From Fedora Project Wiki

License violations

Peter A. Shevtsov <webmaster@mera.com.ru> : I know that Fedora is so-called patents and license clear distro, so neither mp3 nor any other proprietary technologies don't work in the base installation. As far as I know, all software included in Fedora is GPLed (v.2 I suppose). So, my question is the following -- what will happen if someone violates license condition? For example, there is a company which provides some open source solutions (like Red Hat Exchange), but it distributes custom built (patched or something like that) RPMs of some software -- for example their own built Apache HTTPD Server -- but do not provide sources and charge money. If I'm not mistaken this is the case of license violation. If so, what can be done in such situation? Are there any punished precedents of GPL violations?


Thanks for writing, Peter, and for bringing us our first question. To clear up some popular misconceptions about copyright and copyright licenses, you might want to take a look at the article from Red Hat Magazine in May 2007[1] . While Fedora News team members are not lawyers, we've all done enough research on licensing to give you what we hope is a pretty complete answer to your question.

All software included in Fedora is free and open source software. The GPL is but one of the many free and open source licensing[2] options available to developers. The example you cite, for instance, is the Apache web server, which is available under the Apache License 2.0 [3] . This license allows licensees to copy and redistribute without requiring them to distribute source, and none of the free and open source licenses can have any restrictions on licensees' rights to charge money for any original work that they produce or derive. Therefore, the cited example is not a license violation for a product built on the Apache web server. It would, however, be a license violation for a product built on software licensed under the GPL (or any of a number of other reciprocative licenses), since the GPL requires the licensee to make source code available for any derivative work if the work is distributed to a third party.

To more directly answer your second question, only a copyright holder has the right to bring an action in case of a violation of a product's license agreement. For a program "Foobar" in Fedora, the copyright holder is the developer of Foobar. (The Fedora copyright statement attributes program content to "Red Hat, Inc. and others" to make clear that Red Hat is the copyright holder for the material it contributes, while "others" refers collectively to all the other copyright holders who contribute or originate other work in Fedora.) The Free Software Foundation has helped developers deal with enforcing GPL [4] in multiple instances in the past and has generally been successful. You can read more about their licensing compliance work in the FSF site [5] . If you're interested or want to raise awareness about GPL violations, the GPL violations website[6] also has several public cases.

[1] http://www.redhat.com/magazine/007may05/features/ip/

[2] http://fedoraproject.org/wiki/Licensing

[3] http://www.apache.org/licenses/LICENSE-2.0

[4] http://www.gnu.org/philosophy/enforcing-gpl.html

[5] http://www.fsf.org/licensing/compliance

[6] http://gpl-violations.org

Making Backups

s sokol <sokolstephen@yahoo.com> : I am an enduser and having a hard time finding out how to backup to an external hard drive in an orderly and automatic manner.

Fedora has a number of backup solutions available. The cp or tar commands are usually not the most effective way to maintain backups. Most advanced users and administrators recommend a system based on the rsync family of utilities, which allow you -- as the name suggests -- to synchronize two separate storage areas, such as your home directory and an external device or network share.

Keep in mind that file system differences may affect your choice of how to back up your data. Linux file systems such as ext3 have features that cannot accurately be copied directly to the VFAT file systems found on many USB disks, or CD/DVD. However, you can usually write your data as specially-formatted backup files (such as star format) where this information can be safely retained on such devices.

There are dozens of different solutions available. You might want to try one or more of these packages:

  • pybackpack - A GNOME- and Python-based graphical backup utility; after installation, look in System > Preferences > System > File Backup Manager
  • kbackup - A KDE-based graphical backup utility; after installation look in Applications > Accessories
  • rsync - reliable command-line program (try rsync -Pavy <source> <dest> for example)
  • BackupPC - A complete web-based backup solution that includes scheduling and multiple system handling

Future of RPM

Maxime Carron <maxime.carron@fedoraproject.org> : can i/we have some explanations about future of RPM.

From what i red, - redhat, novell and Co start a merge of their many patches to apply them to the main stream (dec 2006) - but it also exists another branch : www.rpm5.org (from an ex RH-employee) - i heard about openpkg too (which support rpm5.org)

So my questions are : What are the news? What will happen? Will rpm5.org and rpm.org merge? What about openpkg? What about CPM (Community Package Manager)? cf http://www.redhatmagazine.com/2007/02/08/the-story-of-rpm/

Thank you.

