On 9/28/22 08:21, Neal Gompa wrote: > On Wed, Sep 28, 2022 at 1:15 PM Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> wrote: >> >> As Fedora users and contributors, we profit a lot from everything that RedHat provides to the Fedora project, be it infra, people-power or "leverage" (talking to vendors etc.). In turn, RedHat can expect a certain amount of understanding from "us" for their business interests, which include legal liabilities, of course. >> >> Understanding is helped greatly by communication, though. Legal answers such as "We can not" do not further this understanding, and "We can not and we can not tell you why" is not much better, but these are the typical answer we get, not even with a "sorry, but we can't". Obviously, these legal questions are difficult to explain, but it can't be true that each such case is under a "gag order". This non-transparency is orthogonal to our first F and hurts all efforts to increase the number of contributors. >> >> Now, I don't expect the communication issue to be resolved any time soon. Therefore it's important to work on the other major friction point: How difficult do we make it for users/contributors to get the missing bits that they need or can (because they are no distributors, in a different jurisdiction etc.)? >> >> rpmfusion/gstreamer is a prime example of how things can work flawlessly, and takes into account all interests. >> >> ffmpeg is a prime example of "in your face", of course, and I'm happy to read that it may get resolved. >> > > Let's talk for a moment here about this. I'm going to give you some > "inside baseball" (or at least as much as I can). I can tell you up > front that ffmpeg in Fedora is *entirely* my fault. > > I spent many years tirelessly trying to come up with a solution to > bring FFmpeg into Fedora. It started from the moment we got approval > to introduce MPEG1 and MPEG2 codecs into Fedora. I cannot overstate > how much back-and-forth with Red Hat Legal it took to figure it out. > Over the last few years, more and more codecs got gradually approved, > until we got to a point that enough codecs were approved that it made > sense to finally produce a package to introduce. I had been trying to > come up with a stripped FFmpeg source tree to deliver and was not > succeeding until Andreas Scheider came up with the scripts to do it > properly. That breakthrough allowed us to bring FFmpeg into Fedora as > ffmpeg-free. > > It was my choice to be quiet about its introduction, because I was > being verbally and emotionally abused by other community members over > it and I didn't want to invite more by making a big announcement like > we did for mp3. At one point, I got so stressed over it that I became > physically ill for weeks. > > Do I regret this work? No. I still firmly believe this is going to > improve the usefulness of baseline Fedora and expand the pressure to > improve and prioritize Free Software in the Linux space. Do I want to > do something like this again? I don't know. It really sucked and in > the end all I got was hate for it. I want to make Fedora the best > Linux distribution out there, but I also don't want to create a > situation where all Fedora users and contributors are in legal > jeopardy. > >> The other big issue are our hobbled sources: We cannot store some original sources in the look-aside cache, obviously. But packages such as openssl do not even specify a hash nor an url for the un-hobbled sources. This makes it unncessarily difficult to verify that our openssl package has indeed been built against against the hobbled version of the original sources - for a package like openssl this really is a trust issue (and might even violate our packaging guidelines, but I'm not a lawyer...). >> > > I'm (personally, though IANAL) of the opinion that the hobbling of > crypto libraries is probably no longer necessary and can be retired > entirely. The method of producing the stripped sources is > reproducible, so from our guidelines perspective, it's fine. But I do > think it's probably obsolete, and I hope Red Hat Legal concurs. > >> As a side effect, it makes it unnecesarily difficult to rebuild the package locally (though it does not effectively inhibit it either, of course; it is not an "effective measure" for that cause). I do understand that providing a functional link can be construed to be "redistribution", but in the context of a spec file, a comment really is a reference to the "source of the source", without which we cannot even claim to distribute the hobbled version legally (and without which we have no trust chain). >> >> Note that depending on the legal outcome mesa might have to go the hobbled route, too: simply disabling the codecs in %build does not change anything about redistributing the source. > > That will depend on how much codec detail exists in the Mesa codebase. > I would guess not enough to matter, but IANAL. > > Here's something of a drop-kick for you though: those > hardware-accelerated codecs that Dave Airlie disabled from Mesa > weren't being used by *anything* in Fedora anyway. Not GStreamer, not > FFmpeg, not Chromium, etc. We've been extremely careful to ensure we > don't provide a "completed puzzle" as it were for those codecs. In > practice, you are getting *nothing* from those codecs anyway. Fedora > has only provided working hardware acceleration for unencumbered > codecs. That list is expanding all the time, but for now this means > you're basically only going to see MPEG1, MPEG2, VP8, VP9, and AV1 > acceleration. Everything else is currently off the table. Could Cisco somehow be convinced to provide hardware acceleration as part of OpenH264? -- Sincerely, Demi Marie Obenour (she/her/hers) _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue