[Buildroot] [PATCH v3 00/22] Automatically produce legal compliance info

[Buildroot] [PATCH v3 00/22] Automatically produce legal compliance info

[Luca Ceresoli]

Hi,

here is the third version of the legal-info feature implementation.

For the records, previous versions are here:
v1: http://lists.busybox.net/pipermail/buildroot/2012-January/049590.html
v2: http://lists.busybox.net/pipermail/buildroot/2012-March/051132.html

The approach is based on two per-package constants in eack .mk file, such as:
  FOO_LICENSE = GPLv2+
  FOO_LICENSE_FILES = COPYING
  BAR_LICENSE = LGPLv2.1 + GPLv3
  BAR_LICENSE_FILES = COPYING.LGPL demo-app/COPYING.GPL3
  MYAPP_LICENSE = PROPRIETARY
This is the only effort required to the package creator. If <PKG>_LICENSE is
not specified it defaults to "unknown".

After running 'make legal-info', the following things will be produced in
$(O)/legal-info/:
  $ find legal-info/ -type f
  legal-info/README            # Lists saved stuff, warns about unsaved stuff
  legal-info/licenses.txt      # Text of all licenses
  legal-info/buildroot.config  # The buildroot config
  legal-info/licenses/buildroot/COPYING       # License files, one dir per pkg
  legal-info/licenses/busybox/LICENSE
  legal-info/licenses/...other packages...
  legal-info/manifest.csv                     # CSV table summarizing all info
  legal-info/sources/busybox-1.19.4.tar.bz2   # tarballs
  legal-info/sources/kmod-5.tar.xz
  legal-info/sources/libtool-2.2.10.tar.gz
  legal-info/sources/...other packages...

Given the technical difficulties, the toolchain and the BR sources are not
saved. Warnings are generated to make sure the user is aware of this.

One of the issues raised about the previous patchset was about packages
without a license file, such as jpeg or fbset. These usually declare their
license in a comment at the top of one or more source files.

Yann E. Morin suggested to solve this problem in a general way implementing a
_LICENSE_HOOK that does whatever is needed to copy the license.
I found the idea good and started implementing it, but I did not reach
anything decently structured yet. As I don't want to further delay the basic
work, I chose to postpone this feature to a later step.


License compliance advice to users
==================================

During the latest Buildroot Developer Day in February, a request was made to
give an advice from Buildroot developers' to Buildroot users about how to
comply with both Buildroot's and the packages' licenses.
This is added to the manual in patch 9. Of course this must match as much as
possible what the developers think, so please read it and give comments!


Possible future improvements
============================

These are left as future enhancemenst, after the merge of the first core
functionality, in order to keep it as simple as possible for a first step.

- The toolchain is not currently saved (internal, external, ct-NG, no
  discrimination). Actually, only GENTARGETS-based packages are handled, so the
  best approach might be to "simply" migrate the toolchains to GENTARGETS.

- Save the Buildroot sources too. If the sources are not a git clone this might
  be as simple as tar of the current directory and exclude dl and output, but
  this has never been tested. Also, make sure this works for out-of-tree BR
  builds.

- Add a hook for a post-legal-info script.

- Add a <PKG>_LICENSE_HOOK for packages without a license file.


Changelog
=========

Changed in v3:
- moved the $(1)-legal-info target near the end of GENTARGETS_INNER, out of the
  may of target sequencing where it used to be in the previous patch sets;
- improved readability by creating a set of functions to produce a warning,
  to add a line to the csv, etc as suggested by ThomasDS (this made the core
  code shorter and cleaner);
- clarified the BSD-like licenses, differentiating 2/3/4 clauses and others;
- clarified *GPL licenses, and dropped definitions for packages that do not
  have a clear and simple use of those licenses (tslib, busybox, qt);
- dropped warning patches for tinyhttpd, xfsprogs, microperl, fis, doom-wads,
  uemacs and cups which have now been converted to GEN/AUTOTARGETS;
- updated after the split of Makefile.package.in in pkg-*.mk and related
  cleanups;
- added a few lines of explanation in the message of the first big commit that
  implements all the logic;
- documented the legal-info stuff in the manual;
- added (tentative) advice about Buildroot license compliance;
- various improvements here and there.

Changed in v2:
- squashed together patches 1-4 from RFC v1; now all the legal-info mechanism
  is implmented in a unique patch.
- rebase on top of current master
- don't clean $(REDIST_SOURCES_DIR): it is a subdir of $(LEGAL_INFO_DIR), so
  doesn't need to be cleaned twice
- added legal-info-clean target
- made legal-info target .PHONY
- remove the output/legal-info dir before populating it
- when saving source tarballs, create hardlinks instead of copies if possible
- add infrastructure to warn the user about info that has not been saved: a
  .warnings file is filled with such info and displayed to the user at the
  end of the legal-info processing
- ensure manual (non-GENTARGETS-based) packages return error, at least; this
  required to explicitly create a -legal-info target for each of them, or
  they would have been silently skipped.
- list also Buildroot in the manifest file! :)
- save the Buildroot .config
- save license files listed in <PKG>_LICENSE_FILES, both in a separate
  directory for each package and all together in a unique file
- various cleanups.

Patches
=======

- The implementation is all in the first commit, which is commented on its
  own.
- A few patches follow to make non-GENTARGETS packages warn about their
  dumbness.
- A couple of patches add documentation about the legal-info stuff.
- Other commits define licenses for some packages.

