is what I referred to with what is quoted at the top. When I ship only binaries to a person, the duty to make available the source code is not transferred to the person. That's the purpose of the written offer.
- -- Michael, who doesn't reply to top posts and complete quotes anymore.
On Fri, 2003-10-03 at 17:05, Michael Schwendt wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03 Oct 2003 16:48:19 -0600, Bill Anderson wrote:
You must make available the source code _only_ to the party which gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
http://www.gnu.org/licenses/gpl-faq.html#WhatDoesWrittenOfferValid
That is not in accordance with what was claimed. Note that the reference indicates parties who received a copy of the work.
That is what I referred to with what is quoted at the top. When I ship only binaries to a person, the duty to make available the source code is not transferred to the person. That's the purpose of the written offer.
But the offer is to a person who *receives the work*, not just *anyone*. RH is making the source available to people who have *not* received the binaries. That's what started this. As the FAQ says, the clause is intended to say that of A gives B binaries, and the offer to source code, then B gives the binaries to C, then C has an offer that A has to honor. D who has received no binaries has no such right,
On Oct 3, 2003, Bill Anderson bill@noreboots.com wrote:
Cite please.
On Oct 3, 2003, Stephen Smoogen smoogen@lanl.gov wrote:
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your
^^^^^^^^^^^^^^^^^^^^^^^
On Oct 3, 2003, Bill Anderson bill@noreboots.com wrote:
I have, and I can see that you must do ONE of those three options. That is what "one of" and "or" means. It is not "AND".
On Fri, 2003-10-03 at 14:24, Alexandre Oliva wrote:
Unless you ship only the binaries, in which case they must accompany a
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
written offer to provide the sources to any third party.
If you ship only the binaries, it's not (a), so it has to be (b) or (c), and (c) requires (b) to have happened before.
On Oct 3, 2003, Bill Anderson bill@noreboots.com wrote:
That is why RH putting the SRPMS on the ftp site is beyond the call required by the GPL.
Correct. If Red Hat ever shipped the GPL components of RHEL without the sources, putting the sources up for free download and adding a note to the binaries with the location of the sources would be a way to satisfy (b), as long as the sources remain there for at least 3 years from the last date of a source-less distribution. I suppose Red Hat might even charge for the bandwidth and disk space, as the cost of performing the copy. But since Red Hat includes the sources in the RHEL package, making the source code available for free download is definitely beyond the requirements of the GNU GPL.
To put it plainly, if I modify a GPLed work, and give it to my wife, you have no right to the modified source code or the program. Period.
If you only give binaries to your wife, they must accompany the written offer (b). If your wife gives these binaries it to someone else, she must ask you for the sources and provide an offer of her own (b), or use your own offer (c) as long as she's not distributing it commercially. Then, this other person can do the same, and, if your written offer gets to me, I'm entitled to demand the sources from you, per (b).
When you don't want the obligation of to provide sources to any third party, you're probably better off with (a). This obviously doesn't stop any third party from getting the sources, but at least they can't demand it from you, so you're free to delete the sources and binaries as soon as they're no longer relevant for you. With (b), you have to keep them around for at least 3 years.
#include <stdIANAL>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03 Oct 2003 19:28:12 -0600, Bill Anderson wrote:
On Fri, 2003-10-03 at 17:05, Michael Schwendt wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03 Oct 2003 16:48:19 -0600, Bill Anderson wrote:
> You must make available the source code _only_ to the party which > gets the binary portion.
Unless you ship only the binaries, in which case they must accompany a written offer to provide the sources to any third party.
Cite please.
http://www.gnu.org/licenses/gpl-faq.html#WhatDoesWrittenOfferValid
That is not in accordance with what was claimed. Note that the reference indicates parties who received a copy of the work.
That is what I referred to with what is quoted at the top. When I ship only binaries to a person, the duty to make available the source code is not transferred to the person. That's the purpose of the written offer.
But the offer is to a person who *receives the work*, not just *anyone*.
Bill, I've left the quote complete, but you can look up my initial comment here in its entirety:
http://www.redhat.com/archives/fedora-list/2003-October/msg00189.html
Extend it to your liking with specific scenarios such as A gives binary to B and examples like that, if you feel it's necessary.
