Packaging:LicensingGuidelines

= Licensing Guidelines =

Author:  Tom 'spot' Callaway   Revision: 0.08 Initial Draft: Thursday August 2, 2007 Last Revised: Wednesday December 14, 2011

Fedora Licensing
The goal of the Fedora Project is to work with the Linux community to create a complete, general purpose operating system exclusively from Free and Open Source software.

All software in Fedora must be under licenses in the Fedora licensing list. This list is based on the licenses approved by the Free Software Foundation, OSI and consultation with Red Hat Legal.

If code is multiple licensed, and at least one of the licenses is approved for Fedora, that code can be included in Fedora under the approved license(s) (but only under the terms of the approved license(s)).

License Text
If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in. If the source package does not include the text of the license(s), the packager should contact upstream and encourage them to correct this mistake.

Subpackage Licensing
If a subpackage is dependent (either implicitly or explicitly) upon a base package (where a base package is defined as a resulting binary package from the same source RPM which contains the appropriate license texts as %doc), it is not necessary for that subpackage to also include those license texts as %doc.

However, if a subpackage is independent of any base package (it does not require it, either implicitly or explicitly), it must include copies of any license texts (as present in the source) which are applicable to the files contained within the subpackage.

License Clarification
In cases where the licensing is unclear, it may be necessary to contact the copyright holders to confirm the licensing of code or content. In those situations, it is _always_ preferred to ask upstream to resolve the licensing confusion by documenting the licensing and releasing an updated tarball. However, this is not always possible to achieve. In such cases, it is acceptable to receive confirmation of licensing via email. A copy of the email, containing full headers, must be included as a source file (marked as %doc) in the package. This file is considered part of the license text.

License: field
Every Fedora package must contain a  entry. Maintainers should be aware that the contents of the  field are understood to not be legally binding (only the source code itself is), but maintainers must make every possible effort to be accurate when filling the   field.

The License: field refers to the licenses of the contents of the binary rpm. When in doubt, ask.

If a source package generates multiple binary packages, the License: field may differ between them if necessary. This implies that a single spec may have multiple per-subpackage License: tags. Each of those License: tags must comply with all applicable guidelines.

Valid License Short Names
The  field must be filled with the appropriate license Short License identifier(s) from the "Good License" tables on the   Fedora Licensing  page. If your license does not appear in the tables, it needs to be sent to fedora-legal-list@redhat.com (note that this list is moderated, only members may directly post). If the license is approved, it will be added to the appropriate table.

"Distributable"
In the past, Fedora (and Red Hat Linux) packages have used "Distributable" in the  field. In virtually all of these cases, this was not correct. Fedora no longer permits packages to use "Distributable" as a valid License. If your package contains content which is freely redistributable without restrictions, but does not contain any license other than explicit permission from the content owner/creator, then that package can use "Freely redistributable without restriction" as its  identifier.

Firmware
The  field for any firmware that disallows modification should be set to: "Redistributable, no modification permitted".

Versioned licenses
Some licenses include the version as part of the Short License Identifier. This is only done when multiple versions of the license differ in significant ways (e.g. one revision is GPLv2 incompatible, while a later version is not). Be careful to ensure that you use the correct Short License Identifier, as shown in the tables on the  Fedora Licensing  page.

"or later version" licenses
Some licenses state that either the current version of the license or later versions may be used. It is important to note when a license states this. When a license has an "or later version" clause, we note that by appending a + to the Short License Identifier. Please note that there are already special Short License Identifiers for GPLv2+ and LGPLv2+, there is no need to append an additional + for those cases.

GPL and LGPL
Since compatibility of code and library linking is especially complex with GPL and LGPL, Fedora packages can no longer simply use "GPL" or "LGPL" in the  field. Please refer to the  Fedora Licensing  page for the acceptable identifiers, and be careful to ensure that you select the correct one.

Dual Licensing Scenarios
If your package is dual licensed (or triple licensed, etc.), the spec must reflect this by using "or" as a separator. Note that this only applies when the contents of the package are actually under a dual license, and not when the package contains items under multiple, distinct, and independent licenses.

Example: Package libfoo is dual licensed as Mozilla Public License v1.1 and GNU General Public License v2 or later. The package spec must have:

License: MPLv1.1 or GPLv2+

Multiple Licensing Scenarios
If your package contains files which are under multiple, distinct, and independent licenses, then the spec must reflect this by using "and" as a separator. Fedora maintainers are highly encouraged to avoid this scenario whenever reasonably possible, by dividing files into subpackages (subpackages can each have their own  field).

Example: Package bar-utils contains some files under the Python License, some other files under the GNU Lesser General Public License v2 or later, and one file under the BSD License (no advertising). The package spec must have: License: Python and LGPLv2+ and BSD

In addition, the package must contain a comment explaining the multiple licensing breakdown. The actual implementation of this is left to the maintainer. Some suggested implementations include

License: GPLv2+ and BSD %files %doc Changes %{_bindir}/cobra-util %{_bindir}/viper-util %{_bindir}/gnu-util %{_bindir}/rms-util %{_bindir}/berkeley-util
 * A comment right above the  field:
 * 1) The entire source code is GPLv2+ except foolib/ which is BSD
 * Including a file as  which contains the licensing breakdown for the packaged files, then using:
 * 1) For a breakdown of the licensing, see PACKAGE-LICENSING
 * Noting the license above the appropriate %files section:
 * 1) Python
 * 1) LGPLv2+
 * 1) BSD

Combined Dual and Multiple Licensing Scenario
If you are unlucky enough that your package possesses items multiple, distinct, and independent licenses...AND some of those items are dual licensed, you must note the dual licensed items by wrapping them with parenthesis. Otherwise, the guidelines for Dual and Multiple Licensing apply.

Example: Package baz-utils contains some files under the Python License, some other files under the GNU Lesser General Public License v2 or later, one file under the BSD License, no advertising, and one file which is dual licensed as Mozilla Public License v1.1 and GNU General Public License v2 or later. The package spec must have: License: Python and LGPLv2+ and BSD and (MPLv1.1 or GPLv2+) Since this is a multiple licensing scenario, the package must contain a comment explaining the multiple licensing breakdown. The actual implementation of this is left to the maintainer.

Mixed Source Licensing Scenario
In some cases, it is possible for a binary to be generated from multiple source files with compatible, but differing licenses. Thus, the binary file would actually have simultaneous dual licensing (an AND, as opposed to an OR). For example, it is possible that a binary is generated from a source file licensed as BSD with advertising, and another source file licensed as QPL (which specifies that modifications must be shipped as patches). In this scenario, we'd wrap the list of licenses for that binary with parenthesis, example:

Package spot-utils contains some files under the Python License, but one of the files is generated from a BSD with advertising source file and a QPL source file. License: Python and (BSD with advertising and QPL)

Public Domain
Works which are clearly marked as being in the Public Domain, and for which no evidence is known to contradict this statement, are treated in Fedora as being in the Public Domain, on the grounds that the intentions of the original creator are reflected by such a use, even if due to regional issues, it may not have been possible for the original creator to fully abandon all of their their copyrights on the work and place it fully into the Public Domain. If you believe that a work in Fedora which is marked as being in the Public Domain is actually available under a copyright license, please inform us of this fact with details, and we will immediately investigate the claim.