FS/OSS license: not quite enough of a requirement

Alexandre Oliva aoliva at redhat.com
Wed May 9 22:41:21 UTC 2007


In our packaging guidelines
http://fedoraproject.org/wiki/Packaging/Guidelines#head-76294f12c6b481792eb001ba9763d95e2792e825
we state:

  The goal of The Fedora Project is to work with the Linux community
  to build a complete, general purpose operating system exclusively
  from open source software.  In accordance with that, all packages
  included in Fedora must be covered under an open source license.

  We clarify an open source license in three ways:
  [...]

Drawing a line on licensing requirements is good, but I've recently
realized (see below) that this is not quite enough to ensure that
Fedora users aren't misled into loss of freedom by the Fedora project
itself.

Consider a Free Software package licensed under a permissive license,
such as the MIT license.

Consider that someone makes changes to the program and releases the
whole under the same license, but refrains from publishing the
corresponding sources.

Is this modified package eligible for inclusion in Fedora?

It certainly is under a Free Software license, but it certainly isn't
Free Software any more.


This is not a theoretical situation.  For the past month, I've been
working on code that was mostly Free Software, but whose integrator
had refrained from publishing corresponding sources of included Free
Software packages, even the LGPLed ones.  Not the only kind of license
infringement in that package, mind you.

They even licensed their *own* code under the LGPL, but they didn't
publish the corresponding source code either (which AFAIK is not a
license violation AFAIK, but IANAL)

A few more details at http://www.fsfla.org/?q=en/node/157
An upcoming article will cover it in far more detail.


Anyhow, the point is that it's not enough for there to be an
applicable license that is a Free Software license (or "open source
license", per the definition in the Fedora packaging guidelines).

It would be better to state that the software, as distributed by the
Fedora project, must abide by the Free Software definition and (or?)
the Open-Source Software definition.

Perhaps it would make sense to also add a note explaining that Fedora
is committed to not distributing [non-firmware] software in such a way
that the software wouldn't abide by these definitions, from the point
of view of the recipients.  E.g. software licensed under a Free
Software license but without corresponding sources.  If the reader
finds deviations s/he should report them.


Makes sense?

-- 
Alexandre Oliva         http://www.lsd.ic.unicamp.br/~oliva/
FSF Latin America Board Member         http://www.fsfla.org/
Red Hat Compiler Engineer   aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist  oliva@{lsd.ic.unicamp.br, gnu.org}




More information about the fedora-advisory-board mailing list