On Tue, Jul 25, 2023 at 5:14 PM Richard Fontana <rfontana@xxxxxxxxxx> wrote:
>
> I'm interested in proposing that Fedora adopt a 'common-licenses'
> directory convention, similar to Debian and Debian-derived
> distributions, whereby default installations of Fedora would include a
> prepopulated subdirectory /usr/share/licenses/common-licenses (or
> maybe /usr/share/common-licenses) with certain highly common license
> texts. A Debian container I am currently running has these files in
> /usr/share/common-licenses:
> Apache-2.0
> Artistic
> BSD
> CC0-1.0
> GFDL
> GFDL-1.2
> GFDL-1.3
> GPL
> GPL-1
> GPL-2
> GPL-3
> LGPL
> LGPL-2
> LGPL-2.1
> LGPL-3
> MPL-1.1
> MPL-2.0
>
> I do not propose to have all or even most of those, but I could see a
> basis for GPLv2, GPLv3, LGPLv2.0, LGPLv2.1, probably LGPLv3, maybe
> Apache-2.0. These happen not only to be licenses that are very common
> in Fedora (LGPLv3 might be an exception but it would be associated
> with LGPL-2.x-or-later licensing), but also they tend not to occur in
> textually noteworthy variants. For example, we all know that there are
> lots of different GPLv2 texts out there with different current and
> historical FSF addresses, but they are commonly seen as equivalent by
> the relevant license using community, such that updating to a
> newer-FSF-address version is seen as unremarkable to everyone except
> possibly for super-pedantic FOSS license obsessives.
>
> This would go a little way towards addressing the problem of defining
> a modern policy for inclusion of license files with binary packages.
> If an applicable package license is already contained in
> /usr/share/licenses/common-licenses (let's say, as indicated by the
> spec file License: field, even though that has shortcomings), that
> license could be omitted from inclusion in
> /usr/share/licenses/{package name}/. This would mean, for example,
> that a Fedora system would no longer need to have tens of thousands of
> identical/near-identical copies of GPLv2 in /usr/share/licenses/.
>
> What I am totally unclear on is how something like this should be
> proposed. Is it a packaging policy issue, or a proposal for a change
> in some existing fundamental package that gets installed on all
> systems (probably not fedora-release, but maybe something similar to
> that?)? A package created for this specific purpose? Is it a FESCO
> issue?
>
This would be under the purview of the Fedora Packaging Committee:
https://pagure.io/packaging-committee
The mailing list for discussion is packaging@.
I am not opposed to this idea, though I guess we'd probably want to
use SPDX identifiers for the text files?
The mechanics of adopting common-licenses will be interesting to figure out.
There is some precedent in the RPM world, as Mandriva and Mageia used
it somewhat. I wouldn't say they fully adopted it, since there was no
working out how to consistently apply licensing documentation policy.
Another aspect of common-licenses is that usually there's some kind of
packaging declaration of these things. In Debian, this is handled
through DEP-5: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
I'm personally not a total fan of the DEP5 format, but having some
kind of extension to the spec file for some (if not all) of this data
to be stored in the RPM database when RPMs are installed would make
sense to me.
--
真実はいつも一つ!/ Always, there's only one truth!
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