The following changes since commit 057c729c2438107b426576121bcf83f792734a6f:

  external-toolchain: add support for Linaro 2012.04 (2012-05-07 17:08:37 +0200)

are available in the git repository at:
  git://github.com/lucaceresoli/buildroot.git legal-info

Luca Ceresoli (22):
  legal-info: infrastructure to collect legally-relevant material
  gettext: warn that legal-info is not implemented
  netkitbase: warn that legal-info is not implemented
  netkittelnet: warn that legal-info is not implemented
  newt: warn that legal-info is not implemented
  ttcp: warn that legal-info is not implemented
  vpnc: warn that legal-info is not implemented
  manual: document usage of the legal-info feature
  manual: add advice about GPL compliance for Buildroot
  linux: define license
  m4: define license
  mpc: define license
  fakeroot: define license
  bzip2: define license
  directfb: define license
  iostat: define license
  lzo: define license
  lzop: define license
  libusb: define license
  pcre: define license
  netsnmp: define license
  berkeleydb: define license

 Makefile                                   |   42 +++++++++-
 docs/manual/adding-packages-gentargets.txt |   18 ++++
 docs/manual/using.txt                      |  127 ++++++++++++++++++++++++++++
 linux/linux.mk                             |    2 +
 package/berkeleydb/berkeleydb.mk           |    2 +
 package/bzip2/bzip2.mk                     |    2 +
 package/directfb/directfb.mk               |    2 +
 package/fakeroot/fakeroot.mk               |    2 +
 package/gettext/gettext.mk                 |    3 +
 package/iostat/iostat.mk                   |    2 +
 package/libusb/libusb.mk                   |    2 +
 package/lzo/lzo.mk                         |    2 +
 package/lzop/lzop.mk                       |    2 +
 package/m4/m4.mk                           |    2 +
 package/mpc/mpc.mk                         |    2 +
 package/netkitbase/netkitbase.mk           |    3 +
 package/netkittelnet/netkittelnet.mk       |    3 +
 package/netsnmp/netsnmp.mk                 |    2 +
 package/newt/newt.mk                       |    3 +
 package/pcre/pcre.mk                       |    2 +
 package/pkg-gentargets.mk                  |   65 ++++++++++++++
 package/pkg-utils.mk                       |   25 ++++++
 package/ttcp/ttcp.mk                       |    3 +
 package/vpnc/vpnc.mk                       |    3 +
 support/legal-info/README.header           |   24 +++++
 support/legal-info/README.warnings-header  |    4 +
 26 files changed, 346 insertions(+), 3 deletions(-)
 create mode 100644 support/legal-info/README.header
 create mode 100644 support/legal-info/README.warnings-header

Luca

-- 
1.7.5.4

[Buildroot] [PATCH v3 01/22] legal-info: infrastructure to collect legally-relevant material

[Luca Ceresoli]

This allows to automatically collect material that may be needed to comply with
the license of packages that Buildroot prepares for the target device.

The core of the implementation is made by the following parts:
 - in package/pkg-utils.mk some helper functions are defined for common actions
   such as generating a warning, producing info about a package etc;
 - in package/pkg-gentargets.mk, within the GENTARGETS framework, a new
   <PKG>-legal-info target produces all the info for a given package;
 - Makefile implements the top-level targets:
   - legal-info-prepare creates the output directory and produces legal info
     about Buildroot itself and the toolchain, which mostly means just warning
     the user that this is not implemented;
   - legal-info, the only target that is supposed to be used directly, depends
     on all of the above and finishes things by producing the README files from
     the various pieces.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 Makefile                                  |   42 +++++++++++++++++-
 package/pkg-gentargets.mk                 |   65 +++++++++++++++++++++++++++++
 package/pkg-utils.mk                      |   25 +++++++++++
 support/legal-info/README.header          |   24 +++++++++++
 support/legal-info/README.warnings-header |    4 ++
 5 files changed, 157 insertions(+), 3 deletions(-)
 create mode 100644 support/legal-info/README.header
 create mode 100644 support/legal-info/README.warnings-header

diff --git a/Makefile b/Makefile
index a7625ba..21c30b9 100644
--- a/Makefile
+++ b/Makefile
@@ -247,6 +247,14 @@ TARGET_DIR:=$(BASE_DIR)/target
 TOOLCHAIN_DIR=$(BASE_DIR)/toolchain
 TARGET_SKELETON=$(TOPDIR)/fs/skeleton
 
+LEGAL_INFO_DIR=$(BASE_DIR)/legal-info
+REDIST_SOURCES_DIR=$(LEGAL_INFO_DIR)/sources
+LICENSE_FILES_DIR=$(LEGAL_INFO_DIR)/licenses
+LEGAL_MANIFEST_CSV=$(LEGAL_INFO_DIR)/manifest.csv
+LEGAL_LICENSES_TXT=$(LEGAL_INFO_DIR)/licenses.txt
+LEGAL_WARNINGS=$(LEGAL_INFO_DIR)/.warnings
+LEGAL_REPORT=$(LEGAL_INFO_DIR)/README
+
 ifeq ($(BR2_CCACHE),y)
 CCACHE:=$(HOST_DIR)/usr/bin/ccache
 CCACHE_CACHE_DIR=$(HOME)/.buildroot-ccache
@@ -321,6 +329,10 @@ HOST_DEPS = $(sort $(foreach dep,\
 		$($(dep))))
 HOST_SOURCE += $(addsuffix -source,$(sort $(TARGETS_HOST_DEPS) $(HOST_DEPS)))
 
