This is kind of a weird take unless you're some corporate lacky.
Where does the GPL only refer to users? Isn't anyone supposed to be able to get access? The AGPL does, for certain; it's what I license my work under to ensure it can't be rehosted somewhere and be proprietary'd.
Interestingly, Red Hat appears to be gatekeeping what constitutes a user of their systems in order to offer GPL terms only to those who are users. This requires payment, so it's a way for business to refuse open terms unless paid for.
Why is that okay? They accept patches from community members, what moral right do they have to repackage and then withhold source when asked?
The true freeloaders of libre software have always been commercial efforts. If they couldn't freeload off of GNU, Linux, and BSD, where would we be?
Quite insulting for Red Hat to declare others to be freeloading when they are the ones profiting on the community's work. They wouldn't have a company without free software.
Nobody's entitled to profit. I hope some rights holders sue Red Hat to keep the source shared. They're perfectly free to build their own non-GPL distro on top of Linux, nobody'll stop them, and they won't have to share.
Where does the GPL only refer to users? Isn't anyone supposed to be able to get access?
the GPL always only gave rights to the users of the software, never the general public. only users have the right to get the source code. the users however also have the right to share their copy which is why it is usually pointless to not make the code public in the first place. red hat circumvents that by using a support contract that terminates when users share their copy.
Also, penalizing customers for sharing source code makes no sense when we already do that by upstreaming our work and our internal policy is to "Upstream First".
Skill? Funding? Effort? Nothing? It’s why we have CentOS’s origination before we hired the developers, Oracle’s Enterprise Linux, RockyLinux, AlmaLinux. We have invested massive amounts of dollars & human resources into our CI/CD, QA/QE, and performance testing. Maybe that worries people? That’s speculation on my part.
What we changed (my opinion: doesn’t represent what Red Hat is saying, has said, or will say) was an optimization (or correction for an oversight) to our CI/CD process after making CentOS the upstream to RHEL. We used to sanitize the RHEL srpms of Red Hat trademarks, graphics, proprietary information, embargoed information or source, etc. Since of a lot of the RHEL developers are CentOS, Fedora, upstream developers and this helped especially those CentOS developers. But if RHEL is downstream and already a git pull of those CentOS, Fedora, upstream, then sanitizing srpms is redundant, duplicative and even unnecessary for CentOS’s benefit.
i am not doubting your words, but if it were that simple then we would not have all this brouhaha about RHEL clones not being able to continue. or well some of them did. there was one who said that they would be able to continue as before which would confirm that this is actually possible.
note that i am not arguing whether RHEL clones should exist, but only whether they are able to exist without anyone breaking any kind of contract. i do hope you are right, but the current public sentiment seems to be that this is not the case.
I agree public sentiment does not seem to align with the change. And I believe a lot of sentiment was influenced by social media personalities, leaders of the post CentOS upstream projects. Even our competitors like Oracle and SUSE jumped in.
Almost all my accounts have some CentOS or other RHEL clones. We’re not suing those customers because they chose another Linux for a part of their footprint. We’re also not suing the clone makers. You’d think with all the lawyers we have access to, that would be an easy way to kill off clones. But we’re upstream first. Best ideas win. They tell you that on day one.
Also, thinking of this a bit more. I must admit, if my business plan was to clone Red Hat’s srpm repos and rebuild them (overly simplified), then losing access to Red Hat’s srpm repos would cause a lot of emotions. That srpm repo was taken away. That said, the access to the upstream git repos hasn’t changed.
exactly that is the crux of the problem that is getting everyone upset. do customers still have access to that?
the access to the upstream git repos hasn’t changed
but that does not allow building a 100% RHEL clone. although it is probably enough to build something sufficiently compatible. which is i think the way one of the former clones went and which is probably good enough for at least a subset of clone users. like for me, i just want a distribution that has long term stable releases. RHEL compatibility is actually secondary to not important at all in my use case.
btw: i am happy we can have this discussion without the emotions that usually go along with it. it can be difficult to get something across with all the noise everyone else is making.
>> That srpm repo was taken away
> exactly that is the crux of the problem that is getting everyone upset. do customers still have access to that?
Customers will always have access to srpms. They will, however, contain legally encumbered artifacts.
>> the access to the upstream git repos hasn’t changed
> but that does not allow building a 100% RHEL clone. although it is probably enough to build something sufficiently compatible.
