On Tue, Oct 20, 2015 at 09:56:57AM -0400, Joshua Brindle wrote: > Stephen Smalley wrote: > > On 10/20/2015 09:42 AM, Joshua Brindle wrote: > >> Stephen Smalley wrote: > >> <snip> > >>> > >>> Wondering if dependency on openssl might be a license issue for Debian > >>> or others. Apparently openssl license is considered GPL-incompatible [1] > >>> [2], and obviously libselinux is linked by a variety of GPL-licensed > >>> programs. Fedora seems to view this as falling under the system library > >>> exception [3] but not clear that other distributions would view it that > >>> way. On the other hand, using gnutls would be subject to the reverse > >>> problem; it would make libselinux depend on a LGPL library, and that > >>> could create issues for non-GPL programs that statically link > >>> libselinux. We might need to revert this change and revisit how to solve > >>> this in a manner that avoids such issues. > >> > >> LGPL explicitly allows non-GPL programs to link against an LGPL licensed > >> library without tainting the non-GPL program, which is the whole point > >> of the LGPL. Is there some other issue with static linking or something? > > > > Yes, that's the concern. > > So, not static linking but a fully static binary that would pull gnutls > into the binary? > > What static binaries exist like that? It is not a great idea to carry > around system level libraries statically. >From a quick look through Gentoo, we have a USE-flag to build busybox and LVM and a few other core tools statically which requres libselinux.a too. -- Jason _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