+TARGETS_LEGAL_INFO:=$(patsubst %,%-legal-info,\
+		$(filter-out host-makedevs,\
+		$(TARGETS) $(BASE_TARGETS) $(TARGETS_HOST_DEPS) $(HOST_DEPS))))
+
 # all targets depend on the crosscompiler and it's prerequisites
 $(TARGETS_ALL): __real_tgt_%: $(BASE_TARGETS) %
 
@@ -337,8 +349,9 @@ prepare: $(BUILD_DIR)/buildroot-config/auto.conf
 world: prepare dirs dependencies $(BASE_TARGETS) $(TARGETS_ALL)
 
 .PHONY: all world dirs clean distclean source outputmakefile \
+	legal-info legal-info-prepare legal-info-clean \
 	$(BASE_TARGETS) $(TARGETS) $(TARGETS_ALL) \
-	$(TARGETS_CLEAN) $(TARGETS_DIRCLEAN) $(TARGETS_SOURCE) \
+	$(TARGETS_CLEAN) $(TARGETS_DIRCLEAN) $(TARGETS_SOURCE) $(TARGETS_LEGAL_INFO) \
 	$(DL_DIR) $(TOOLCHAIN_DIR) $(BUILD_DIR) $(STAGING_DIR) $(TARGET_DIR) \
 	$(HOST_DIR) $(BINARIES_DIR) $(STAMP_DIR)
 
@@ -348,7 +361,7 @@ world: prepare dirs dependencies $(BASE_TARGETS) $(TARGETS_ALL)
 # dependencies anywhere else
 #
 #############################################################
-$(DL_DIR) $(TOOLCHAIN_DIR) $(BUILD_DIR) $(HOST_DIR) $(BINARIES_DIR) $(STAMP_DIR):
+$(DL_DIR) $(TOOLCHAIN_DIR) $(BUILD_DIR) $(HOST_DIR) $(BINARIES_DIR) $(STAMP_DIR) $(LEGAL_INFO_DIR) $(REDIST_SOURCES_DIR):
 	@mkdir -p $@
 
 $(STAGING_DIR):
@@ -451,6 +464,27 @@ source: dirs $(TARGETS_SOURCE) $(HOST_SOURCE)
 external-deps:
 	@$(MAKE) -Bs DL_MODE=SHOW_EXTERNAL_DEPS $(EXTRAMAKEARGS) source | sort -u
 
+legal-info-clean:
+	@rm -fr $(LEGAL_INFO_DIR)
+
+legal-info-prepare: $(LEGAL_INFO_DIR)
+	@$(call legal-license-file,buildroot,COPYING,COPYING)
+	@$(call legal-manifest,package,version,license,license files,source archive)
+	@$(call legal-manifest,buildroot,$(BR2_VERSION_FULL),GPLv2+,COPYING,not saved)
+	@$(call legal-warning,the Buildroot source code has not been saved)
+	@$(call legal-warning,the toolchain has not been saved)
+	@cp $(CONFIG_DIR)/.config $(LEGAL_INFO_DIR)/buildroot.config
+
+legal-info: legal-info-clean legal-info-prepare $(REDIST_SOURCES_DIR) \
+		$(TARGETS_LEGAL_INFO)
+	@cat support/legal-info/README.header >>$(LEGAL_REPORT)
+	@if [ -r $(LEGAL_WARNINGS) ]; then \
+		cat support/legal-info/README.warnings-header \
+			$(LEGAL_WARNINGS) >>$(LEGAL_REPORT); \
+		cat $(LEGAL_WARNINGS); fi
+	@echo "Legal info produced in $(LEGAL_INFO_DIR)"
+	@rm -f $(LEGAL_WARNINGS)
+
 show-targets:
 	@echo $(TARGETS)
 
@@ -572,7 +606,8 @@ endif
 
 clean:
 	rm -rf $(STAGING_DIR) $(TARGET_DIR) $(BINARIES_DIR) $(HOST_DIR) \
-		$(STAMP_DIR) $(BUILD_DIR) $(TOOLCHAIN_DIR) $(BASE_DIR)/staging
+		$(STAMP_DIR) $(BUILD_DIR) $(TOOLCHAIN_DIR) $(BASE_DIR)/staging \
+		$(LEGAL_INFO_DIR)
 
 distclean: clean
 ifeq ($(DL_DIR),$(TOPDIR)/dl)
@@ -640,6 +675,7 @@ endif
 	@echo '  source                 - download all sources needed for offline-build'
 	@echo '  source-check           - check all packages for valid download URLs'
 	@echo '  external-deps          - list external packages used'
+	@echo '  legal-info             - generate info about license compliance'
 	@echo
 	@echo '  make V=0|1             - 0 => quiet build (default), 1 => verbose build'
 	@echo '  make O=dir             - Locate all output files in "dir", including .config'
diff --git a/package/pkg-gentargets.mk b/package/pkg-gentargets.mk
index 1c9b458..11d83c4 100644
--- a/package/pkg-gentargets.mk
+++ b/package/pkg-gentargets.mk
@@ -180,6 +180,7 @@ define GENTARGETS_INNER
 
 $(2)_TYPE                       =  $(5)
 $(2)_NAME			=  $(1)
+$(2)_RAWNAME			=  $(patsubst host-%,%,$(1))
 
 # Keep the package version that may contain forward slashes in the _DL_VERSION
 # variable, then replace all forward slashes ('/') by underscores ('_') to
@@ -245,6 +246,20 @@ $(2)_OVERRIDE_SRCDIR = $($(2)_SITE)
 endif
 endif
 