Taking away sanitized srpm drops probably does affect those distros who would like to be a downstream of RHEL. Playing devil's advocate to downstreamers: But why wouldn't you want to collaborate with us in the upstream? Are they maybe implicitly recognizing the value in the engineering that Red Hat does? Or maybe even just the name Red Hat Enterprise Linux?
The GPL is a license and contract between two entities. We have no such contracts with non-customers. Maybe that is unfortunate.
In 2019 before IBM completed the acquisition, (https://www.sec.gov/Archives/edgar/data/1087423/000108742319...), we had Sales & Marketing expenses of $1.38B. We spent $668.5M on R&D. About $2B spent on employees selling, marketing, teaching, documenting, building, maintaining, certifying, supporting, enhancing, testing OSS, including contributions to conferences, foundations, consortiums, of many, many different OSS interests. Over 200 upstream projects (https://redhatofficial.github.io/#!/main). I think about all the folks I've worked with in Consulting, Support, Engineering, Sales, Product Management, Technical Marketing, Recruiting. I think about their families and loved ones. ...And I feel like we're doing alright by OSS with what we're getting out of it. It might not be a perfect or ideal model for everyone. Most of us are willing to improve where we can.
> btw: i am happy we can have this discussion without the emotions that usually go along with it. it can be difficult to get something across with all the noise everyone else is making.
Agreed. I do wish the discourse was less emotional that it has been. Many folks making assumptions without taking the chance to ask clarifying questions.
Taking away sanitized srpm drops probably does affect those distros who would like to be a downstream of RHEL.
when CentOS started, there were no sanitized srpm either as far as i know. it was part of the CentOS project to sanitize them. the only difference then is that those unsanitized srpms were previously public, and now they no longer are. is that correct?
if that is the case, and any clone project can get access to these srpms by paying for a single license, i don't see what the big deal is. there is nothing red hat hasn't already been doing "worse" ever since RHEL started, with the only possible exception of making srpms no longer public.
again, assuming this is correct, is there really any downside to making those srpms public?
But why wouldn't you want to collaborate with us in the upstream? Are they maybe implicitly recognizing the value in the engineering that Red Hat does? Or maybe even just the name Red Hat Enterprise Linux?
as far as i can tell it is the promise of long term stability and security updates. and the compatibility.
small businesses who can't afford a RHEL license but need that kind of promise without the other support features that red hat offers. or they develop applications that need to be able to run on RHEL. there is a market for that, and the current CentOS stream or any distribution based on it can't make the same promise as a clone.
but time will tell, alternative distributions based on CentOS stream previously didn't exist. there is one now, if i read that right, and it should be able to take some of the market that RHEL clones are in. and maybe eventually also show that their releases have an almost equal level of longterm stability and updates, as well as sufficient RHEL compatibility.
the only drawback of a distribution based on stream is the security updates that don't come until they are in RHEL. but then how long should it take for an RHEL security update to make it into CentOS stream?
>> Where does the GPL only refer to users? Isn't anyone supposed to be able to get access? The AGPL does, for certain;
The AGPL was designed (partly) to overcome this specific limitation in GPL3.
The preamble and license [1] reads;
Preamble
"By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users.
...
"if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code.
The license itself is best read by a lawyer, but you'll notice when talking about object code (section 6) the source is "bound" to the object code, and its recipients. There's no requirement to make the source generally available.
Aside- the Linux kernel uses GPL2 which has even fewer requirements than v3. But the concept of supplying code "to the user" is there as well.
So, in context, the recipient is the purchaser of a RH support contract, and they would argue that it should be ONLY the recipients who receive the source?
The primary problem I see here is, a purchaser is receiving source in return for the ability to distribute it, if they want to keep support. Quite a one-sided agreement that seems to dilute the spirit of libre software. You have the freedom still, sure, but choosing to use it ends the contract.
RH are complying with the terms of the license. They equally gave the right to fire customers if they choose. Given that the customer really has no major incentive to distribute the source, its not a terribly hard decision to make.
On the one hand this is a matter of law, and the law is being upheld.
On thd other hand it's a matter of "spirit" and "community" and other non-legal arguments. Which IMO is neither here nor there. There's always someone who wants you yo do things another way; you can't please everyone all the time.
What I don't get is the fuss. If you don't like the red hat policy then pick another distro. There are plenty to choose from.
What do you mean by "fuss"? Left to interpretation, anything not aligning with your view could be classified as fussing.
I don't use RH so it doesn't affect me personally, but they still hold sway in the ecosystem at present and their practices may inspire others to use orthogonal contracts to disincentivize the use of rights granted by the GPL.
