Mailinglist Archive: opensuse-project (539 mails)

< Previous Next >
Re: [opensuse-project] On package licensing
On Monday 21 Mar 2011 11:22:40 Sascha Peilicke wrote:
The spec file license tag clearly isn't meant for that. I'm no lawyer, but
to me it seems like the only proper way is like Debian does it. They add
an extra file to their packages which lists all the licenses that
apply. Also it allows to clearly state that in-tree libraries are
licensed differently. Based on that, the spec file License header could
then contain only the most prominent license. However, this increases
packagers work but seems more useful to me. What do you think?

Pursuant to a quite prolonged discussion on opensuse-factory and to a separate
but related enterprise-related discussion on the spdx mailing lists we decided
to start using the same syntax that Fedora has been successfully using for a
number of years (RHEL too). The Linux Foundation workgroup of which Red Hat
and SUSE had representatives have prepared a specification which will state
how licenses are to be declared for a package (including e.g. multiple
licensing and dual licensing scenarios). On further discussion with the Fedora
representative we concluded that the spdx format will be largely enterprise
oriented and that the list of licenses/short-names will probably not suffice
to cover the needs of an open source distribution such as openSUSE or Fedora.
Pursuant to the aforementioned discussion on opensuse-factory we imported
Fedora's list of licenses to http://en.opensuse.org/openSUSE:Accepted_licences

With the intend of syncing up with even more distribtions we also (with
vuntz's help) are trying to have a face-to-face meeting with the various legal
representative of e.g. Ubuntu, Debian, openSUSE, Fedora, Mandriva/Mageia and
Gentoo (I possibly left out some) to try to work something out which will be
more permanent.

As we don't yet know what will come of this, I think it would be premature to
resort to a far-reaching step like requiring packagers to produce a copyright
file in the way that Debian does (I'm not against the idea per se, but it
introducts a substantial margin-of-error and the job should really be done by
the _upstream_ developers - if at all - as they are the only ones who can
truly and authoritatively state what the license(s) should be).

As to the RPM %license field - it was _never_ meant to reflect the entire
licensing state of a package. As you identified, we could certainly try to
attain more accurary by having packages use subpackages for libraries etc and
to add the proper %license for the executable and for the library - this is
often overlooked at the moment.

Thus, I suggest that we stick with the Fedora-style RPM syntax for now -
pending what happens with the cross-distro effort. At least that way we will
have some degree of consistency - up to now we had none.

Ciaran
--
Ciaran Farrell __o
cfarrell@xxxxxxx _`\<,_
Phone: +49 (0)911 74053 262 (_)/ (_)
SUSE Linux Products GmbH,
GF: Markus Rex, HRB 16746 (AG Nürnberg)
Maxfeldstrasse 5, 90409, Nuremberg, Germany

/ˈkiː.ræn/
< Previous Next >
Follow Ups
References