+ifndef $(2)_LICENSE
+ ifdef $(3)_LICENSE
+  $(2)_LICENSE = $($(3)_LICENSE)
+ endif
+endif
+
+ifndef $(2)_LICENSE_FILES
+ ifdef $(3)_LICENSE_FILES
+  $(2)_LICENSE_FILES = $($(3)_LICENSE_FILES)
+ endif
+endif
+
+$(2)_LICENSE			?= unknown
+
 $(2)_DEPENDENCIES ?= $(patsubst host-host-%,host-%,$(addprefix host-,$($(3)_DEPENDENCIES)))
 
 $(2)_INSTALL_STAGING		?= NO
@@ -354,6 +369,15 @@ $(1)-rsync:		$$($(2)_TARGET_RSYNC)
 $(1)-source:		$$($(2)_TARGET_RSYNC_SOURCE)
 endif
 
+ifneq ($$($(3)_LICENSE),PROPRIETARY)
+ifneq ($$($(3)_SITE_METHOD),local)
+ifneq ($$($(3)_SITE_METHOD),override)
+# Packages that have a tarball need it downloaded and extracted beforehand
+$(1)-legal-info:	$(1)-extract $(REDIST_SOURCES_DIR)
+endif
+endif
+endif
+
 $(1)-show-depends:
 			@echo $$($(2)_DEPENDENCIES)
 
@@ -412,6 +436,47 @@ else
 $(2)_KCONFIG_VAR = BR2_PACKAGE_$(2)
 endif
 
+# Set values used later for legal-info manifest
+ifneq ($$($(2)_LICENSE),PROPRIETARY)
+ifneq ($$($(2)_SITE_METHOD),local)
+ifneq ($$($(2)_SITE_METHOD),override)
+$(2)_MANIFEST_TARBALL = $$($(2)_SOURCE)
+ifneq ($(call qstrip,$$($(2)_LICENSE_FILES)),)
+$(2)_MANIFEST_LICENSE_FILES = $$($(2)_LICENSE_FILES)
+endif
+endif
+endif
+endif
+# defaults for packages without tarball or license files
+$(2)_MANIFEST_TARBALL ?= not saved
+$(2)_MANIFEST_LICENSE_FILES ?= not saved
+
+# legal-info: produce legally relevant info.
+$(1)-legal-info:
+ifeq ($$($(2)_LICENSE),PROPRIETARY)
+# Proprietary packages: nothing to save
+else ifeq ($$($(2)_SITE_METHOD),local)
+# Packages without a tarball: don't save and warn
+	@$(call legal-warning-pkg-savednothing,$$($(2)_RAWNAME),local)
+else ifeq ($$($(2)_SITE_METHOD),override)
+	@$(call legal-warning-pkg-savednothing,$$($(2)_RAWNAME),override)
+else
+# Other packages
+# Save license files if defined
+ifeq ($(call qstrip,$$($(2)_LICENSE_FILES)),)
+	@$(call legal-license-nofiles,$$($(2)_RAWNAME))
+	@$(call legal-warning-pkg,$$($(2)_RAWNAME),cannot save license ($(2)_LICENSE_FILES not defined))
+else
+	@for F in $$($(2)_LICENSE_FILES); do \
+		$(call legal-license-file,$$($(2)_RAWNAME),$$$${F},$$($(2)_DIR)/$$$${F}); \
+		done
+endif
+# Copy the source tarball (just hardlink if possible)
+	@cp -l $(DL_DIR)/$$($(2)_SOURCE) $(REDIST_SOURCES_DIR) 2>/dev/null || \
+	   cp $(DL_DIR)/$$($(2)_SOURCE) $(REDIST_SOURCES_DIR)
+endif
+	@$(call legal-manifest,$$($(2)_RAWNAME),$$($(2)_VERSION),$$($(2)_LICENSE),$$($(2)_MANIFEST_LICENSE_FILES),$$($(2)_MANIFEST_TARBALL))
+
 # add package to the general list of targets if requested by the buildroot
 # configuration
 ifeq ($$($$($(2)_KCONFIG_VAR)),y)
diff --git a/package/pkg-utils.mk b/package/pkg-utils.mk
index 953dbc9..43cc76c 100644
--- a/package/pkg-utils.mk
+++ b/package/pkg-utils.mk
@@ -83,3 +83,28 @@ define sep
 
