Hi folks, AFAIK CentOS uses RedHat's source RPMs for building the next CentOS release. I am not sure about the bootstrap procedure and the infra- structure packages, so lets put these corner cases aside. RedHat's "regular" binary and source packages are based on open source (GPL2, GPL3, Apache license, whatever). For building the binary RPMs other open source RPMs with compatible license conditions are used. My question is: Are RedHat's binary RPMs "poisoned" somehow, making it impossible for CentOS to redistribute RedHat's *binary* packages without going to jail? Every insightful comment is highly appreciated. Regards Harri
As I understand it the rebuild only removes RedHat copyrighted artifacts like their name and logo. This is also why the release notes refer to 'upstream' rather than RedHat by name (not that I studied it in depth recently) The only 'poison' here is copyright, which CentOS avoids by removing these artifacts.That said I am not a lawyer. ----- Original Message ----- From: "CentOS mailing list" To:"CentOS mailing list" Cc: Sent:Wed, 3 Jul 2019 08:43:40 +0200 Subject:[CentOS] using RedHat binary packages? Hi folks, AFAIK CentOS uses RedHat's source RPMs for building the next CentOS release. I am not sure about the bootstrap procedure and the infra- structure packages, so lets put these corner cases aside. .... snip.. My question is: Are RedHat's binary RPMs "poisoned" somehow, making it impossible for CentOS to redistribute RedHat's *binary* packages without going to jail?
On Jul 3, 2019, at 12:43 AM, Harald Dunkel <harald.dunkel at aixigo.com> wrote:> > Are RedHat's binary RPMs "poisoned" somehow, making it impossible for > CentOS to redistribute RedHat's *binary* packages without going to jail?RHEL binaries are only available to those with a RHEL subscription. I don?t see anything in skimming through the RHEL license agreement that says that a RHEL subscription licensee couldn?t make a copy of those binaries for others, but since the act of producing those binaries is a work product, I don?t believe Red Hat needs license terms to bring a lawsuit aiming to prevent that: simple copyright law should suffice in pretty much every country that matters. Since the core CentOS employees are now working for Red Hat, it may be possible for them to negotiate a separate agreement to avoid this, but what would be Red Hat?s incentive to do that? Faster access to binaries is a selling point of a RHEL subscription. So, if you want the binaries now, you know how to get them. Even if you sweep aside the copyright and licensing issues somehow, the CentOS project *should* be able to bootstrap itself. It?s not really free software if you can?t build it from source, and that requires work to produce. The fact that it takes months of work by several talented people to produce a working and repeatable CentOS build system should tell you that its results are copyright protectable IP. The fact that they?re willing to do this without charge to us should never be taken for granted.
On July 3, 2019 1:43:40 AM CDT, Harald Dunkel <harald.dunkel at aixigo.com> wrote:>Hi folks, > >AFAIK CentOS uses RedHat's source RPMs for building the next CentOS >release. I am not sure about the bootstrap procedure and the infra- >structure packages, so lets put these corner cases aside. > >RedHat's "regular" binary and source packages are based on open source >(GPL2, GPL3, Apache license, whatever). For building the binary RPMs >other open source RPMs with compatible license conditions are used. > >My question is: > >Are RedHat's binary RPMs "poisoned" somehow, making it impossible for >CentOS to redistribute RedHat's *binary* packages without going to >jail? >RHEL binary packages are only available to paid customers who are explicitly prohibited to redistribute them. It usually is an easy search and short reading one has to do instead of bugging mail list. Valeri> >Every insightful comment is highly appreciated. > >Regards >Harri >_______________________________________________ >CentOS mailing list >CentOS at centos.org >https://lists.centos.org/mailman/listinfo/centos++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On 03/07/2019 15:58, Valeri Galtsev wrote:> RHEL binary packages are only available to paid customers who are explicitly prohibited to redistribute them.For the sake of completeness, not everyone with legitimate access to RHEL binaries is necessarily a *paid* customer. Red Hat provides a free dev licence so anyone can legitimately access RHEL binaries (and source RPMs of course) for free, although the use to which one may put the binaries is limited by the licence. -- Mark Rousell
On 7/3/19 1:43 AM, Harald Dunkel wrote:> Hi folks, > > AFAIK CentOS uses RedHat's source RPMs for building the next CentOS > release. I am not sure about the bootstrap procedure and the infra- > structure packages, so lets put these corner cases aside. > > RedHat's "regular" binary and source packages are based on open source > (GPL2, GPL3, Apache license, whatever). For building the binary RPMs > other open source RPMs with compatible license conditions are used. > > My question is: > > Are RedHat's binary RPMs "poisoned" somehow, making it impossible for > CentOS to redistribute RedHat's *binary* packages without going to jail? > > > Every insightful comment is highly appreciated.CentOS is a rebuild of RHEL source code .. we do not distribute RHEL binaries. IANAL - You would need to talk to yours to get an answer to the rest of your questions. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20190703/b593e1e4/attachment.sig>