Any third party can request the source code when it receives the binaries (!) and the written offer to receive source code. If Alexandre Oliva meant something different, it would endanger the model of commercial/licenced GPL'ed software, since anyone could request the source code without aquiring the commercial product in a legal way.
Needless to say, someone, who would acquire commercial/licenced GPL'ed product and then would make available the source code in a public place, is a problem.
- --
Am Fre, 2003-10-03 um 03.43 schrieb Bill Anderson:
On Thu, 2003-10-02 at 19:34, Miguel M wrote:
Erik Williamson wrote 2003-10-02
I inquired about what would happen if one was to (after one year) simply get the SRPMS that are released as updates, compile and redistribute to existing machines... but that's a no-no.
And what would happen if (after one year) one downloads the update SRPMS to existing machines and compiles independently the same packages in everyone of them?
I'm a little bit puzzled about that long lasting discussion here. The GPL is intended to protect freedom of information about software and software technologies, it is intended to protect free access to those technologies. But the GPL is not intended to protect someone, who lets others work hard and spend a lot of money (here: RH's enterprise version), picking up that work for his own profit only. The GPL may not forbid such an behaviour (in favour to protect freedom) but it's not the intended course of action in general.
And that discussion will not resolve the causes for this discussion. Nobody would discuss recompiling and redistribution of the RHEL SRPMS to that extent if there wouldn't be that gap between Fedora and the enterprise line (in terms of period of time for maintenance, stability and time) which lets small and medium businisses staying in the dust (or at least they feel so). Maybe the discussion is needed to convince people at Red Hat that the gap does really existst.
Peter
It doesn't matter either way. The SRPMS are covered by the GPL. The SRPMS are available on the ftpsite. The RHN/Service you pay for is support service and access to *binaries* of the updates. There is nothing RH can do if you download a SRPM of a GPLed program and then put it on other machines, built or not.
While it may appear that Red Hat's decision to drop those of us in the gap was an oversight, I am sure that management there gave it great thought. Our town went thru almost a transformation with masses of mergers and businesses changing the way they do business. In many cases, I had a relationship with someone in management or someone who did. In each case the management of those businesses weighed the affect it would have on their customer base. Many times I heard where the business expected to lose 15% of their business, or 25% of their customers or 10% of their profits due to the changes. But they also estimated a time of recovery and a level of growth over a 5 year period that would put them in a much better market position then compared to what they would have if they didn't make the changes.
I don't think Red Hat made this decision without considering both the costs and the benefits. They would have to be total idiots to realize that they left this gap (in which I reside). Just like some of the decisions made by local businesses here, Red Hat will most probably lose me as a customer, not in protest or in anger, but because it would be a bad business decision for me to stick with them at this time.
Many of you have been loyal to Red Hat and yet you are now without. But where should Red Hat place their focus? If more than 50% of their customer base provides less than 50% of their income, they should turn their attention towards the market of the lesser percent customer base and larger percent income (probably profit is a better word here.) I have no doubt that is what they have done. Those of us Gap-ites just need to seek an alternative solution to our problems. It's not like we have a lot of choice here.
Note to Peter Boy: Sorry, this started out as a friendly comment to the remark about "the gap does really existst" and it turned into a vent. Don't take it personal or be upset.
Thanks, Buck
-----Original Message----- From: fedora-list-admin@redhat.com [mailto:fedora-list-admin@redhat.com] On Behalf Of Peter Boy Sent: Saturday, October 04, 2003 3:21 AM To: fedora-list@redhat.com Subject: Re: Fedora and the System Administrator
Am Fre, 2003-10-03 um 03.43 schrieb Bill Anderson:
On Thu, 2003-10-02 at 19:34, Miguel M wrote:
Erik Williamson wrote 2003-10-02
I inquired about what would happen if one was to (after one year) simply get the SRPMS that are released as updates, compile and
redistribute to
existing machines... but that's a no-no.
And what would happen if (after one year) one downloads the update SRPMS to existing machines and compiles independently the
same packages in everyone of them?