After the initial announcement from Fedora Project [1] about renewed focus, Panu Matilainen announced a new release of RPM 4.4.2.1 [2] that includes some cleanups of the codebase, consolidation, and introduction of several bug fixes from Red Hat, Novell and others.

rpm5.org has a different roadmap from rpm.org. Both these branches have their own community of individuals and vendors with a existing common codebase. They influence each other and have shared fixes in various instances. As long as both branches retain compatibility with the RPM spec format, the higher level tools can explore different directions. This freedom is a inherent part of free software.

The Red Hat Magazine article to which your question refers is a short description of some of the history behind RPM. You can read about the rpm.org ongoing roadmap discussions in the last week's report [3] . You can also refer to Max Spevack's thoughts on RPM's and Fedora's future in Linux Weekly News[4] . RPM is the underlying packaging format and a base that Fedora builds upon using Yum and friends, and Fedora will continue to participate in its development for the foreseeable future.

[1] https://www.redhat.com/archives/fedora-announce-list/2006-December/msg00003.html

[2] https://lists.dulug.duke.edu/pipermail/rpm-announce/2007-July/000001.html

[3] http://fedoraproject.org/wiki/FWN/Issue98#head-90b3708648e89def933055ad00d6cb887b9cde0d

[4] http://lwn.net/Articles/237700/


CD Installations of Fedora 7

R. Drew Davis <drewclist@rdd.name> : My old PC has no DVD drive, but Fedora 7 appears to only be distributed on DVD's. Before Fedora 7's release, CheapBytes was accepting pre-orders for Fedora 7 on CD's, but after Fedora 7's release, they e-mailed me to say there wasn't going to be a CD version, so they refunded my money. I asked them why they couldn't make their own custom spin of Fedora 7 on CD's and they said the Fedora license agreement wouldn't let them call the re-spin "Fedora" and that would make it very hard for them to sell any such version. So what should I do?

Fedora provides GNOME and KDE based live images that can be burned to a CD and installed to a hard disk or USB flash. Fedora Live images have a subset of packages from the Fedora repository and some configuration changes suitable for a desktop user. If you are using Fedora on the desktop or laptop, this solution is ideal for you.

You can also install Fedora from a network using a boot or rescue image burned to a CD. Furthermore, you can copy the DVD image to your hard disk and install from that.

CheapBytes or anyone else can very well create custom spins of Fedora 7 on CD's. Since they are not changing any packages in the distribution, they are free to call it Fedora and distribute it. There are other online and retail vendors doing similar custom spins, and the ability to create custom spins easily is one of the primary benefits in Fedora 7. Refer to the Fedora 7 FAQ [1] for more details.

With the merge of Fedora Core and Fedora Extras, the repository has grown to nearly 8000 packages, which takes around 9 GB of storage space. This repository is growing rapidly, with more packages maintained by existing and new contributors. In the next release, the Fedora Project plans to integrate support for additional architectures. Fedora is distributed by hundreds of volunteer mirrors, which would have difficulties mirroring CD variants of all these packages and architectures. The Fedora Infrastructure team is looking for volunteers to integrate Jidgo [2] into the release process of Fedora as a potential solution to this problem. If you are interested in helping, contact the Fedora Infrastructure team[3] for more information. Thank you for your support.

[1] http://fedoraproject.org/wiki/Fedora7/FAQ

[2] http://atterer.net/jigdo/

[3] http://fedoraproject.org/wiki/Infrastructure


Global changes in Fedora

Martin Jürgens <martin@gamesplace.info> : I have a question to the Fedora Project, namely where global changes can be discussed.

I know that Bugzilla is the right way to report Feature Requests when you exactly know how the new feature should look, but I had a more global idea of making Fedora more end-user friendly without making system admins unhappy (in the way of changing configuration, installation and package managing tools, RHBZ #248259). I hoped that some discussion with ideas would come up in the bug report, but it was not like this. I did not get a single reply.

As you have noticed, Bugzilla is generally very good for reporting specific bugs, but unsuitable for high level discussions that might require project management and participation from multiple contributors. As commented upon in the Bugzilla report, the better place to discuss any changes like these is in the fedora-devel [1] mailing list. If you want a informal chat, the #fedora-devel IRC channel in Freenode is a good place to meet other contributors and exchange this kind of information.