We can choose non-RH today, but can you not picture a future where this is practiced by more than just them? When social practices change in influential places, it can have far-reaching consequences that don't appear related at first. If others didn't look to RH for guidance or examples of how to do business on Linux, I'd be much less concerned.
This happens a fair bit I the OSS space. Non-users have very strong opinions on how companies, that have OSS offerings, should behave. Because the software is OSS, customers, or more often not-even-customers, feel the urge to comment.
Clearly this case is not a legal issue. It's a business issue. And the business case being made by RH is that they choose not to do business with folk who distribute their source. That's novel, but not illegal.
Regarding "business on linux", to all intents and purposes it doesn't exist. Apart from RH, The percentage of users who have ever spent a dime on -any- Linux OS or Linux program is a rounding error from 0. Every second week there's a "show HN" on some new startup or scheme to somehow pay OSS developers.
The "business" of OSS, and business if Linux, is an unsolved problem. RH is at least innovating in the space, although very (very) few have been successful using their model.
Your concern for this innovation is noted, but, with respect, only affects users who are not customers. Which suggests you are less concerned with the business of Linux, and more concerned with getting stuff going free. (Which I get; we all like free things.)
If OSS -could- figure out a viable business model though, then that would allow many more OSS projects to exist, suck less, and make better progress. This would be a huge win for users to have the ability to control their own machines.
Thank you for the thorough reply. It took some time to have the opportunity to return the same respect.
Perhaps I'm not 100% in the group you're referring to, since I'm not really looking to get RH code or packages for free, or use any RPM distro. I'm interested in DIYing it with LFS, KISS, or something else suitable for a single maintainer. So, yes to non-customer, but no to wanting their code for free. However, I don't see any problem with criticizing a business decision while not being a customer. How do you shop for services if not by getting a feel for them from the outside? If I were looking for Linux support, I now know that a RH contract would be legally fragile (i.e. easy to breach and cost myself), and require me to surrender freedoms granted to me by the original software license, which is a net reduction in software freedom.
I think I see the point you're getting to with it being the sole choice of customers whether they want to breach contract to exercise the rights of a license; that choice doesn't affect non-customers per se, but it's a sinister loophole that leads people to trade their freedom to share for support. That has social ramifications, especially if done at scale. One business doing it is different from the majority, or even a trend of businesses doing it.
It would indeed be beneficial to find a fair, equitable, and sustainable business model that allows programmers to put food on the table with their technical work (former package maintainer and bug buster, myself), but how will this market differ from proprietary, if there are orthogonal contracts surrounding the works, providing different benefits with counter-incentives to exercising freedoms? Maybe the big contrast is the "exit" button comes with the source to fork oneself with. :P
I think the closest we've come to workable are sponsorships from companies who have an active stake in whatever software (or related stack) that their revenue depends on. It seems fair at first, but there's no enforcement model, nor does it seem feasible or desirable to form one. There's also the side effect of active development tending to focus on corporate concerns, due to the money coming from them. Some people have been successful on crowdsourcing sites like Patreon. Flattr had a neat model (your monthly budget would be split between every project you tipped/subbed that month), but I never looked into financial reports to see how effective it was at getting funds to projects.
If I look at this contract change through the lens of someone less savvy, then I see the value. That type of user isn't interested in even reading the source, so the support holds more value to them than the freedom to share.
So it goes, September is approaching.. :/
Thanks again for sharing your perspective, it's one of the first decent online conversations I've had in a while. Financially sustaining freedom-related software is a long-standing puzzle, and each solution seems lacking in one way or another.
Where does the GPL only refer to users? Isn't anyone supposed to be able to get access? The AGPL does, for certain; it's what I license my work under to ensure it can't be rehosted somewhere and be proprietary'd.
Interestingly, Red Hat appears to be gatekeeping what constitutes a user of their systems in order to offer GPL terms only to those who are users. This requires payment, so it's a way for business to refuse open terms unless paid for.
Why is that okay? They accept patches from community members, what moral right do they have to repackage and then withhold source when asked?
The true freeloaders of libre software have always been commercial efforts. If they couldn't freeload off of GNU, Linux, and BSD, where would we be?
Quite insulting for Red Hat to declare others to be freeloading when they are the ones profiting on the community's work. They wouldn't have a company without free software.
Nobody's entitled to profit. I hope some rights holders sue Red Hat to keep the source shared. They're perfectly free to build their own non-GPL distro on top of Linux, nobody'll stop them, and they won't have to share.