I'm a little bit puzzled about that long lasting discussion here. The GPL is intended to protect freedom of information about software and software technologies, it is intended to protect free access to those technologies. But the GPL is not intended to protect someone, who lets others work hard and spend a lot of money (here: RH's enterprise version), picking up that work for his own profit only. The GPL may not forbid such an behaviour (in favour to protect freedom) but it's not the intended course of action in general.
And that discussion will not resolve the causes for this discussion. Nobody would discuss recompiling and redistribution of the RHEL SRPMS to that extent if there wouldn't be that gap between Fedora and the enterprise line (in terms of period of time for maintenance, stability and time) which lets small and medium businisses staying in the dust (or at least they feel so). Maybe the discussion is needed to convince people at Red Hat that the gap does really existst.
Peter
It doesn't matter either way. The SRPMS are covered by the GPL. The SRPMS are available on the ftpsite. The RHN/Service you pay for is support service and access to *binaries* of the updates. There is nothing RH can do if you download a SRPM of a GPLed program and then put it on other machines, built or not.
-- fedora-list mailing list fedora-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-list
On Fri, 2003-10-03 at 21:19, Alexandre Oliva wrote:
On Oct 3, 2003, Bill Anderson bill@noreboots.com wrote:
That is why RH putting the SRPMS on the ftp site is beyond the call required by the GPL.
...
But since Red Hat includes the sources in the RHEL package, making the source code available for free download is definitely beyond the requirements of the GNU GPL.
Right. See, we do agree. :)
To put it plainly, if I modify a GPLed work, and give it to my wife, you have no right to the modified source code or the program. Period.
If you only give binaries to your wife, they must accompany the written offer (b). If your wife gives these binaries it to someone else, she must ask you for the sources and provide an offer of her own (b), or use your own offer (c) as long as she's not distributing it commercially. Then, this other person can do the same, and, if your written offer gets to me, I'm entitled to demand the sources from you, per (b).
Right, but since that offer *ONLY* accompanies the binaries, until it is distributed to you, you have no right or entitlement to demand the sources. That's what I've been saying. If you do not have the binaries that RH distributes as RHEL, you have no right to the sources, thus they do not have to put them on FTP for the world, regardless of whether or not the binary distribution contains sources.
When you don't want the obligation of to provide sources to any third party, you're probably better off with (a). This obviously doesn't
No, see above. "Any third party" is one that has received the binaries. Period.
From the FAQ:
""" I just found out that a company has a copy of a GPL'ed program, and it costs money to get it. Aren't they violating the GPL by not making it available on the Internet? No. The GPL does not require anyone to use the Internet for distribution. It also does not require anyone in particular to redistribute the program. And (outside of one special case), even if someone does decide to redistribute the program sometimes, **the GPL doesn't say he has to distribute a copy to you in particular, or any other person in particular**.
What the GPL requires is that he must have the freedom to distribute a copy to you if he wishes to. Once the copyright holder does distribute a copy program to someone, that someone can then redistribute the program to you, or to anyone else, as he sees fit. """ (emphasis added)
Note the first paragraph. MY original and current assertion is that only people who have received the binaries are entitled to the source. If you look, you've partly said the same thing. :)
Again, the FAQ also addresses the clause you refer to, and says what I've been saying; that only those who have the binaries have a right to the sources under the GPL.
On Fri, 2003-10-03 at 21:07, Alexandre Oliva wrote:
On Oct 3, 2003, Bill Anderson bill@noreboots.com wrote:
Cite please.
On Oct 3, 2003, Stephen Smoogen smoogen@lanl.gov wrote:
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your^^^^^^^^^^^^^^^^^^^^^^^On Oct 3, 2003, Bill Anderson bill@noreboots.com wrote:
I have, and I can see that you must do ONE of those three options. That is what "one of" and "or" means. It is not "AND".
On Fri, 2003-10-03 at 14:24, Alexandre Oliva wrote:
Unless you ship only the binaries, in which case they must accompany a
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
written offer to provide the sources to any third party.
If you ship only the binaries, it's not (a), so it has to be (b) or (c), and (c) requires (b) to have happened before.
"c" does not apply to the original distributor. To wit: """ b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) """
Note the parenthetical, and the "you received" part. That means the person who received binaries. Since RH compiles RHEL from source, "c" applies to recipients of RHEL, not RHEL.
And as three FAQ states, the "any third party" is a third party who has received the binaries, not just Joe on the Street.