 
 endef
+
+#
+# legal-info helper functions
+#
+LEGAL_INFO_SEPARATOR="::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
+legal-warning=echo "WARNING: $(1)" >>$(LEGAL_WARNINGS)
+legal-warning-pkg=echo "WARNING: $(1): $(2)" >>$(LEGAL_WARNINGS)
+define legal-warning-pkg-savednothing # pkg, {local|override}
+	$(call legal-warning-pkg,$(1),sources and license files not saved ($(2) packages not handled))
+endef
+legal-manifest=echo "$(1),$(2),$(3),$(4),$(5)" >>$(LEGAL_MANIFEST_CSV)
+define legal-license-header
+	echo -e "$(LEGAL_INFO_SEPARATOR)\n\t$(1):" \
+		"$(2)\n$(LEGAL_INFO_SEPARATOR)\n\n" >>$(LEGAL_LICENSES_TXT)
+endef
+define legal-license-nofiles
+	$(call legal-license-header,$(1),unknown license file(s))
+endef
+define legal-license-file # pkg, filename, file-fullpath
+	$(call legal-license-header,$(1),$(2) file) && \
+	cat $(3) >>$(LEGAL_LICENSES_TXT) && \
+	echo >>$(LEGAL_LICENSES_TXT) && \
+	mkdir -p $(LICENSE_FILES_DIR)/$(1)/ && \
+	cp $(3) $(LICENSE_FILES_DIR)/$(1)/
+endef
diff --git a/support/legal-info/README.header b/support/legal-info/README.header
new file mode 100644
index 0000000..3321adb
--- /dev/null
+++ b/support/legal-info/README.header
@@ -0,0 +1,24 @@
+Most of the packages that were used by Buildroot to produce the image files,
+including Buildroot itself, have open-source licenses. It is your
+responsibility to comply to the requirements of these licenses.
+To make this easier for you, Buildroot collected in this directory some
+material you may need to get it done.
+
+This material is composed of the following items.
+ * The scripts used to control compilation of the packages and the generation
+   of image files, i.e. the Buildroot sources.
+   Note: this has not been saved due to technical limitations, you must
+   collect it manually.
+ * The Buildroot configuration file; this has been saved in buildroot.config.
+ * The toolchain (cross-compiler and related tools) used to generate all the
+   compiled programs.
+   Note: this has not been saved due to technical limitations, you must
+   collect it manually.
+ * The source code for all packages; this has been saved in the sources/
+   subdirectory (except for the proprietary packages, which have not been
+   saved); patches applied to some packages by Buildroot are included in the
+   Buildroot sources and were not duplicated in the sources/ subdirectory.
+ * A manifest file listing the configured packages and related information.
+ * The license text of the packages; they have been saved in the licenses/
+   subdirectory.
+
diff --git a/support/legal-info/README.warnings-header b/support/legal-info/README.warnings-header
new file mode 100644
index 0000000..cd08290
--- /dev/null
+++ b/support/legal-info/README.warnings-header
@@ -0,0 +1,4 @@
+Due to technical limitations or lack of license definition in the package
+makefile, some of the material listed above could not been saved, as the
+following list details.
+
-- 
1.7.5.4

[Buildroot] [PATCH v3 02/22] gettext: warn that legal-info is not implemented

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/gettext/gettext.mk |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/package/gettext/gettext.mk b/package/gettext/gettext.mk
index f3605da..1d9d84d 100644
--- a/package/gettext/gettext.mk
+++ b/package/gettext/gettext.mk
@@ -113,6 +113,9 @@ $(STAGING_DIR)/$(GETTEXT_TARGET_BINARY): $(GETTEXT_DIR)/$(GETTEXT_BINARY)
 		autopoint envsubst gettext.sh gettextize msg* ?gettext)
 	touch -c $@
 
+gettext-legal-info:
+	@$(call legal-warning-pkg,gettext,cannot produce any legal info)
+
 gettext: host-pkg-config $(if $(BR2_PACKAGE_LIBICONV),libiconv) $(STAGING_DIR)/$(GETTEXT_TARGET_BINARY)
 
 gettext-unpacked: $(GETTEXT_DIR)/.unpacked
-- 
1.7.5.4

[Buildroot] [PATCH v3 03/22] netkitbase: warn that legal-info is not implemented

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/netkitbase/netkitbase.mk |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/package/netkitbase/netkitbase.mk b/package/netkitbase/netkitbase.mk
index 83991f2..d06db33 100644
--- a/package/netkitbase/netkitbase.mk
+++ b/package/netkitbase/netkitbase.mk
@@ -47,6 +47,9 @@ $(TARGET_DIR)/$(NETKITBASE_TARGET_BINARY): $(NETKITBASE_DIR)/$(NETKITBASE_BINARY
 	fi
 	touch -c $(TARGET_DIR)/$(NETKITBASE_TARGET_BINARY)
 
+netkitbase-legal-info:
+	@$(call legal-warning-pkg,netkitbase,cannot produce any legal info)
+
 netkitbase: $(TARGET_DIR)/$(NETKITBASE_TARGET_BINARY)
 
 netkitbase-clean:
-- 
1.7.5.4

[Buildroot] [PATCH v3 04/22] netkittelnet: warn that legal-info is not implemented

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/netkittelnet/netkittelnet.mk |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/package/netkittelnet/netkittelnet.mk b/package/netkittelnet/netkittelnet.mk
index ff05318..1ed5fc5 100644
--- a/package/netkittelnet/netkittelnet.mk
+++ b/package/netkittelnet/netkittelnet.mk
@@ -48,6 +48,9 @@ $(TARGET_DIR)/$(NETKITTELNET_TARGET_BINARY): $(NETKITTELNET_DIR)/$(NETKITTELNET_
 	#rm -rf $(TARGET_DIR)/share/locale $(TARGET_DIR)/usr/info \
 	# $(TARGET_DIR)/usr/man $(TARGET_DIR)/usr/share/doc
 
+netkittelnet-legal-info:
+	@$(call legal-warning-pkg,netkittelnet,cannot produce any legal info)
+
 netkittelnet: netkitbase $(TARGET_DIR)/$(NETKITTELNET_TARGET_BINARY)
 
 netkittelnet-clean:
-- 
1.7.5.4

[Buildroot] [PATCH v3 05/22] newt: warn that legal-info is not implemented

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/newt/newt.mk |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/package/newt/newt.mk b/package/newt/newt.mk
index ac450e0..b4eed5c 100644
--- a/package/newt/newt.mk
+++ b/package/newt/newt.mk
@@ -58,6 +58,9 @@ $(TARGET_DIR)/usr/lib/libnewt.so.$(NEWT_VERSION): $(STAGING_DIR)/usr/lib/libnewt
 	-$(STRIPCMD) $(STRIP_STRIP_UNNEEDED) $(TARGET_DIR)/usr/lib/libnewt.so*
 	touch -c $@
 
