this post was submitted on 29 Oct 2023
50 points (86.8% liked)
Linux
48144 readers
928 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
In my view, the “community” reaction was terrible. Regardless of if you agree with them or not, the response should be honest and rational. I found the reaction, emotional, political, and frankly dishonest. The response was that Red Hat was suddenly going proprietary, that they were violating the GPL, and / or that they were “taking” the work of untold legions of free software volunteers without giving back. They were accused of naked corporate greed by companies whose whole business is based on using Red Hat’s work without paying ( peak hypocrisy ).
Let’s start with what they actually did. Red Hat builds RHEL first by contributing all their code and collecting all the Open Source packages they use into a distribution called CentOS Stream. Once in a while, they fork that and begin building a new release of RHEL. That requires lots of testing, packaging, configuration, documentation, and other work required to make RHEL above and beyond the source code. Previously, they made the output of all this work publicly available. What they did was stop that. So, what does it look like now?
Red Hat now only distributes the RHEL SRPM packages to their subscribers ( which may be paying customers or getting it free ). The support agreement with Red Hat says that, if you distribute those to others, they will cancel your subscription. That is the big controversy.
What you cannot do now is “easily” build a RHEL clone that is guaranteed “bug for bug” compatible with RHEL and use it to compete with Red Hat. You will notice that those making the most noise, like Rocky Linux, want to do that.
So, are Red Hat violating the GPL? No.
First, Red Hat distributes all the code to make RHEL to the actual people they “distribute to” ( to their subscribers ) including everything required to configure and build it. This is everything required by the GPL and more.
Second, less than half of the code in RHEL is even GPL licensed. The text of the GPL itself says that the requirements of the GPL do not extend to such an “aggregate” ( the term the GPL itself uses ). So, Red Hat is going quite above and beyond the licensing by providing their subscribers code to the entire distribution. Yes, beyond.
Third, CentOS Stream remains open to everybody. You can build a Linux distribution from that that is ABI compatible with RHEL. That is what Alma Linux is doing now. Red Hat contributes mountains of free software to the world, both original packages and contributions to some of the most important packages in the free software world. Red Hat is not required to license packages they author under the GPL but they do. They are not required to make all of CentOS Stream available to the public but they do. They are certainly not freeloaders.
But what about this business of cancelling subscriptions? Isn’t that a restriction in violation of the GPL? Not in my view.
The GPL says that you are free to distribute code you receive under the GPL without fear of being accused of copyright violation. It says you can modify the code and distribute your changes. It says you can start a business in top of that code and nobody can stop you. Do RHEL subscribers enjoy all these freedoms. Yes. Yes they do.
What happens ( after the change ) when a RHEL subscriber violates the terms of their subscriber agreement? Well, they cease to be a subscriber. Does this mean they lose access to the source they got from RHEL? No. Does it mean they can be sued for distributing the code? No. I mean, you could risk trademark violation if you sell it I guess.
So, what does it mean that RHEL cancels your subscription? Well, it means they will no longer support you. I hope people see that as fair. It also means as bs they will no longer distribute their software to you IN THE FUTURE.
That is it. That is the outrage.
If you give away the results of Red Hat’s hard work to productize CentOS Stream into RHEL, they stop sending you future releases.
Again, that is it.
You can do whatever you want with what they already sent you. You have all the rights the GPL provides, even for software licenses as MIT, BSD, Apache, or otherwise. Nothing has been taken from you except access to FUTURE Red Hat product ( other than totally for free via CentOS Stream of course ).
Anyway, as you can see, they are the devil and we should hope their business fails. Because, why would we want a commercial successful company to keep contributing as much to Free Software and Open Source as they do?
You are just repeating the exact narrow definition that Redhat/IBM's lawyer leeches found to justify what they did. Yes it's legal - but by no means in the spirit of GPL or any FSF or OSI approved license.
Starting with the FSF definition, ANY software from OUTSIDE that RH builds on (this includes the kernel and numerous other parts) comes to them with 4 assured freedoms. One of them is the freedom to distribute the software or the modified forms of it. To put it in short, what RH says is - "You're still free to exercise the freedom - but we will stop doing business with you if you do". While this is not against the letter of the license, this is most certainly AGAINST the INTENT of the license.
