On Wed, Feb 19, 2020 at 06:49:07PM -0500, Jes Sorensen wrote: > > We'd also need to follow shared library best practices like compiling with > > -fvisibility=hidden and marking the API functions explicitly with > > __attribute__((visibility("default"))), and setting the 'soname' like > > -Wl,-soname=libfsverity.so.0. > > > > Also, is the GPLv2+ license okay for the use case? > > Personally I only care about linking it into rpm, which is GPL v2, so > from my perspective, that is sufficient. I am also fine making it LGPL, > but given it's your code I am stealing, I cannot make that call. > Hi Jes, I'd like to revisit this, as I'm concerned about future use cases where software under other licenses (e.g. LGPL, MIT, or Apache 2.0) might want to use libfsverity -- especially if libfsverity grows more functionality. Also, fsverity-utils links to OpenSSL, which some people (e.g. Debian) consider to be incompatible with GPLv2. We think the MIT license (https://opensource.org/licenses/MIT) would offer the most flexibility. Are you okay with changing the license of fsverity-utils to MIT? If so, I'll send a patch and you can give an Acked-by on it. Thanks! - Eric
![]() |