on Mon, Dec 04, 2000 at 06:10:11PM -0500, Susan G. Kleinmann (sgk@netbox.kleinmann.com) wrote:
> It would be convenient/efficient if the Apache software license were
> included with other licenses in /usr/share/common-licenses. I think
> this could be accomplished either by adding it to the base-files package,
> or by having the apache-common package place it there.
Here's a thought, which might also help rationalize the whole license
tracking thing -- then again, maybe not.
A set of license packages. Currently, several of the licenses are
included as part of the base install. If instead we had a set of
packages for licenses (GPL, LGPL, BSD, MIT, Apache, Artistic, MozPL,
...), and required that packages which used a particular license listed
this as a dependency, we might address several issues:
- Duplication of license text within the distribution. Though it's
not huge, it becomes critical particularly in small-format
installations. I estimated that archiving seperated copies of the
GNU GPL would require some 80 MB for a reasonably full-featured
Debian install. Worse, this is data which must be transmitted with
package updates. As licenses change infrequently, rationalizing
them into packages might serve a double bonus.
- Clarifying license dependencies. I used a few simple text tools to
try to determine what licenses are associated with what packages a
few weeks ago. Reporting standards vary widely, even for code
covered by the same license. The "copyright" file might be anything
from a brief "GNU GPL v. 2.1" to a detailed account of attempts to
contact or track down a developer.
- Increasing the accuracy of copyright accounting tools. vrms uses
manual, and sometimes inaccurate, data in reporting on the use of
free and unfree packages, as Nick Moffit observed recently in a bug
report on the package that it was insulting his integrity. By tying
licensing to the packaging system, copyrights could be ascribed as
free or non-free, and vrms would become a query against the package
metadata.
- Possible solution to the problem RMS raised about distributions of
packages within Debian without the required GPL copy. The strict
dependency would guarantee that this happened within the Debian
infrastructure, and might be a possible path to compliance.
I've no real idea on the issues in implementing this as part of the
packaging system. It seems to me that this involves a policy, rather
than a tools modification, and that it should work fairly effectively
within the current .deb and apt systems. I also don't know if this has
been recommended before -- anyone got a historical perspective on this?
Thoughts?
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
Evangelist, Zelerate, Inc. http://www.zelerate.org
What part of "Gestalt" don't you understand? There is no K5 cabal
http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org
Attachment:
pgpuqiWVjt_df.pgp
Description: PGP signature