The GPL is so clear the FAQ is as long as or longer than the GPL. ;)
On Oct 5, 2003, Bill Anderson bill@noreboots.com wrote:
And as three FAQ states, the "any third party" is a third party who has received the binaries, not just Joe on the Street.
Well... What if your wife (or anyone she distributed the binaries to) gave your written offer to someone else, without the binaries? :-) Wouldn't such a person still be entitled to get the sources? Or how would you tell whether s/he actually got the binaries?
Anyway... we're way off topic here :-) Better continue the discussion in private, if at all. Or maybe news:gnu.misc.discuss :-)
I noticed you are a GCC developer.
Where is the gcc compiler used to compile the latest beta of Fedora? (i.e. cat /proc/version)
Does not appear to be part of the install. I only see gcc-3.3 and gcc-2.96
Thanks, Ernest
On Sun, 2003-10-05 at 14:41, Alexandre Oliva wrote:
On Oct 5, 2003, Bill Anderson bill@noreboots.com wrote:
And as three FAQ states, the "any third party" is a third party who has received the binaries, not just Joe on the Street.
Well... What if your wife (or anyone she distributed the binaries to) gave your written offer to someone else, without the binaries? :-) Wouldn't such a person still be entitled to get the sources? Or how would you tell whether s/he actually got the binaries?
Anyway... we're way off topic here :-) Better continue the discussion in private, if at all. Or maybe news:gnu.misc.discuss :-)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05 Oct 2003 15:41:09 -0300, Alexandre Oliva wrote:
On Oct 5, 2003, Bill Anderson bill@noreboots.com wrote:
And as three FAQ states, the "any third party" is a third party who has received the binaries, not just Joe on the Street.
Well... What if your wife (or anyone she distributed the binaries to) gave your written offer to someone else, without the binaries? :-) Wouldn't such a person still be entitled to get the sources? Or how would you tell whether s/he actually got the binaries?
What if she gave away the complete product as received (not including source, but including the written offer) and the CDs, which contain the binaries, were not readable? ;)
The thing is passed on to another 3rd party. Whether complete or not, doesn't matter.
The written offer could contain a license key and a specific address [or even phone number] where to request the source code using the license key or a copy of the written offer as input. It doesn't need to be a publicly accessible ftp server with anonymous access.
- --
On Sun, 2003-10-05 at 21:01, Ernest L. Williams Jr. wrote:
I noticed you are a GCC developer.
Where is the gcc compiler used to compile the latest beta of Fedora? (i.e. cat /proc/version)
nils@gibraltar:~> rpm -q gcc32 gcc32-3.2.3-6
Does that answer your question ;-)?
Nils
Hi, I did an upgrade from RH 9.0 to Fedora. I guess it upgraded my gcc-3.2
So, what packages do I need to install from the binary CDs to get this back?
Thanks, Ernest
On Sun, 2003-10-05 at 16:26, Nils Philippsen wrote:
On Sun, 2003-10-05 at 21:01, Ernest L. Williams Jr. wrote:
I noticed you are a GCC developer.
Where is the gcc compiler used to compile the latest beta of Fedora? (i.e. cat /proc/version)
nils@gibraltar:~> rpm -q gcc32 gcc32-3.2.3-6
Does that answer your question ;-)?
Nils
On Sun, 2003-10-05 at 13:54, Michael Schwendt wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05 Oct 2003 15:41:09 -0300, Alexandre Oliva wrote:
On Oct 5, 2003, Bill Anderson bill@noreboots.com wrote:
And as three FAQ states, the "any third party" is a third party who has received the binaries, not just Joe on the Street.
Well... What if your wife (or anyone she distributed the binaries to) gave your written offer to someone else, without the binaries? :-) Wouldn't such a person still be entitled to get the sources? Or how would you tell whether s/he actually got the binaries?
What if she gave away the complete product as received (not including source, but including the written offer) and the CDs, which contain the binaries, were not readable? ;)
Read the above. The full product *is* the binaries. If she distributes it by giving it to someone she, under the GPL, is *required* to pass on the offer for source. If she doesn't pass along the offer, she violates the GPL. We are assuming she does not do so, since once someone starts doing that the comparison/question is fundamentally different. However, you are getting away from the point, very much so in fact. See below.