One might ask, if that's the intent of the license, why does the license allow such a loophole? To put it simply, the creators of the license created it based on certain guidelines. But they couldn't foresee all the ways in which the license would be twisted, violating its intent. This happens from time to time - causing the licenses to undergo revisions. For example, GPLv3 was created due to what FSF calls Tivoization - a practice that violates the intent without violating the license. Hell, this is against even OSI's intent.
However, just because there are loop holes in the license to violate its intent, doesn't mean that it's ethical or moral to take advantage of it. When some company does so, it's nothing short of parasitism. In this case, RH managed to suppress GPL after profiteering for decades from it.
Clearly, your view is heavily colored. Remember that the community's reaction was only a response to what RH did. You clearly are not seeing the possibility that what RH did is way way worse and extremely damaging towards the community and FOSS principles.
This is a very myopic, one-sided and biased take. A lot of people who are complaining are contributors to the work RH uses. This isn't just about some bit of work. This is about trust that forms the foundations of the FOSS movement. People will be hesitant to contribute to any project that RH may take and profit like this. RH is using their code in a way that they were not expecting. What RH did is to fundamentally exploit that trust and then betray it.
The same narrow definitions to justify the malicious intent. Remember that distributing the recipe for 'FUTURE Red Hat product' wouldn't be wrong in any way if RH hadn't created the new clause - that they will stop supplying if you did. They had to invent a way to override the intent of FOSS.
They don't have a business if they didn't distribute the source code. There are numerous other offerings that give you the same services without the source code. They are doing nothing beyond what it takes for them to make money. So, their moral superiority arguments are based on false premises.
I'm honestly very tired of people shilling the false arguments of corporates that exploit regular folks to make money. The stories of how RH damaged the entire Linux ecosystem for supporting their business is too long for me to even get into. For now, I will just say that RH's entire business model has been to make the Linux ecosystem too complicated for anyone else to reasonably manage or modify. So, please stop giving this greedy corporation more credit than what it's worth and stop demonizing the people who complained when their reasonable expectations were violated.
I am not repeating anything Red Hat has said.( even if they said it ). I have not read any of their responses. I am reacting to what I have read and seen myself in the corners of tue Internet that I frequent ( where I have never seen Red Hat post — like here for example ). My thoughts and analysis are my own.
“Starting with the FSF definition” you say and then completely ignore what the GPL itself says about aggregates like RHEL. Again, less than half of RHEL is even software released under the GPL. Much of the software that is GPL was authored by Red Hat themselves. According to the text of the GPL itself, Red Hat is not required to distribute the code to the totality of the RHEL distribution or even to more than half the code. That is not a “loop hole”. The authors of the GPL went out of their way to spell this out. The word “aggregate” is introduced in the text of the GPL to specifically differentiate something like a full OS distribution from an individual work released under the GPL and included in that distribution. Beyond the hand-waving, I have never seen somebody explain to me how RHEL itself is governed by the GPL other than as an example of an “aggregate” that the GPL goes out of its way to point out would NOT be governed by the GPL. I have pointed this out many times and, disappointingly, the responses I get always completely ignore this. RHEL is not governed by the GPL other than as something that is specifically and explicitly excluded from the conditions of the GPL by the text of the GPL itself ( not as loop hole but by a section of the license that does not even need to be in the license other than to clarify this very thing ).
As for the “4 freedoms”, as stated above, you have all 4 of those freedoms for any GPL software from Red Hat. They even extend these freedoms to you for software that does not require it.
Let’s talk about “the spirit” off Free Software here.
The controversy is about Red Hat restricting the ability ( really just making it less convenient ) to piggy-back off them to make guaranteed “exact”, “identical”, “bug-for-bug” copies of RHEL. Why does Rocky Linux want to make “bug-for-bug” copies of RHEL? Why does Orace? Why does SUSE? Well that is simple. It is because they have built a business on providing guaranteed compatibility with RHEL.
