[Bug 747160] New: package gcc46-c++ does not provide COPYING
https://bugzilla.novell.com/show_bug.cgi?id=747160 https://bugzilla.novell.com/show_bug.cgi?id=747160#c0 Summary: package gcc46-c++ does not provide COPYING Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: x86-64 OS/Version: openSUSE 12.1 Status: NEW Severity: Major Priority: P5 - None Component: Development AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: giecrilj@stegny.2a.pl QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20100101 Firefox/10.0.1 The package gcc46-c++ is licensed under GPL. The license requires the license text to be distributed with the package. Failing to do so exposes both the distributor and the customer to legal risk. Reproducible: Always Steps to Reproduce: 1. { rpm -qi gcc46-c++; } 2. { rpm -qd gcc46-c++ | grep -F COPYING; } Actual Results: 1. License : GPLv3+ 2. Expected Results: 2. /usr/share/doc/packages/gcc-c++/COPYING -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c1
Richard Guenther
rpm -qi gcc46-c++ Name : gcc46-c++ Relocations: (not relocatable) Version : 4.6.2_20111212 Vendor: openSUSE Build Service Release : 75.1 Build Date: Tue 24 Jan 2012 11:44:33 AM CET Install Date: Wed 25 Jan 2012 03:18:23 PM CET Build Host: build18 Group : Development/Languages/C and C++ Source RPM: gcc46-4.6.2_20111212-75.1.src.rpm Size : 11900981 License: GPLv3+ Signature : DSA/SHA1, Tue 24 Jan 2012 11:50:04 AM CET, Key ID 927f5cc86300dadb URL : http://gcc.gnu.org/ Summary : The GNU C++ Compiler Description : This package contains the GNU compiler for C++. Distribution: devel:gcc / openSUSE_11.1
ah, GPLv3+!
ls /usr/share/doc/licenses/GPLv3+ -rw-r--r-- 1 root root 35147 2007-07-26 14:13 GPLv3+
ah, here it is! I will _not_ start adding copies of all relevant licenses to all sub-packages of my packages. Unless explicitely told by legal. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c2
Christopher Yeleighton
Please point me to some definite guideline which packages need their license included and how the package license file should be associated with a given package or file.
Previously it was discussed to have a single copy of the various license texts we can refer to. Now that package licenses follow SPDX why not have a mandatory installed SPDX-licenses package that has the textual forms?
I believe it is compliant to create soft links to the documents you mention in package-specific documentation directories. However, I think it is not worth the trouble.
I will _not_ start adding copies of all relevant licenses to all sub-packages of my packages. Unless explicitely told by legal.
What can I say? When you are contacted by a lawyer, it is usually too late because the damage has been done :-( Not to mention that if we wish to promote free software, the first step is to be compliant ourselves :-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c4
--- Comment #4 from Christopher Yeleighton
Please do not remove NEEDINFO if you didn't provide the requested answer. We do provide license texts with the products we offer, and we provide a link to them by means of connecting each individual rpm package with the license text.
The links are not provided.
At least we should. This is why I set the needinfo to _legal_ people (which you are not).
Oops, sorry, my mistake. Would not have happened if you started like this: Juergen, please point me…
The technical solution including each license text into each sub-package does not scale and is IMHO not required by the license(s).
Why we are waiting for the legal analysis, it would be awesome if you could explain this "does not scale" thing. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c5
--- Comment #5 from Christopher Yeleighton
Why we are waiting for the legal analysis, it would be awesome if you could explain this "does not scale" thing.
While, not why, of course. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c6
--- Comment #6 from Richard Guenther
(In reply to comment #4)
Why we are waiting for the legal analysis, it would be awesome if you could explain this "does not scale" thing.
While, not why, of course.
Because it's already tedious to correctly set License tags for each sub-package. Maintaining the appropriate file-list mirror and keeping both consistent adds a point of failure that is not necessary because the information is redundant. Either create License tags automagically from the file lists (or package contents) or the other way around. As separating the license text from the package seems to be permitted (only provide the copy in one of the many sub-packages), separating it to a system-required and thus force-installed SPDX-license-texts package seems to be workable as well, and sounds very well-scaling. Legal, please analyze that proposal and produce that SPDX-license-texts package. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c7
--- Comment #7 from Christopher Yeleighton
(In reply to comment #5)
(In reply to comment #4)
Why we are waiting for the legal analysis, it would be awesome if you could explain this "does not scale" thing.
While, not why, of course.
Because it's already tedious to correctly set License tags for each sub-package.
Indeed, many sub-packages (throughout openSUSE, and also upstream) get it wrong (e.g. GPL for GFDL).
or the other way around. As separating the license text from the package seems to be permitted (only provide the copy in one of the many sub-packages),
You still have to provide a link to the license text, if not the license text itself, and the link must be discoverable by means of rpm -qd. That link may be a soft link or a %ghost.
separating it to a system-required and thus force-installed SPDX-license-texts package seems to be workable as well, and sounds very well-scaling.
Legal, please analyze that proposal and produce that SPDX-license-texts package.
Please. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c8
Juergen Weigert
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c
Juergen Weigert
https://bugzilla.novell.com/show_bug.cgi?id=747160
https://bugzilla.novell.com/show_bug.cgi?id=747160#c9
Richard Biener
(In reply to comment #6)
(In reply to comment #5)
(In reply to comment #4)
Why we are waiting for the legal analysis, it would be awesome if you could explain this "does not scale" thing.
While, not why, of course.
Because it's already tedious to correctly set License tags for each sub-package.
Indeed, many sub-packages (throughout openSUSE, and also upstream) get it wrong (e.g. GPL for GFDL).
or the other way around. As separating the license text from the package seems to be permitted (only provide the copy in one of the many sub-packages),
You still have to provide a link to the license text, if not the license text itself, and the link must be discoverable by means of rpm -qd. That link may be a soft link or a %ghost.
rpm -qi gcc: Name : gcc Version : 4.6 Release : 15.1.3 Architecture: x86_64 Install Date: Tue Mar 27 16:53:14 2012 Group : Development/Languages/C and C++ Size : 0 License : GPLv3+ ... this provides good enough of a link for me (maybe not for a lawyer). This isn't my bug, re-assigning to Juergen. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=747160
http://bugzilla.novell.com/show_bug.cgi?id=747160#c11
--- Comment #11 from Richard Biener
participants (1)
-
bugzilla_noreply@novell.com