Re: podman's debian/copyright

To: Reinhard Tartler <siretart@tauware.de>
Cc: Dmitry Smirnov <onlyjob@debian.org>, debian-go@lists.debian.org
Subject: Re: podman's debian/copyright
From: Domenico Andreoli <cavok@debian.org>
Date: Fri, 26 Aug 2022 14:40:24 +0200
Message-id: <Ywi/ONozvB7wMXB2@macchia.fritz.box>
Mail-followup-to: Reinhard Tartler <siretart@tauware.de>, Dmitry Smirnov <onlyjob@debian.org>, debian-go@lists.debian.org
In-reply-to: <[🔎] 549673cd-5c9f-c73b-6d54-966d42fb24c1@tauware.de>
References: <[🔎] YwNXdEpkBHMK1W64@macchia.fritz.box> <[🔎] 549673cd-5c9f-c73b-6d54-966d42fb24c1@tauware.de>

On Fri, Aug 26, 2022 at 07:20:30AM -0400, Reinhard Tartler wrote:
> I happen to know (because I occasionally attend the podman community meetings) that
> podman is developed mostly by redhat employees.

I suspected something similar. I think it would not be bad if upstream
could clarify this in the sources as well.

Now they think that because podman is on the ok side, then
oci-seccomp-bpf-hook should work in the same way. Except that I don't have
any informal way to attribute any copyright holder and I'm not even sure
if that is a preferrable approach.

> 
> What was the wording of the reject message.

"the copyright holder in your debian/copyright does not seem to be
 correct.  Where did you find the mentioned one?"

My debian/copyright was quite naive and I think it's been rightly
rejected:

Files: *
Copyright: 2019, Containers
License: Apache-2.0

Don't know exaclty how that was filled in by dh-make-golang.

> Maybe you can also attribute the copyright to redhat,

Nope, see [0]

> or simply the "oci-seccomp-bpf-hook developers"?

They also proposed it but it frankly sounds like a lazy answer. See my [1].

Nevertheless, I don't think ftp-masters would (and should) accept any
statement of mine (or yours) not backed by something written in the source
code by the upstream.

Am I looking too much like a lawyer? :)

> 
> best,
> -rt

thanks,
Dom

[0] https://github.com/containers/oci-seccomp-bpf-hook/issues/99#issuecomment-1222118895
[1] https://github.com/containers/oci-seccomp-bpf-hook/issues/99#issuecomment-1222140064

> On 8/22/22 12:16, Domenico Andreoli wrote:
> > Hi Reinhard and Dmitry,
> > 
> >    I'm packaging oci-seccomp-bpf-hook but it got rightly rejected by
> > ftp-masters because of incorrect debian/copyright. As result I opened an
> > issue [0] with upstream so to have actually _some_ copyright statement to
> > be included in the package.
> > 
> > As part of that discussion, Podman was mentioned [1] and looking into it I
> > noticed it's not in a situation much different from oci-seccomp-bpf-hook
> > therefore I wanted to check here before opening any RC bug.
> > 
> > How the following entry in debian/copyright could be determined?
> > 
> >    Files: *
> >    Copyright:
> >        2016-2019 Red Hat, Inc.
> >    License: Apache-2.0
> > 
> > I fail to deduce it from any content of the source tree.
> > 
> > Thanks,
> > Dom
> > 
> > [0] https://github.com/containers/oci-seccomp-bpf-hook/issues/99
> > [1] https://github.com/containers/oci-seccomp-bpf-hook/issues/99#issuecomment-1222036689
> > 

-- 
rsa4096: 3B10 0CA1 8674 ACBA B4FE  FCD2 CE5B CF17 9960 DE13
ed25519: FFB4 0CC3 7F2E 091D F7DA  356E CC79 2832 ED38 CB05

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- podman's debian/copyright
  - From: Domenico Andreoli <cavok@debian.org>
- Re: podman's debian/copyright
  - From: Reinhard Tartler <siretart@tauware.de>

Prev by Date: Re: Consul pending upload
Next by Date: RFS: golang-go4
Previous by thread: Re: podman's debian/copyright
Next by thread: Consul pending upload
Index(es):
- Date
- Thread