From Fedora Project Wiki
(Start over -- Found the existing FAQ)
Line 1: Line 1:
What should be in the <code>License:</code> tag in Fedora packages brings up a lot of confusion.  This FAQ is meant to help answer some of hte questions that arise over and over again.
* Does the <code>License:</code> tag cover the SRPM or the binary RPM?
* When a binary RPM is created from sources with different licenses do we list all of the source licenses that went into that binary RPM or do some licenses trump others?
** Example: foo.c is licensed GPLv2+, bar.c is licensed MIT.  They're compiled together into /usr/bin/foobar.  Is the <code>License:</code> tag that ships %{_bindir}/foobar "GPLv2+" or "GPLv2+ and MIT"?
* Does it make a difference whether what is shipped is usable as a single file or as multiple files?
** Example: A static elf library composed of some files which were licensed under the GPLv2+ and others which were licensed under the "MIT" license.  The static library is a single file but a program using functions from the library could end up only using MIt or only using GPLv2+ functions.
** Example: A python module that contains a module foo/ that is GPLv2+ and foo/ that is licensed MIT.  The two files exist in the same python package but they don't depend on each other.  A script could import foo.gpl without import and vice-versa.  Does the <code>License:</code> tag contain "GPLv2+", "GPLv2+ and MIT" or something else?
* Does the <code>License:</code> tag anticipate things that the binary RPM links against/deps against?
** Simple example: the rpm contains a program which is licensed GPLv2+.  It links against a library that's licensed Apache.  Does the <code>License:</code> tag contain "GPLv2+" or "GPLv3+"?
** More complex example: the rpm contains a program that is licensed MIT.  If libreadline (GPLv2+) is installed, it will be used to enhance the experience but if it isn't installed, the program will still run.  Should the <code>License:</code> be "MIT", "GPLv2+", or something else?
* OpenSSL is generally considered incompatible with GPL because of the advertising clause however, the "system library" clause of the GPL may provide a way out.  What is Fedora's position on compatibility of OpenSSL with GPLv2 and GPLv3?

Revision as of 16:43, 21 July 2011