[Buildroot] [RFC 00/15] Automatically produce legal compliance info

Luca Ceresoli luca at lucaceresoli.net
Wed Feb 1 21:47:59 UTC 2012


Yann, Thomas,
thanks for your follow-ups.

Thomas De Schampheleire wrote:
>>
>> However, I can see something missing for GPL/LGPL packages. GPL/LGPL states
>> that you must also provide "the scripts used to control compilation and
>> installation of the executable."
>>
>> Which means that, for packages such as Linux, busybox and uClibc (maybe
>> others as well), the associated .config file should be bundled as well.
>>
>> Also, the config/build/install instructions for each GPL/LGPL package
>> must be provided. This could probably be done by bundling the buildroot
>> sources too in output/legal-info/sources/, or by leveraging the package
>> infrastructure to output the executed commands for every packages.
>>
>> Also, for packages that get patches applied by buildroot, you must make
>> sure that the tarballs for those packages do contain the pathced code,
>> or that the patches are bundled as well. From what I see, you currently
>> only copy the downladed tarballs. Of course, if buildroot is also copied
>> to the output/legal-info/sources/ the patches will be there.
>
> I agree with Yann: I think we should package buildroot itself as well.
>
> In fact, I think we should:
> - make distclean
> - create the manifest
> - download all needed sources
> - run a pre-legal-package script for customization
> - create a .tar file with the whole
>
> The pre-legal-package script (whatever the name) is similar to the
> post-build script, and allows projects to modify certain things. For
> example, modify the defconfig to disable some proprietary things that
> are not useful or usable by the customer.
>
> Also, I think the DL_DIR setting should be modified so that it points
> to the location where the source tarballs are downloaded. This way,
> the customer can directly use these sources from that location when
> re-building buildroot.
>
> I haven't done a technical review of your patches, but I went through
> them and agree with the principle. Thanks for posting them before the
> developer day, it will certainly help the discussion!

I think the best way is to just package BR itself in the legal-info
subdir. I'll have to check if/how it is feasible.
I'd also copy the current .config, which IMHO is part of the "scripts
used to control compilation".

OTOH I don't think a pre-legal-package script would be a good idea, as
it would easily allow to trick and create a fake GPL-compliant release.
In other words, what I use for building must go directly in the stuff
to be released.

Luca


More information about the buildroot mailing list