What does “bug-for-bug” compatibility with RHEL mean? Well, it means that all that can be done is to rebuild and redistribute the packages created by Red Hat exactly as Red Hat created them. Does “the community” want to use this code as a base for incorporating their own changes and innovations? No. They cannot change it or it would no longer build into a bug-for-bug clone of RHEL. Can they even fix bugs? Again, no. “Bug-for-bug” means having the same bugs.
The people fighting hardest to take the exact packages output by Red Hat are explicitly fighting for the right to take RHEL without paying and with the express plan of giving absolutely nothing back.
And you know what, you can still do that with any code you get from Red Hat. If you are going to do that though, they want to stop sending you their future work. The horror.
The fury around these changes from Red Hat is that people ( most loudly companies that want to compete with Red Hat ) not only want to explicitly take without giving back but they also want to ensure that Red Hat is forced to provide all their future work for free as well. The demand is that Red Hat provide their labour and expense for free—forever.
And again, to be very clear, we are not even talking about source code. Because Red Hat does give away the code that they produce not just because they have to but because they want to ( they author stuff and make it GPL when they could choose other licenses ). They founded the Fedora project to create an aggressively free distribution and pay the salaries of many of its core contributors. This is very clearly something they volunteer willingly as they founded the project specifically to do that. Red Hat also pays to make CentOS Stream available which has all the same software and code in it as RHEL and can even be ABI compatible ( as Alma is now doing ). All the code, if that is what you want, is very available. Red Hat is not hoarding code. Red Hat is not taking anybody’s code and trying to close it off.
If this was about the code and the ability to preserve it for “the community” then then there would not be much problem. The problem is that people want specifically to make “bug-for-bug” RHEL clones now and in the future and they want Red Hat to do all the work to make that possible without any contribution from “the community” at all. Again, “the work” here is not authoring source code but all the other work that goes into making a full distribution.
What “community” is being damaged by telling people to use or fork CentOS Stream instead of trying to make “bug-for-bug” copies of RHEL? How is this “extremely damaging to the community and FOSS principles”?
If the right to take without giving back is what people mean by “the spirit” of Free Software then this is the moment that I break with Free Software and go fully Open Source.
For anybody that thinks that Free Software and Open Source are the same thing, Open Source is a pragmatic philosophy about how developer collaboration leads to better software while Free Software ( as defined by the Free Software Foundation ) is a political movement focused on the rights of users ( just user freedoms - explicitly not software author or developer freedoms ). The GPL, specially, restricts the freedom of software developers which is why many other Open Source licenses are often called “permissive” licenses ( because they are MORE free). Not all Open Source software is Free Software by the definition of Open Source provided by the Open Source Institute.
Red Hat, I notice, voluntarily chooses the GPL for the code they author instead of choosing a more “permissive” license. Interesting choice for such a “greedy corporation”.
I am all over the idea of collaboration around software development. I do not see though how anybody can claim to credibly fighting for that in this Red Hat spat though. If this were about collaboration ( not just explicit duplication ), I imagine Red Hat would be on board. Based on “the community” reaction, It seems that “the spirit” of Free Software is more about entitlement and the right to demand continued servitude from the people that create software for you. Ask not what I can do for the software but rather what does my software provider HAVE to do for me. Those are not politics that I care to support. Count me out
I would be completely shocked if this were true. I'm calling BS here.
I used to be my company's primary contact for our Red Hat TAM for almost 13 years. Our TAMs were very proud to claim that all of RHEL was FOSS software, licensed under the GPL or sometimes other FOSS licenses.
I spun up a RHEL 9.2 instance and ran:
So 65% of RHEL 9's packages are under a GPL license.
Half?!? Again, where are these mysterious numbers coming from?
It doesn't matter if Red Hat authored those packages or not. What matters is if they were distributed under a GPL license. If you're claiming that Red Hat multi-licensed those GPL'd packages that they exclusively wrote so they don't have to comply with the GPL, please point those out to me (or at least a few), so I can check them out.
By the way, I do not use Fedora or RHEL and have no connection to Red Hat of any kind ( though I used to use their distros before Fedora existed and for a bit after — all long ago ).
Well said, and this should really be the top comment. Yes, I am mostly a Fedora user these days, but I also love Arch and Debian. I have a lot of respect for the significant contributions that Redhat have given to the community time and time again, and I had zero issue with their recent stance.
And all the people that provide the free software RH is using and making money with don't count?! How about RH subscribe to all their projects to be able to repackage and redistribute their code, and if one of them doesn't like RH then they'll just cut them off like RH is doing to their customers. Does that sound like a good direction for the OSS ecosystem to you?
Of course RH does also provide back to the community, but that is the whole deal! You get free and open code, you give back free and open code. And they are a big company making a lot of money, so of course they should also contribute much more than a handful of devs would. That shouldn't give them the privilege to unilaterally change this deal.
I get that it's technically within the bounds of the GPL, but it's a loophole and not how an "OSS company" should act imo! The whole OSS ecosystem as we know it would collapse if all projects started doing this.
Red Hat does “subscribe” to the software they ship and fully complies with the terms specified for them to do so. Again, rhetoric completely at odds with the facts.
Let’s be explicit about the “loophole” that keeps getting talked about. What is it?
The GPL outlines a bunch of freedoms that you get when somebody distributes software to you. It does not provide any rights to anybody that has not been given software. Is that the loophole?
Red Hat provides CentOS Stream to everybody and so it, along with all its source code and everything else is available to the public. Only RHEL subscribers have any rights to RHEL because they are they only ones that get it from Red Hat. The public has no inherent right to RHEL, code or otherwise. This is of course compatible with the GPL and not in some nuanced tortured way but of course with its core purpose—to grant freedoms for software that you use ( have been given ). Is that the loophole?
The GPL talks about the rights you have regarding software you have already received—that you use—not software you may or may not receive in the future. Is that the loophole?
Importantly though, we are not talking about an individual package covered by the GPL. We are talking about RHEL, which is a collection of software of which less than half is even GPL licensed. On that basis, I submit that the following text ( extracted from the GPL itself ) might be the “loophole” that you are referring to:
“Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.”
Again, that language is quoted directly from the license.
Is that a loophole? Because it seems like a very specific provision to me. Did the authors of the GPL say that the GPL does not extend to all of RHEL by accident?
Imo the loophole is that RH is disrespecting the rights people have under the GPL by threatening negative consequences when they use those rights. E.g. you can't say I have the right to freedom of speech and also break my arm when I do it, just because I can physically speak about whatever I want. Respecting rights includes not punishing someone for using those rights.
Of course technically they are in the right, but imo it still violates the ethos of OSS as I see it.
Look, everybody is entitled to their opinion and I respect yours. I have posted enough that it is just going to look combative and so I think this will be the last one. That said, this feels like the kind of “then why don’t we just allow murder” straw man that gets used when we want to argue emotions instead of facts. Yes, breaking your arm sounds very unfair. Is that a good analogy?
I think a much better analogy would be me signing an employment agreement that places restrictions on my freedoms that I otherwise have as a citizen of my country. Who cares what restrictions. Maybe I cannot drink at work. Maybe I cannot travel to certain countries. Maybe I cannot play video games on the work computer ( even at home ). Maybe I am not allowed to express certain political or religious views with customers. Or maybe there is a public article showing that all our competitors are better than us and I am not allowed to tell customers about that article. Let’s take that last one and assume I am American ( I am not but we need a legal framework we may all know ).
Has my company taken away my 1st amendment right to free speech? If I say something they do not like, they will take away my job and all the income I wanted from it in the future. Is that fair and ethical? It certainly hurts me. How is that not massively illegal under the US constitution? Surely employment law is less important than the constitution. How is it morally ok and not totally against “the spirit” of a free society?
Well, I have not lost any rights. I remain free to say what I want. However, there can be consequences. In this case, they are consequences that I have contractually agreed to. The First Amendment and my Employment Contract are not the same thing and they grant me different rights and impose different obligations. I am free to share the damaging article but, if I do, my employer will stop paying me.
Free Speech Absolutionists may insist that I not be fired for acting against the interests of my employer. Most of the rest of us understand that this os ok as we have to balance the interests of all parties of we want a system that works well overall. We also understand that no rights have been lost.
I see this as very much like that. Red Hat is not adding any new restrictions to the copyright license and, as such, they are granting you full rights as per that license. Legally, Red Hat is granting you the right to redistribute their code when they give you code licensed under the GPL. Simultaneously, they ask me to agree to a subscription agreement ( like an employer asks me to agree to an Employment Agreement ). The subscription agreement outlines what Red Hat will do for me and what I must agree to do in return. I do not have to agree to the subscription agreement. I can CHOOSE to because it offers something I want. In doing so, I may have agreed to some constraints on my otherwise fundamental rights or more general legal agreements.
So, I do not think Red Hat is threatening to break your arm. They do not harm you in any way other than to stop doing nice things for you in the future.
What I see in the reaction to Red Hat is a bunch of people that think they should be able to break their employment contracts but still keep getting paycheques from their employer.
If we still disagree, that is fine. I think this post fairly explains my position.
Does the fact that Red Hat provides not one but two explicitly free Linux distributions for free including one ( CentOS Stream ) that includes all the work they do on their flagship product with changes often appearing in the free community version before they appear in their paid product sound like a good direction for the OSS ecosystem? Yes. Yes it does. If every company contributed in the way that Red Hat does, the world of Open Source would be dramatically richer.
Does giving cover to other commercial entities not just to collaborate and use the same source code but to shamelessly make exact copies of another product while giving nothing at all back sound like a good direction for the Open Source ecosystem. Well, no actually. Not in my mind. This sounds attractive and beneficial to you?
Based on this episode, I have to say that the GPL itself is starting to come off as less beneficial in mind and less of a good direction for the Open Source ecosystem. The differences between Free Software and Open Source are starting to matter more to me.
I'm not disputing any of that, but it's also not an answer to my argument/question. A bad action is still bad if the same actor also does other good things. As I already said, following the open source rules/ethos in one area doesn't give you a license to break it in another and still call it open source, doesn't matter how big your other contributions are.
Making copies of other projects is a core principle of open source, there is absolutely no shame in it. As long as you abide by the rules of the license (e.g. credit the original) you're absolutely fine. That's because usually the creators of OS projects don't do it for the personal benefit, beyond being able to use their own creations. But ...
Depends on who's prespective you're talking about. For the community as a whole it was very beneficial, but RH as a for-profit company of course wants to make money with the whole endevour. I don't think OSS is the right place to do that (reasons in my previous post), at least not by selling access to the code itself. There are plenty of companies that contribute to OS code while also earning money with services and products surrounding it. I don't see any reason why RH can't do the same, or rather return to doing that.
As not a lawyer, I'm actually not sure that cancelling the subscription is allowed by the gpl, given that it established that there can be no additional (outside of the license) conditions to share the code. I'd like to see it discussed in court, but I'm not sure interested parties have enough lawyer money for it.
I would say that cancelling your subscription is a direct violation of the GPL for two reasons.
For example, say I'm someone who installed RHEL under a subscription. I downloaded the source to the kernel then distributed the SRPM to others leading Red Hat to cancel my subscription/account.
With a cancelled subscription/account, how do I now access the buildable source for say the GCC package I have installed on my system as guaranteed under the GPL?
If Red Hat didn't cancel my subscription/account, but restricted it to only accessing the matching source downloads for the packages on my system, that would be compliant. But they didn't. They killed all my access for matching source which is non-compliant.
If Red Hat provided a service where I could request buildable copies of the source for the packages I have installed , this would be compliant. But as far as I know, they have not.
Cancelling my subscription/account is a violation of Section 6 of the GPLv2 which states, " You may not impose any further restrictions on the recipients' exercise of the rights granted herein."
This clause is to ensure you can freely exercise your rights granted by the GPLv2. Cancelling your subscription/account for no reason other than exercising your rights is a direct violation.
For example, I have the right to vote. If a government body imposes a hefty fine or tax if I attempted to vote, this would be considered further restrictions on my right to vote. This is what Red Hat has done.
