Gentoo Archives: gentoo-dev

From: Ryan Hill <dirtyepic@g.o>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] Re: RFC: new global USE flag "srcdist"
Date: Thu, 02 Jan 2014 12:41:02
Message-Id: 20140102065006.59a2bad9@caribou.gateway.pace.com
In Reply to: [gentoo-dev] RFC: new global USE flag "srcdist" by Ulrich Mueller
1 On Wed, 1 Jan 2014 23:28:54 +0100
2 Ulrich Mueller <ulm@g.o> wrote:
3
4 > Hi,
5 > According to GLEP 23 [1], the LICENSE variable regulates the software
6 > that is installed on a system. There is however some ambiguity in
7 > this: should it cover the actual files installed on the system, or
8 > everything that is included in the package's tarball? This question
9 > was asked several times in the past and arose in bug 492424 [2] again.
10 >
11 > I've always preferred the first interpretation, because the second one
12 > would inevitably require us to repack many tarballs, in order to keep
13 > their license in @FREE. This would for example include the Linux
14 > kernel, where we could no longer use deblobbing, but would have to
15 > provide our own tarball with firmware blobs removed. Not sure if users
16 > would be happy if we wouldn't install from pristine sources any more.
17 > We also have mirror and fetch restrictions which allow us to control
18 > what tarballs we distribute, independent of the LICENSE variable.
19
20 I've always believed that when it comes down to it all Gentoo basically does
21 is provide a link to some source code and a script to build and install it.
22 Unless we violate someone's license by redistributing that source then we really
23 don't have to worry about it, and as you said we already have mechanisms to
24 deal with that. What the user does with that source is their business, and
25 they are solely responsible for following the terms of the license(s). IIRC
26 this is the stance we took back in 2006 with the cdrtools debacle [1].
27
28 So I don't understand why we would have to remove anything from the tarballs.
29 Unless there's a license in there that forbids mirroring then there's no need
30 to list other licenses that aren't relevant. The user wants to know what
31 conditions he needs to follow to build and use the package, not what the
32 tarball happen to contain. If you tell him that he can't install something
33 because of a license on a piece of code that is never used, built, or
34 installed, he isn't going to be very happy.
35
36 > Within existing EAPIs we have only one LICENSE variable available.
37 > (Extending it would be possible in future EAPIs, but we would end up
38 > with a very long transition period.) USE conditional syntax is allowed
39 > in LICENSE, though. So I wonder if this couldn't be used for the
40 > intended purpose. For example, for specifying licenses of distfiles:
41 >
42 > LICENSE="<licenses of installed stuff>
43 > srcdist? ( <licenses of unused stuff in distfiles> )"
44 >
45 > This idea was discussed within the licenses team, and the overall
46 > reaction was positive.
47 >
48 > What do you think?
49
50 Wouldn't that just prevent you from installing the package altogether?
51 Some people might be okay with that, but if it's a package you need then you
52 are forced to choose between either disabling the USE flag or stop filtering the
53 license for that package. Either way you end up with non-distributable stuff in
54 your distfiles.
55
56 Maybe we could add RESTRICT=srcdist which would cause ebuilds to save
57 their distfiles in a separate directory controlled by PORTDIR_NODIST or
58 something. If the variable is unset then it's business as usual.
59
60
61 --
62 Ryan Hill psn: dirtyepic_sk
63 gcc-porting/toolchain/wxwidgets @ gentoo.org
64
65 47C3 6D62 4864 0E49 8E9E 7F92 ED38 BD49 957A 8463

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies