[fab] Re: Licensing audit for Fedora Extras

Karsten Wade kwade at redhat.com
Tue Dec 5 20:18:45 UTC 2006 

On Tue, 2006-12-05 at 13:36 -0600, Tom 'spot' Callaway wrote:

> Its more of a process of:
> 
> A) Download SRPM
> B) rpm -ivh foo.src.rpm
> C) rpmbuild -bp path/to/foo.spec
> D) Note License in foo.spec
> E) Manually look through all source code in BUILD/foo
> F) Note actual licensing where it differs from License
> G) Ensure that license(s) is/are FSF or OSI approved

For all packages that i) Fedora is the upstream[1] and ii) provide
content in /usr/share/doc, we need to ensure that:

a. The content is licensed under the OPL only, and
b. The OPL is used without restrictions

I just found a package that is an example of this; it needs to have the
restriction clauses on the OPL removed (I'll file the bug.)

[1] Example of where Fedora is upstream is system-config-*; what else?
Is that an easy thing to figure out?

- Karsten

> H) If license(s) is/are approved individually, go to H2. Otherwise, go
> to I.
> H2) If licenses > 1, ensure they're compatible. If not, flag package in
> violation.
> I) If license(s) is not approved:
> I2) Is the license explicitly marked as bad by FSF, if not goto I3.
> I3) Ask FSF to review license.
> 
> > Sorry I hit send versus "Save Now". The reason for this is to try and
> > make sure you are not the sole blocking point on it in case you get an
> > offer to buy Aurora Linux for Googlebucks from you... or the snow in
> > Illinois traps you in an iceblock for 10,000 years.
> > 
> > You may still be the person that reviews the finished package
> > viewpoints and sends them to legal etc.. but it makes sure that if you
> > cash out, the job can be done by someone else.
> 
> In the unlikely future where I cash out on Linux/SPARC, hopefully the
> above is a good start.
> 
> ~spot
> 
> 
> _______________________________________________
> fedora-advisory-board mailing list
> fedora-advisory-board at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-advisory-board
-- 
Karsten Wade, RHCE, 108 Editor    ^     Fedora Documentation Project 
 Sr. Developer Relations Mgr.     |  fedoraproject.org/wiki/DocsProject
   quaid.108.redhat.com           |          gpg key: AD0E0C41
////////////////////////////////// \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-advisory-board/attachments/20061205/51dcf24a/attachment.sig>

More information about the fedora-advisory-board mailing list