Red Hat is certainly free to cancel your subscription/account under the terms of their license, but not when it conflicts with the exercise of rights granted under the GPL.
If Red Hat distributed software to you, you are entitled to the source. And guess what, they will give it to you. You are making the false assumption that they will not. There is no evidence for this at all.
Red Hat does not add any restrictions at all to the software license of any GPL work they distribute. You can exercise whatever rights you want regarding the software that Red Hat has distributed to you because they extend it to you via the same license that it was provided to them. They do not restrict your rights in any way with regards to the software they have already given you. A cancelled subscription does not cause me to lose access to the software that has been distributed to me or to any of the rights and freedoms as stated in the licenses ( GPL and otherwise ) for the software that Red Hat has distributed to me. The subscription is not a software license, it is a contract.
More important than all of this, RHEL itself is not licensed under the GPL and so the whole premise is wrong on its face. The subscription agreement is for RHEL itself.
As far as I understand, this discussion is still theoretical because Red Hat has not terminated anyone's subscription or account yet due to distributing GPL'd source to a Red Hat product, so everything's an assumption until it happens. Do you know if they have that has been publicly disclosed?
Have they explained how they will do that after terminating my subscription?
I offered some alternative methods to how Red Hat could be GPL compliant. As far as I know, they have not disclosed such a process that meets the terms of the GPL.
By terminating access to the source for GPL'd software I've already installed, yes, they have, unless they/you can clarify how they will still allow me to access the matching, buildable source for the binary packages I've already installed on my system.
Normally, I would download the matching source for a package via the
dnf
or other related tools, but they won't work if my RHEL subscription or account is terminated. I would like to hear this new method. I offered a couple under my earlier post as possible examples.Anyway, that's inconsequential. By applying any additional restrictions when exercising the GPL granted rights, this violates the GPL. Those restrictions don't have to be on the rights themselves, they just have to come into effect when the rights granted by the GPL are exercised, which in this case, they do.
As quoted earlier, GPLv2 section 6 states, "You may not impose any further restrictions on the recipients' exercise of the rights granted herein." It does not say, "You may not impose any further restrictions on the rights granted herein." It's not the rights themselves, but the mere exercise of those rights. As I mentioned before, what good is a right to vote if additional restrictions can be included such as paying a fine or tax? This is what section 6 is meant to prevent others from doing.
You keep saying that, but not mentioning how. Would you please clarify for me how I access the buildable source for the exact version and release of a package I have already installed on my system post-termination of my subscription? Maybe I have missed this in Red Hat's publications on this matter?
It is a contract that includes licenses that are part of it, so I'm not sure of your point here?
Contract law comes into effect here. And fulfilling or breaking the terms of the licenses included as part of the contract are also in play.
As mentioned, there are certainly ways for Red Hat to terminate aspects of the RHEL support agreement that would comply with the GPL. I certainly accept Red Hat has the rights to terminate future access to newer versions of binaries or sources covered by the GPL. There are ways for them to do that without violating the GPL, and I would like to see them do that, but so far I've not seen how they will comply.
But components of RHEL are licensed under the GPL. The subscription agreement in part is how Red Hat fulfills the terms of the GPL for those components, so could you clarify the point of your statement?
If the RHEL software under the GPL did not rely on a working subscription for fulfilling GPL terms, then that would decouple the RHEL subscription from the GPL and covered components, but I have not seen a description yet of how Red Hat will do that.
Thank you for replying. I've had these points and questions for some time, but I have not seen a good rebuttal from someone GPL knowledgeable with Red Hat's position. If you can clarify and answer the points above, that would help.
I am not a lawyer either but “outside the licence” sounds wrong. The license ( the GPL ) talks about “additional terms” but those are extensions and modifications of the license itself. The only non-license vehicle that the GPL references is patents.
Importantly, the status of your Red Hat subscription does not modify the terms of the license. Cancellation of your Red Hat subscription does not cause a modification, impairment, or loss of any of the rights, obligations, or freedoms that you have under any GPL covered work that you have received.