On 09/03/2009 05:08 PM, Tom "spot" Callaway wrote:
On 09/03/2009 04:59 PM, Roland McGrath wrote:
Koji's database has that information, sort of. It can tell you exactly
which other packages were installed in the buildroot, so that is the
superset of what-all bits could have been rolled into the output.
Yes, but I do not think we are in good faith satisfying the requirement
to distribute the source for those binaries by pointing back to koji
pages and possibly forcing the user to dig into the lookaside cache.
~spot
Isn't it more that we know how to do it? If someone came to the mailing
list and said "I formally demand, as per GPLvX, that you give me the
source for $Foo" we can quickly comply. We don't want to handle a large
number of requests in that way, but we can do it for the auditors.
--CJD
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