[1] http://redhat.com/mailman/listinfo/fedora-devel-list/

Bugzilla Responses

fred <lazlow@charter.net> : After you file a bug with bugzilla, how do you get a response? I have several bugs filed that have sat there for a long time and have gotten no response. Are the people that are supposed to be looking at these bugs no longer with the project? Are the people who should be working on F7 bugs too busy with F8? The odd thing about it is the responses that I have received were on the bugs that were trivial. The important bugs seem to be ignored. No request for further information or clarification. No anything.

Fedora as a distribution has several thousand packages being maintained, and hundreds of packages being updated daily, and the maintainers involved need to prioritize bug reports. Severe security and bug fixes get higher priority compared to other bug reports. If the problem you reported is not specific to Fedora, you might want to report this problem directly to the upstream project bug tracker or mailing list.

If you do not get a response on a bug which you consider important, you might want to verify that you have assigned the bug to the right package and try providing more information on the problem. Log files, hardware information and screenshots are useful depending on the issue. (Post large sets of data by creating an attachment, not by pasting the data directly into the comment.) Your additional comments or attachments will also act as a gentle reminder to the maintainers. Contributing patches or being part of the bug triaging team [1] is also a very good way to participate. Issues concerning security get special attention [2]

Many of the packages are maintained by volunteers who contribute in their spare time and other people who might have various commitments. Fedora Project has been encouraging co-maintainership or multiple people to work together as a team called special interest groups on the same or similar packages to share the work. Many of the packages are maintained in this manner. With the merge of Fedora Core and Fedora Extras in Fedora 7, the base of contributions and the potential for more volunteers to work in the packages which were in Fedora Core and accessible directly only to those in Red Hat, we expect these problems to be mitigated if not solved to a good extend. If you are still unsure about the status, or suspect that the package is currently unmaintained or the maintainer has not responded in a reasonable timeframe, consider following up in an email to the fedora-devel mailing list. Include a reference to the bug report, and CC the maintainer of the package in question. We understand that this process can sometimes be frustrating and we appreciate the feedback and support.

[1] http://fedoraproject.org/wiki/BugZappers

[2] http://fedoraproject.org/wiki/Security/Bugs

Problem with Pup

david witbeck <fifi5252@yahoo.com> : I am completely new to Linux. I looked at faq's and I dont see an answer. I installed fedora 6 a few months ago and didnt use it. I got interested again and logged in . I got a message i had 252 updates available . When I checked the "apply updates" box I got the following message "another appliccation is running which is accessing information".

Also I tried to install the f-stop application through the "add/remove software " option on the applications drop down menu ,and got the same message. Also when i do a search for yum with the search button, there is no yum. Isnt yum included with version 6 ?

I would really appreciate any help you could give me . Thanks

We appreciate the detailed descriptions and error messages. To better understand the issue, we can provide some basic information first. Fedora package management is based on the RPM format and tool. The yum application is the automatic dependency resolver that uses RPM beneath. Pirut is the graphical frontend to yum, and Pup is the package updater. Puplet provides desktop notification for available package updates. A daemon or background service called yum-updatesd is leveraged by Puplet. The yum-updatesd process locks yum and the RPM database while checking for the presence of any updates, to prevent multiple transactions in the database.

In the earlier versions of yum-updatesd, the daemon had a issue which caused it to lock the database more often than necessary to check updates. You can stop the daemon using the system-config-service graphical utility. From the Main Menu, choose System > Administration > Services and enter the password for root. Locate the yum-updatesd service, select it, and click the Stop button. At the command line, you can stop yum-updatesd for the current session using this command, and the password for the root account:

su -c '/sbin/service yum-updatesd stop'

Then perform an update by selecting Applications > System Tools > Software Updater from the graphical menu, or with the following command:

su -c 'yum update'

You can permanently turn the yum-updatesd service off with this command:

su -c '/sbin/chkconfig yum-updatesd off'

While this particular issue has been fixed in a update, the threaded design for performance has caused more problems, and developers have redesigned and rewritten yum-updatesd to avoid further issues. This package is currently available in rawhide, the development branch of Fedora, and will soon be available as an update to the regular releases.