User:Toshio/Licensing FAQ: Difference between revisions

Line 1:

~~What should be in the <code>License:</code> tag in Fedora packages brings up a lot of confusion. This FAQ is meant to help answer some of hte questions that arise over and over again.~~

* Does the <code>License:</code> tag cover the SRPM or the binary RPM?

* When a binary RPM is created from sources with different licenses do we list all of the source licenses that went into that binary RPM or do some licenses trump others?

** Example: foo.c is licensed GPLv2+, bar.c is licensed MIT. They're compiled together into /usr/bin/foobar. Is the <code>License:</code> tag that ships %{_bindir}/foobar "GPLv2+" or "GPLv2+ and MIT"?

* Does it make a difference whether what is shipped is usable as a single file or as multiple files?

** Example: A static elf library composed of some files which were licensed under the GPLv2+ and others which were licensed under the "MIT" license. The static library is a single file but a program using functions from the library could end up only using MIt or only using GPLv2+ functions.

** Example: A python module that contains a module foo/gpl.py that is GPLv2+ and foo/mit.py that is licensed MIT. The two files exist in the same python package but they don't depend on each other. A script could import foo.gpl without import foo.mit and vice-versa. Does the <code>License:</code> tag contain "GPLv2+", "GPLv2+ and MIT" or something else?

* Does the <code>License:</code> tag anticipate things that the binary RPM links against/deps against?

** Simple example: the rpm contains a program which is licensed GPLv2+. It links against a library that's licensed Apache. Does the <code>License:</code> tag contain "GPLv2+" or "GPLv3+"?

** More complex example: the rpm contains a program that is licensed MIT. If libreadline (GPLv2+) is installed, it will be used to enhance the experience but if it isn't installed, the program will still run. Should the <code>License:</code> be "MIT", "GPLv2+", or something else?

* OpenSSL is generally considered incompatible with GPL because of the advertising clause however, the "system library" clause of the GPL may provide a way out. What is Fedora's position on compatibility of OpenSSL with GPLv2 and GPLv3?

Search

User:Toshio/Licensing FAQ: Difference between revisions

Revision as of 16:43, 21 July 2011

@@ Line 1: / Line 1: @@
-What should be in the <code>License:</code> tag in Fedora packages brings up a lot of confusion.  This FAQ is meant to help answer some of hte questions that arise over and over again.
-* Does the <code>License:</code> tag cover the SRPM or the binary RPM?
-* When a binary RPM is created from sources with different licenses do we list all of the source licenses that went into that binary RPM or do some licenses trump others?
-** Example: foo.c is licensed GPLv2+, bar.c is licensed MIT.  They're compiled together into /usr/bin/foobar.  Is the <code>License:</code> tag that ships %{_bindir}/foobar "GPLv2+" or "GPLv2+ and MIT"?
-* Does it make a difference whether what is shipped is usable as a single file or as multiple files?
-** Example: A static elf library composed of some files which were licensed under the GPLv2+ and others which were licensed under the "MIT" license.  The static library is a single file but a program using functions from the library could end up only using MIt or only using GPLv2+ functions.
-** Example: A python module that contains a module foo/gpl.py that is GPLv2+ and foo/mit.py that is licensed MIT.  The two files exist in the same python package but they don't depend on each other.  A script could import foo.gpl without import foo.mit and vice-versa.  Does the <code>License:</code> tag contain "GPLv2+", "GPLv2+ and MIT" or something else?
-* Does the <code>License:</code> tag anticipate things that the binary RPM links against/deps against?
-** Simple example: the rpm contains a program which is licensed GPLv2+.  It links against a library that's licensed Apache.  Does the <code>License:</code> tag contain "GPLv2+" or "GPLv3+"?
-** More complex example: the rpm contains a program that is licensed MIT.  If libreadline (GPLv2+) is installed, it will be used to enhance the experience but if it isn't installed, the program will still run.  Should the <code>License:</code> be "MIT", "GPLv2+", or something else?
-* OpenSSL is generally considered incompatible with GPL because of the advertising clause however, the "system library" clause of the GPL may provide a way out.  What is Fedora's position on compatibility of OpenSSL with GPLv2 and GPLv3?