| Widespread Linux GPL violations alleged |
Jun. 27, 2006
Could many smaller Linux distributions be in violation of the GPL? That's what Warren Woodford, the man behind the popular MEPIS distribution thinks.
As detailed in Bruce Byfield's excellent NewsForge story, "A GPL requirement could have a chilling effect on derivative distro," Woodford recently ran afoul of the GNU GPL (General Public License) requirement that downstream distributors of GPL code are obligated to provide source code to users in an easily accessible format.
Woodford's error was that while he does provide MEPIS's modified Debian/Ubuntu kernel source code in a Debian source-package, he had not provided copies of the source code that was available somewhere, which he had not modified.
So, for example, say I released Steven's Special Penguin Sauce Linux. In it, I'd have my own modifications to the kernel source code, and the usual Linux utilities like the vim screen-based text processor. I would have to provide my users with not only my kernel's code, but also with vim's source code as well, even though I hadn't done a thing to its code.
Although Woodford is in the process of complying with the FSF's (Free Software Foundation) request, he's not completely happy with it. He thinks that "of the 500 distributions tracked by DistroWatch, probably 450 of them are in trouble right now per this position," according to the NewsForge article.
Further, Woodford told Byfield that he believes the requirement to provide all the source code is a bit much to ask of anyone who's creating a distribution out of their garage. He feels, as does John Andrews, Damn Small Linux's source code maintainer, that the burden is too much for a small-time Linux distribution developer. They think that if the FSF were to crack down on such small-time violations, it would strongly discourage many would-be open-source developers.
Is Woodford right? Are many, if not most, smaller Linux distributions in violation of the GPL in this manner?
Based on what I know of Linux developers, I'm sure that he is correct. The small-fry of Linux do indeed make sure that "their" code, the code that they modified, is out under the GPL. Most of them, though, aren't set up to make the upstream, unmodified code available to users.
Is it 90 percent of them? I'm not sure it's that high, but I wouldn't be in the least bit surprised if it were that high.
The next question is, "Is it really that much trouble to comply?" Today, yes, I think it is a lot of trouble for small-time Linux distributors.
There's no easy, quick way to pull down the "untouched" source code a developer used from an upstream distribution as the basis for his particular version of Linux. There are programs that can do it, such as rPath's rBuilder Online, but it's only free for non-commercial use.
For now, there is no easy, open-source answer to the problem. On the other hand, it is fundamentally just a question of source code management. That is a problem that open-source developers can fix. It's just that, until recently, no one saw a need for that particular tool.
-- Steven J. Vaughan-Nichols
Do you have comments on this story?
Talkback here
NOTE: Please post your comments regarding our articles using the above link. Be sure to use this article's title as the "Subject" in your posts. Before you create a new thread, please check to see if a discussion thread is already running on the article you plan to comment on. Thanks!
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
news feed