The FSF's being stupid again, it seems...

[Rob Landley]

On Wednesday 28 June 2006 6:05 pm, Paul Fox wrote:
> rob wrote:
>  > What's important to me is that people can _get_ the source code to
>  > reproduce the binary they've got.  (Nobody's letting anyone off the hook
>  > for that.  It must be available.)  And it can be tricky to make sure
>  > you've got the _right_ source code,
>
> not really so tricky, but i'll accept your point.

Tricky as in "oh yeah, we forgot we changed 5 lines to get something to work".  
It can be a pretty important 5 lines if you don't know how to fix it because 
you haven't got a data sheet that they've got...  (And that's assuming they're 
disorganized or distracted rather than actually dishonest.  Of course if 
they're dishonest they can give us a vanilla snapshot and _claim_ it's what 
they shipped anyway...)

>  > and that it's complete enough to actually reproduce the binary
>  > in question.  But if somebody actually is using vanilla unmodified
>  > BusyBox 1.1.3, I'm actually more interested in confirming that and
>  > getting their .config file than getting another copy of the same source
>  > tarball.
>
> you mean "i" as a customer, in this case, not as the busybox maintainer,
> correct?

As somebody who tries to use this stuff and make it work on as many platforms 
as possible.  Even as maintainer, my statements on the license are mostly 
just opinion.  I have more leverage than an average contributor, but the 
copyrights on most of this code aren't mine.

> i as a customer am also interested in knowing what version 
> it was, and getting the .config file, but i see no reason that the
> place i got the binary from shouldn't be able to give me the sources.
> that's what the GPL is all about.

If you ask for a copy, they should give you a copy.  But that doesn't mean 
they have to put it up on an ftp site if they don't want to.

And personally, if they say "We got it from http://blah.blah.blah and didn't 
modify it" and I _can_ get a copy from there, I'm happy.  That's not 
_policy_, that's just me.

> i agree that it _appears_ to be a non-problem.  but see the
> message from natanael copa in this thread.

I stopped writing this to go read that, caught up on the rest of the thread, 
and am now back.

> he admits that he 
> as a distro for which he doesn't make source available (even
> though its modified source!  we'll ignore that for now.  :-).

He also said he posted patches to the list and they're in the archive 
somewhere, so it's not his fault if they're not integrated.

> probably whoever natanael's giving his distro to doesn't really care,
> but what if it were montavista saying, "our source comes straight
> from redhat -- go to them" -- would that be okay?  i don't think so.

If they have a contractual relationship with Red Hat and a contract that says 
Red Hat will keep the old source online for three years, then I don't see how 
that's any different than them hiring an ISP to host it for them.

Ubuntu _knew_ Mepis was repackaging their stuff.  The FSF came out of nowhere 
and said "that's not good enough, you have to have your OWN mirror because we 
say so".  And that's nuts.

> as far as busybox goes, i don't see how this affects the project
> at all.  we (the project itself) don't distribute binary releases
> at all, right?

The FSF just managed to FUD the GPL.  That's a new fumble even for them.

I'm kind of annoyed about it.

> paul

Rob
-- 
Never bet against the cheap plastic solution.