FS#776 - Distribute copyright notices with BSD-licenced packages
Attached to Project:
Arch Linux
Opened by Oliver Burnett-Hall (olly-bh) - Sunday, 18 April 2004, 02:43 GMT
Last edited by Judd Vinet (judd) - Sunday, 18 April 2004, 18:16 GMT
Opened by Oliver Burnett-Hall (olly-bh) - Sunday, 18 April 2004, 02:43 GMT
Last edited by Judd Vinet (judd) - Sunday, 18 April 2004, 18:16 GMT
|
Details
Packages licenced under BSD- and X11-style licences include
an 'advertising clause' - when redistributed in either
source or binary format the original copyright notice must
be included.
For example, the (very long) OpenSSH licence can be found at http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/LICENCE?rev=1.11.2.2 Arch, on the whole, does not seem to be distributing these license/copyright files and so, technically, is breaching the conditions of the licence. I'm not expecting that anyone's going to get sued for this, but as Good Members of the Open Source Community we ought to be doing everything possible to make sure we comply to both the spirit and the letter of the law. Distributing BSD licences isn't as simple as with the GPL - there isn't a single BSD licence; it can vary with each package and will often reference an AUTHORS file - having a single /usr/share/licences/BSD file isn't enough. Instead we need to make sure that PKGBUILD scripts make sure that any LICENSE/COPYING/AUTHORS/WHATEVER files that come with source tarballs get installed with the packages. Adding (automatic or semi-automatic) functionality to makepkg to do this would be trivial (for a crude automatic version: 'find . -regex '.*/\(AUTHORS\|COPYING\|LICENSE\)' -exec cp {} /somewhere \;'), but we'd need to decide where the files would go. The two obvious places (as /usr/share/doc is a no-go) would be /usr/share/{pkgname} or /usr/share/license/{pkgname}. I'd go for the former but I was outvoted on IRC :( Thoughts? - olly |
This task depends upon
Closed by arjan timmerman (blaasvis)
Sunday, 15 October 2006, 09:15 GMT
Reason for closing: Implemented
Additional comments about closing: please report packages without a license field :)
Sunday, 15 October 2006, 09:15 GMT
Reason for closing: Implemented
Additional comments about closing: please report packages without a license field :)
But it sounds like I can't do that with BSD-licensed software, since each license may be slightly different (yet still classified as BSD?)
However, this won't work for BSD licences, as this is more a style of licence than an actual licence. For these you need to distribute the licence files with the binary package.
Here's a suggestion: add a licensefiles array to PKGBUILD and use that to copy the needed files. Then bung something like this in makepkg (this is example code and would need more work, e.g. it will fail if the source tarball extracts to something other than $pkgname, it also assumes /usr/share/licenses is the right place to put the files):
---------------------------------------------------------
licensedir=pkg/usr/share/licenses/$pkgname-$pkgver
for ((i=0; $i < ${#licensefiles[@]}; ++i)); do
install -D -m644 src/$pkgname/${licensefiles[$i]} \
$licensedir/${licensefiles[$i]}
gzip -9 $licensedir/${licensefiles[$i]}
done
---------------------------------------------------------
If you want to avoid multiple copies of GPL/whatever licenses then put this inside a case $license ... esac statement and give standard actions for other licenses. But the GPL2 is less than 7 kB when gzipped, so is it really worth it?
An alternative method would be to provide a helper function that could be called from build() that would do the same sort of thing (e.g. 'install-license ./COPYING'). Doing it this way mean it could be written to provide more options - wildcards, pulling in files from various bits of the source tree, renaming files, etc. Options like this could be the needed if different bits of a package are under different licences.
Thoughts?
What if the original package is 7k? You just doubled the size of the package. What about dial-up users? What about those who pay for downstream transfers? What about server size (additional disk overhead)?
It's worth it.
"Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution."
As Arch doesn't really provide any additional documentation or material for each package, there isn't really a place to add it. Keeping any license relevant info in the default package should be enough. This info certainly doesn't need to be in the package info of not yet installed packages.