[packman] New packages for packman (Walter Fey)

Richard Brown RBrownCCB at opensuse.org
Tue Aug 1 23:53:16 CEST 2017


On Tue 1. Aug 2017 at 22:29, Luigi Baldoni <aloisio at gmx.com> wrote:

> Sent: Tuesday, August 01, 2017 at 10:30 PM
> From: "Richard Brown" <RBrownCCB at opensuse.org>
> > > On Tue 1. Aug 2017 at 20:42, Luigi Baldoni <aloisio at gmx.com[mailto:
> aloisio at gmx.com]> wrote:Sent: Tuesday, August 01, 2017 at 6:02 PM
> > >
> > > No. I was talking about the copyring attribution for the spec file
> itself, with which I seem to recall
> > > from a previous interaction OP has a problem with.
> > >
> > > Now, I assume that a commercial entity like SUSE can't afford to
> distribute anything where the IP is not
> > > clearly defined, even for a mere script.
> > >
> > > Would Packman be more lenient in that regard?
> >
> > I don't know if Packman would be lenient or not in the scenario you
> pose, but that isn't relevant to the actual risk with Mr. Feys proposed
> comtributions.
> >
> > The behaviour with Walter alludes to in his post was a clear,
> demonstrable case of Mr. Fey taking sources (in this case spec files) and
> reusing the spec file, in whole
> > or in part, while simultaneously removing the copyright header from
> those spec files.
> >
> > The spec files were all licensed under licenses such as the GPL and MIT
> which require all copyright attribution to be preserved as part of the
> license for reuse and
> > redistribution.
> >
> > Mr. Feys insistence to remove the copyright attribution while reusing
> source which clearly derived from clearly attributed specfiles is a clear
> breach of the licenses
> > involved and in the interest of the copyright holders, the upstream
> projects who chose the licenses in use, and all open source projects the
> openSUSE Board requested
> > Mr Fey cease that behaviour.
> >
> > Mr Fey now seems to seek to use Packman and his posts imply he might
> intend to do so in the same manner in which he chose to use the openSUSE
> Build service.
> >
> > If that is the case, this could be a serious issue for the Packman build
> service. If the sources involved include files derived from those
> copyrighted to SUSE Linux
> > GmbH it is likely that SUSE will notice (after all, I have read this
> thread) and it is certainly likely we will be compelled to take action to
> protect our copyright
> > and the redistribution license of the packages in question.
>
> > And that's a situation I really, sincerely hope we can avoid so hope
> that Packman has suitable processes and options in place to ensure the
> licenses and copyrights of
> > their contributions are as checked as they reasonably can be before
> hosting and redistributing the resulting binaries.
>
> I didn't say anything of the sort and I'm sorry if I gave that impression.


Nothing to apologise for, this is a polite conversation between curious
parties


>
> In my understanding (and I could be wrong), Walter Fey opposes copyright
> headers for spec files even
> when he's the original author.


Such an approach is inconsistent with the openSUSE Project where we clearly
state all spec files must have a license header including a copyright
attribution

https://en.opensuse.org/openSUSE:Specfile_guidelines#Specfile_Licensing

We do not require copyright attribution transfer and fully support our
contributors to assert their own copyright if they are the sole author, or
share attribution with multiple parties if the specfile includes the work
of multiple parties.

In the case of the openSUSE Project we consider all of our specifies to
have the same license as the associated source, unless it is not an open
source license in which case the specfile is MIT.

As all major open source licenses require clear copyright attribution to be
valid, any removal of copyright attribution when reusing openSUSE specfiles
is a breach of the license in question.

This is a common practice that is followed throughout the open source
world, for example the FSF have the following guides even on the topic.

https://www.gnu.org/licenses/why-assign.en.html

So this is not just a question of corporate concern, but the correct, and
secure, way to ensure that the terms and conditions are enforceable for the
software author as intended under their chosen license.

If Packman plays too fast and loose with such good practice I can imagine
some very uncomfortable possibilities.

Given most open source licenses have strict rules regarding redistribution,
I cannot imagine it is a good thing for any service hosting open source
software to turn a blind eye to the terms, conditions and copyrights of the
software they are distributing.

Just my 2c and sharing from my own personal experience


> _______________________________________________
> Packman mailing list
> Packman at links2linux.de
> http://lists.links2linux.de/cgi-bin/mailman/listinfo/packman
>



More information about the Packman mailing list