+newt-legal-info:
+	@$(call legal-warning-pkg,newt,cannot produce any legal info)
+
 newt: slang $(TARGET_DIR)/usr/lib/libnewt.so.$(NEWT_VERSION)
 
 newt-source: $(DL_DIR)/$(NEWT_SOURCE)
-- 
1.7.5.4

[Buildroot] [PATCH v3 06/22] ttcp: warn that legal-info is not implemented

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/ttcp/ttcp.mk |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/package/ttcp/ttcp.mk b/package/ttcp/ttcp.mk
index 1acf120..247ad71 100644
--- a/package/ttcp/ttcp.mk
+++ b/package/ttcp/ttcp.mk
@@ -27,6 +27,9 @@ $(TTCP_DIR)/ttcp: $(TTCP_DIR)/.configured
 $(TARGET_DIR)/usr/bin/ttcp: $(TTCP_DIR)/ttcp
 	cp -af $(TTCP_DIR)/ttcp $(TARGET_DIR)/usr/bin/
 
+ttcp-legal-info:
+	@$(call legal-warning-pkg,ttcp,cannot produce any legal info)
+
 ttcp: $(TARGET_DIR)/usr/bin/ttcp
 
 ttcp-source: $(DL_DIR)/$(TTCP_SOURCE)
-- 
1.7.5.4

[Buildroot] [PATCH v3 07/22] vpnc: warn that legal-info is not implemented

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/vpnc/vpnc.mk |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/package/vpnc/vpnc.mk b/package/vpnc/vpnc.mk
index d8d9654..b5aea58 100644
--- a/package/vpnc/vpnc.mk
+++ b/package/vpnc/vpnc.mk
@@ -42,6 +42,9 @@ $(VPNC_TARGET_BINARY): $(VPNC_BINARY)
 		-C $(VPNC_DIR) install
 	$(STRIPCMD) $(STRIP_STRIP_UNNEEDED) $(VPNC_TARGET_BINARY)
 
+vpnc-legal-info:
+	@$(call legal-warning-pkg,vpnc,cannot produce any legal info)
+
 vpnc: libgcrypt $(VPNC_TARGET_BINARY)
 
 vpnc-source: $(DL_DIR)/$(VPNC_SOURCE)
-- 
1.7.5.4

[Buildroot] [PATCH v3 08/22] manual: document usage of the legal-info feature

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 docs/manual/adding-packages-gentargets.txt |   18 +++++
 docs/manual/using.txt                      |  100 ++++++++++++++++++++++++++++
 2 files changed, 118 insertions(+), 0 deletions(-)

diff --git a/docs/manual/adding-packages-gentargets.txt b/docs/manual/adding-packages-gentargets.txt
index cfcee8c..85723b2 100644
--- a/docs/manual/adding-packages-gentargets.txt
+++ b/docs/manual/adding-packages-gentargets.txt
@@ -218,6 +218,24 @@ information is (assuming the package name is +libfoo+) :
   You can find some documentation for this syntax in the xref:makedev-syntax[].
   This variable is optional.
 
+* +LIBFOO_LICENSE+ defines the license (or licenses) under which the package
+  is released.
+  This name will appear in the manifest file produced by +make legal-info+.
+  If the license is one of those listed in xref:legal-info[],
+  use the same string to make the manifest file uniform.
+  Otherwise, describe the license in a precise and concise way, avoiding
+  ambiguous names such as +BSD+ which actually name a family of licenses.
+  This variable is optional. If it is not defined, +unknown+ will appear in
+  the +license+ field of the manifest file for this package.
+
+* +LIBFOO_LICENSE_FILES+ is a space-separated list of files in the package
+  tarball that contain the license(s) under which the package is released.
+  +make legal-info+ copies all of these files in the +legal-info+ directory.
+  See xref:legal-info[] for more information.
+  This variable is optional. If it is not defined, a warning will be produced
+  to let you know, and +not saved+ will appear in the +license files+ field
+  of the manifest file for this package.
+
 The recommended way to define these variables is to use the following
 syntax:
 