The thing is passed on to another 3rd party. Whether complete or not, doesn't matter.
No, the question is does someone who did *not* get the distribution have rights to the source? The answer is plainly no according to the GPL and the FAQ. In the scenario described, you do not have anything. My wife did not give the binaries to *anyone*. That is the question at hand, please do not *change* the scenario it only muddies the answer.
If you do not have the software distribution, you do not have rights to the source.
However, as was stated this has gotten way OT, so any further question should be addressed privately.
It doesn't need to be a publicly accessible ftp server with anonymous access.
Right. That's part of what was said. Red Hat makes the source to RHEL available despite *not* being required to do so by the GPL.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05 Oct 2003 14:38:40 -0600, Bill Anderson wrote:
However, as was stated this has gotten way OT, so any further question should be addressed privately.
Why should I? You have completely misunderstood my message, obviously.
And as three FAQ states, the "any third party" is a third party who has received the binaries, not just Joe on the Street.
Well... What if your wife (or anyone she distributed the binaries to) gave your written offer to someone else, without the binaries? :-) Wouldn't such a person still be entitled to get the sources? Or how would you tell whether s/he actually got the binaries?
What if she gave away the complete product as received (not including source, but including the written offer) and the CDs, which contain the binaries, were not readable? ;)
Read the above.
How about you? Did you read my comment? Did you notice the smiley at the end?
The full product *is* the binaries. If she distributes it by giving it to someone she, under the GPL, is *required* to pass on the offer for source.
The is what she does in my example.
If she doesn't pass along the offer, she violates the GPL.
But in my example she does.
We are assuming she does not do so,
She does, in my example. Same for Alexandre's example.
since once someone starts doing that the comparison/question is fundamentally different. However, you are getting away from the point, very much so in fact. See below.
The thing is passed on to another 3rd party. Whether complete or not, doesn't matter.
No, the question is does someone who did *not* get the distribution have rights to the source?
*Bzzzz* Loop. The somewhat rhetoric reply to that was, is anyone who receives only the written offer entitled to received the sources?
The answer is plainly no according to the GPL and the FAQ. In the scenario described, you do not have anything.
Wrong. In Alexandre's example I have only the written offer. In my own example I have unreadable/unusable binaries and the written offer.
- -- Michael, who doesn't reply to top posts and complete quotes anymore.
On Oct 5, 2003, "Ernest L. Williams Jr." ernesto@ornl.gov wrote:
I did an upgrade from RH 9.0 to Fedora. I guess it upgraded my gcc-3.2
Yup. Red Hat Linux 9 (there's no such thing as RH 9.0) didn't have a gcc32 package, and update wouldn't install it.
So, what packages do I need to install from the binary CDs to get this back?
Your question as already answered:
On Sun, 2003-10-05 at 16:26, Nils Philippsen wrote:
nils@gibraltar:~> rpm -q gcc32 gcc32-3.2.3-6
Does that answer your question ;-)?
On Friday, October 3, 2003, at 01:33 PM, Xose Vazquez Perez wrote:
Red Hat, EL or Linux, bring source code under GPL or BSD or Xfree or others OSI licenses. But binary code, ISO images, Red Hat logos, and the *Red Hat(TM)* do not are under those licenses, instead -> http://www.redhat.com/licenses/rhel_us_2-1.html?country=United+States&
Binary code is a "translation" of source. The compiler acts as a translator between high and low level languages: C or similar on one side, and the machine instruction set on the other. By article 0 of the GPL, this translation equates to a modification of the work and is covered by the GPL license.
I do not know if this fact has any precedence in court, but translations of works have been covered under copyright law for centuries.
I do not see how binary code can jump to a different copyright structure if it was made from GPL source.
Federico
Rocks Cluster Group, San Diego Supercomputing Center, CA
-
Alexandre Oliva -
Bill Anderson -
Bryan Smith -
Buck -
Erik Williamson -
Ernest L. Williams Jr. -
Federico Sacerdoti -
Michael Schwendt -
Miguel M -
Nils Philippsen -
Peter Boy -
Stephen Smoogen -
Tom Callaway -
Xose Vazquez Perez