4 comments

[ 4.4 ms ] story [ 24.7 ms ] thread
There's been lots of scuttlebutt about RHEL vs. Rocky. One aspect that keeps coming up is whether re-distribution or SRPMS, re-builders, etc. is violating the EULA. Few references to the actual agreements have actually been provided.

This is not a defense of Red Hat - far from it. But it's is much better to be armed with facts. I believe it helps understand that Rocky, Alma, etc. are on a lot less shakey ground than the punditry has been speculating.

Some notable (IANAL) sections:

> 1. License Grant. Subject to the following terms, Red Hat, Inc. (“Red Hat”) grants to you a perpetual, worldwide license to the Programs (each of which may include multiple software components) pursuant to the GNU General Public License v.2. With the exception of certain image files identified in Section 2 below, each software component is governed by a license located in the software component’s source code that permits you to run, copy, modify, and redistribute (subject to certain obligations in some cases) the software component. [...]

> 2. This EULA does not permit you to distribute the Programs using Red Hat's trademarks, regardless of whether the Programs have been modified. You may make a commercial redistribution of the Programs only if (a) permitted under a separate written agreement with Red Hat authorizing such commercial redistribution or (b) you remove and replace all occurrences of Red Hat trademarks and logos.

In addition to the EULA, the enterprise agreement also looks like it has some bearing if you have bought a paid license: https://www.redhat.com/licenses/Enterprise_Agreement_Webvers...

> 4.1 Termination for Cause. Either party may terminate the Agreement [...] by notice to the other party if (a) the other party materially breaches the Agreement, and does not cure the breach within thirty (30) days after written notice (except in the case of a breach of Section 8 in which case no cure period will apply);

> 8 Confidentiality.

> 8.1 Recipient (a) will not disclose Confidential Information of Discloser to any third party unless Discloser approves the disclosure in writing or the disclosure is otherwise permitted under this Section 8;

> 8.2 Information is not Confidential Information, if (a,b,c,d) [...] or (e) the information is licensed under an open source license (as defined by the Open Source Initiative (https://opensource.org/)).

I have a dumb question that maybe you can answer offhand- what's the license of the SRPMs? Aren't they kind of a derivative work of their original projects?
They would be, yes. both the SRPMs and the binary RPMs as well would be GPL if the upstream is GPL, which is true for a large number, probably majority of the packages. Or if the upstream is Apache, then likewise.

The sentence "With the exception of certain image files identified in Section 2 below, each software component is governed by a license located in the software component’s source code" says this. The exception mentioned is for any Red Hat trademarked images (logos, etc.). So for any SRPM that contains these images, they would have to be stripped, but the rest of the package is GPL (or whatever).

Some RHEL packages are not GPL, but all of them (AFAIK) are some kind of open-source license. But some are "weak" copyleft types or "permissive", too.

(comment deleted)