diff --git a/docs/manual/using.txt b/docs/manual/using.txt
index a5dc9e1..09f4136 100644
--- a/docs/manual/using.txt
+++ b/docs/manual/using.txt
@@ -181,3 +181,103 @@ or +g+++ for building helper-binaries on your host, then do
 --------------------
  $ make HOSTCXX=g++-4.3-HEAD HOSTCC=gcc-4.3-HEAD
 --------------------
+
+Complying with opensource licenses
+----------------------------------
+[[legal-info]]
+
+All of the end products of Buildroot (toolchain, root filesystem, kernel,
+bootloaders) contain opensource software, released under various licenses.
+
+Using opensource software gives you the freedom to build rich embedded
+systems choosing from a wide range of packages, but also gives some
+obligations that you must know and honour.
+Some licenses require you to publish the license text in the documentation of
+your product. Other require you to redistribute the source code of the
+software to those that receive your product.
+
+The exact requirements of each license is documented in each package, and it is
+your (or your legal office's) responsibility to comply with these requirements.
+To make this easier for you, Buildroot can collect for you some material you
+will probably need. To produce this material, run:
+
+--------------------
+make legal-info
+--------------------
+
+Buildroot will collect legally-relevant material in your output directory,
+under the +legal-info/+ subdirectory.
+There you will find:
+
+* A +README+ file, that summarizes the produced material and contains warnings
+  about material that Buildroot could not produce.
+* +buildroot.config+: this is the Buildroot configuration file that is usually
+  produced with +make menuconfig+, and which is necessary to reproduce the
+  build.
+* The source code for all packages; this is saved in the +sources/+
+  subdirectory (except for proprietary packages, whose source code is not
+  saved);
+  patches applied to some packages by Buildroot are distributed with the
+  Buildroot sources and are not duplicated in the +sources/+ subdirectory.
+* A manifest file listing the configured packages, their version, license and
+  related information.
+  Some of these information might be not defined in Buildroot; in this case
+  they are clearly marked as "unknown" or similar.
+* A +licenses/+ subdirectory, which contains the license text of packages.
+  If the license file(s) are not defined in Buildroot, the file is not produced
+  and a warning in the +README+ indicates this.
+
+Please note that the aim of the +legal-info+ feature of Buildroot is to
+produce all the material that is somehow relevant for legal compliance with the
+package licenses. Buildroot does not try to produce the exact material that
+you must somehow make public. It does surely produce some more material than is
+needed for a strict legal compliance. For example, it produces the source code
+for packages released under BSD-like licenses, that you might not want to
+redistribute in source form.
+
+Moreover, due to technical limitations, Buildroot does not produce some
+material that you will or may need, such as the toolchain source code and the
+Buildroot source code itself.
+When you run +make legal-info+, Buildroot produces warnings in the +README+
+file to inform you of relevant material that could not be saved.
+
+Here is a list of the licenses that are most widely used by packages in
+Buildroot, with the name used in the manifest file:
+
+* +GPLv2+:
+  http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[
+  GNU General Public License, version 2];
+* +GPLv2++:
+  http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[
+  GNU General Public License, version 2]
+  or (at your option) any later version;
+* +GPLv3+:
+  http://www.gnu.org/licenses/gpl.html[
+  GNU General Public License, version 3];
+* +GPLv3++:
+  http://www.gnu.org/licenses/gpl.html[
+  GNU General Public License, version 3]
+  or (at your option) any later version;
+* +GPL+:
+  http://www.gnu.org/licenses/gpl.html[
+  GNU General Public License] (any version);
+* +LGPLv2.1+:
+  http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html[
+  GNU Lesser General Public License, version 2.1];
+* +LGPLv2.1++:
+  http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html[
+  GNU Lesser General Public License, version 2.1]
+  or (at your option) any later version;
+* +LGPLv3+:
+  http://www.gnu.org/licenses/lgpl.html[
+  GNU Lesser General Public License, version 3];
+* +LGPLv3++:
+  http://www.gnu.org/licenses/lgpl.html[
+  GNU Lesser General Public License, version 3]
+  or (at your option) any later version;
+* +LGPL+:
+  http://www.gnu.org/licenses/lgpl.html[
+  GNU Lesser General Public License] (any version);
+* +BSD-4c+: Original BSD 4-clause license;
+* +BSD-3c+: BSD 3-clause license;
+* +BSD-2c+: BSD 2-clause license.
-- 
1.7.5.4

[Buildroot] [PATCH v3 09/22] manual: add advice about GPL compliance for Buildroot

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 docs/manual/using.txt |   27 +++++++++++++++++++++++++++
 1 files changed, 27 insertions(+), 0 deletions(-)

diff --git a/docs/manual/using.txt b/docs/manual/using.txt
index 09f4136..411136b 100644
--- a/docs/manual/using.txt
+++ b/docs/manual/using.txt
@@ -281,3 +281,30 @@ Buildroot, with the name used in the manifest file:
 * +BSD-4c+: Original BSD 4-clause license;
 * +BSD-3c+: BSD 3-clause license;
 * +BSD-2c+: BSD 2-clause license.
+
+Complying with the Buildroot license
+------------------------------------
+
+Buildroot itself is an opensource software, released under the
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU General Public
+License, version 2] or (at your option) any later version.
+However, being a build system, it is not normally part of the end product:
+if you develop the root filesystem, kernel, bootloader or toolchain for a
+device, the code of Buildroot is only present on the development machine, not
+in the device storage.
+
+Nevertheless, the general view of the Buildroot developers is that you should
+release the Buildroot source code along with the source code of other packages
+when releasing a product that contains GPL-licensed software.
+This is because the
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU GPL]
+defines the "'complete source code'" for an executable work as "'all the
+source code for all modules it contains, plus any associated interface
+definition files, plus the scripts used to control compilation and installation
+of the executable'".
+Buildroot is part of the 'scripts used to control compilation and
+installation of the executable', and as such it is considered part of the
+material that must be redistributed.
+
+Keep in mind this is only the Buildroot developers' opinion, and you should
+consult your legal department or lawyer for any doubt.
-- 
1.7.5.4

[Buildroot] [PATCH v3 10/22] linux: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 linux/linux.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/linux/linux.mk b/linux/linux.mk
index 34f8623..43e3641 100644
--- a/linux/linux.mk
+++ b/linux/linux.mk
@@ -4,6 +4,8 @@
 #
 ###############################################################################
 LINUX_VERSION=$(call qstrip,$(BR2_LINUX_KERNEL_VERSION))
+LINUX_LICENSE = GPLv2
+LINUX_LICENSE_FILES = COPYING
 
