DevHeads.net

using RedHat binary packages?

Hi folks,

AFAIK CentOS uses RedHat's source RPMs for building the next CentOS
release. I am not sure about the bootstrap procedure and the infra-
structure packages, so lets put these corner cases aside.

RedHat's "regular" binary and source packages are based on open source
(GPL2, GPL3, Apache license, whatever). For building the binary RPMs
other open source RPMs with compatible license conditions are used.

My question is:

Are RedHat's binary RPMs "poisoned" somehow, making it impossible for
CentOS to redistribute RedHat's *binary* packages without going to jail?

Every insightful comment is highly appreciated.

Regards
Harri

Comments

Re: using RedHat binary packages?

By Johnny Hughes at 07/03/2019 - 16:28

On 7/3/19 1:43 AM, Harald Dunkel wrote:
CentOS is a rebuild of RHEL source code .. we do not distribute RHEL
binaries.

IANAL - You would need to talk to yours to get an answer to the rest of
your questions.

Re: using RedHat binary packages?

By Valeri Galtsev at 07/03/2019 - 10:58

On July 3, 2019 1:43:40 AM CDT, Harald Dunkel <harald. ... at aixigo dot com> wrote:
RHEL binary packages are only available to paid customers who are explicitly prohibited to redistribute them.

It usually is an easy search and short reading one has to do instead of bugging mail list.

Valeri

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

Re: using RedHat binary packages?

By Mark Rousell at 07/03/2019 - 11:11

On 03/07/2019 15:58, Valeri Galtsev wrote:
For the sake of completeness, not everyone with legitimate access to
RHEL binaries is necessarily a *paid* customer. Red Hat provides a free
dev licence so anyone can legitimately access RHEL binaries (and source
RPMs of course) for free, although the use to which one may put the
binaries is limited by the licence.

Re: using RedHat binary packages?

By Dan Pacek at 07/03/2019 - 12:09

some light reading
<a href="https://www.redhat.com/licenses/Appendix_1_Global_English_20190625.pdf" title="https://www.redhat.com/licenses/Appendix_1_Global_English_20190625.pdf">https://www.redhat.com/licenses/Appendix_1_Global_English_20190625.pdf</a>

Dan Pacek

Re: using RedHat binary packages?

By Warren Young at 07/03/2019 - 06:57

On Jul 3, 2019, at 12:43 AM, Harald Dunkel <harald. ... at aixigo dot com> wrote:
RHEL binaries are only available to those with a RHEL subscription. I don’t see anything in skimming through the RHEL license agreement that says that a RHEL subscription licensee couldn’t make a copy of those binaries for others, but since the act of producing those binaries is a work product, I don’t believe Red Hat needs license terms to bring a lawsuit aiming to prevent that: simple copyright law should suffice in pretty much every country that matters.

Since the core CentOS employees are now working for Red Hat, it may be possible for them to negotiate a separate agreement to avoid this, but what would be Red Hat’s incentive to do that? Faster access to binaries is a selling point of a RHEL subscription.

So, if you want the binaries now, you know how to get them.

Even if you sweep aside the copyright and licensing issues somehow, the CentOS project *should* be able to bootstrap itself. It’s not really free software if you can’t build it from source, and that requires work to produce.

The fact that it takes months of work by several talented people to produce a working and repeatable CentOS build system should tell you that its results are copyright protectable IP. The fact that they’re willing to do this without charge to us should never be taken for granted.

Re: using RedHat binary packages?

By Hendrik Strydom at 07/03/2019 - 04:53

As I understand it the rebuild only removes RedHat copyrighted
artifacts like their name and logo.
This is also why the release notes refer to 'upstream' rather than
RedHat by name (not that I studied it in depth recently)
The only 'poison' here is copyright, which CentOS avoids by removing
these artifacts.That said I am not a lawyer.

Cc:

Hi folks,

AFAIK CentOS uses RedHat's source RPMs for building the next CentOS
release. I am not sure about the bootstrap procedure and the infra-
structure packages, so lets put these corner cases aside.
.... snip..
My question is:

Are RedHat's binary RPMs "poisoned" somehow, making it impossible for
CentOS to redistribute RedHat's *binary* packages without going to
jail?