 # Compute LINUX_SOURCE and LINUX_SITE from the configuration
 ifeq ($(LINUX_VERSION),custom)
-- 
1.7.5.4

[Buildroot] [PATCH v3 11/22] m4: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/m4/m4.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/m4/m4.mk b/package/m4/m4.mk
index 173bba8..1e891c5 100644
--- a/package/m4/m4.mk
+++ b/package/m4/m4.mk
@@ -7,6 +7,8 @@
 M4_VERSION = 1.4.16
 M4_SOURCE = m4-$(M4_VERSION).tar.bz2
 M4_SITE = $(BR2_GNU_MIRROR)/m4
+M4_LICENSE = GPLv3+
+M4_LICENSE_FILES = COPYING
 M4_CONF_ENV = gl_cv_func_gettimeofday_clobber=no
 
 ifneq ($(BR2_USE_WCHAR),y)
-- 
1.7.5.4

[Buildroot] [PATCH v3 12/22] mpc: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/mpc/mpc.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/mpc/mpc.mk b/package/mpc/mpc.mk
index e5ee489..5ad47a9 100644
--- a/package/mpc/mpc.mk
+++ b/package/mpc/mpc.mk
@@ -6,6 +6,8 @@
 
 MPC_VERSION = 0.9
 MPC_SITE = http://www.multiprecision.org/mpc/download
+MPC_LICENSE = LGPLv2.1+
+MPC_LICENSE_FILES = COPYING.LIB
 MPC_INSTALL_STAGING = YES
 MPC_DEPENDENCIES = gmp mpfr
 MPC_AUTORECONF = YES
-- 
1.7.5.4

[Buildroot] [PATCH v3 13/22] fakeroot: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/fakeroot/fakeroot.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/fakeroot/fakeroot.mk b/package/fakeroot/fakeroot.mk
index 64203b8..a9074cb 100644
--- a/package/fakeroot/fakeroot.mk
+++ b/package/fakeroot/fakeroot.mk
@@ -6,5 +6,7 @@
 FAKEROOT_VERSION = 1.18.2
 FAKEROOT_SOURCE = fakeroot_$(FAKEROOT_VERSION).orig.tar.bz2
 FAKEROOT_SITE = http://snapshot.debian.org/archive/debian/20111201T093630Z/pool/main/f/fakeroot/
+FAKEROOT_LICENSE = GPLv3+
+FAKEROOT_LICENSE_FILES = COPYING
 
 $(eval $(call AUTOTARGETS,host))
-- 
1.7.5.4

[Buildroot] [PATCH v3 14/22] bzip2: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/bzip2/bzip2.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/bzip2/bzip2.mk b/package/bzip2/bzip2.mk
index 1bc4449..611e5a0 100644
--- a/package/bzip2/bzip2.mk
+++ b/package/bzip2/bzip2.mk
@@ -7,6 +7,8 @@ BZIP2_VERSION:=1.0.5
 BZIP2_SONAME=1.0.4
 BZIP2_SOURCE:=bzip2-$(BZIP2_VERSION).tar.gz
 BZIP2_SITE:=http://www.bzip.org/$(BZIP2_VERSION)
+BZIP2_LICENSE = bzip2 license
+BZIP2_LICENSE_FILES = LICENSE
 BZIP2_INSTALL_STAGING=YES
 
 define BZIP2_FIX_MAKEFILE
-- 
1.7.5.4

[Buildroot] [PATCH v3 15/22] directfb: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/directfb/directfb.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/directfb/directfb.mk b/package/directfb/directfb.mk
index 7aa0398..d0d8421 100644
--- a/package/directfb/directfb.mk
+++ b/package/directfb/directfb.mk
@@ -7,6 +7,8 @@ DIRECTFB_VERSION_MAJOR = 1.4
 DIRECTFB_VERSION = $(DIRECTFB_VERSION_MAJOR).16
 DIRECTFB_SITE = http://www.directfb.org/downloads/Core/DirectFB-$(DIRECTFB_VERSION_MAJOR)
 DIRECTFB_SOURCE = DirectFB-$(DIRECTFB_VERSION).tar.gz
+DIRECTFB_LICENSE = LGPLv2.1+
+DIRECTFB_LICENSE_FILES = COPYING
 DIRECTFB_AUTORECONF = YES
 DIRECTFB_INSTALL_STAGING = YES
 DIRECTFB_CONF_OPT = \
-- 
1.7.5.4

[Buildroot] [PATCH v3 16/22] iostat: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/iostat/iostat.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/iostat/iostat.mk b/package/iostat/iostat.mk
index 83eea07..6f2e8aa 100644
--- a/package/iostat/iostat.mk
+++ b/package/iostat/iostat.mk
@@ -6,6 +6,8 @@
 
 IOSTAT_VERSION = 2.2
 IOSTAT_SITE = http://www.linuxinsight.com/files
+IOSTAT_LICENSE = GPL
+IOSTAT_LICENSE_FILES = LICENSE
 
 iostat-source: $(DL_DIR)/$(IOSTAT_SOURCE)
 
-- 
1.7.5.4

[Buildroot] [PATCH v3 17/22] lzo: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/lzo/lzo.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/lzo/lzo.mk b/package/lzo/lzo.mk
index 84f31f0..da5d6b7 100644
--- a/package/lzo/lzo.mk
+++ b/package/lzo/lzo.mk
@@ -5,6 +5,8 @@
 #############################################################
 LZO_VERSION = 2.06
 LZO_SITE = http://www.oberhumer.com/opensource/lzo/download
+LZO_LICENSE = GPLv2+
+LZO_LICENSE_FILES = COPYING
 LZO_INSTALL_STAGING = YES
 
 $(eval $(call AUTOTARGETS))
-- 
1.7.5.4

[Buildroot] [PATCH v3 18/22] lzop: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/lzop/lzop.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/lzop/lzop.mk b/package/lzop/lzop.mk
index 6d1d674..1e98030 100644
--- a/package/lzop/lzop.mk
+++ b/package/lzop/lzop.mk
@@ -6,6 +6,8 @@
 LZOP_VERSION = 1.03
 LZOP_SOURCE = lzop-$(LZOP_VERSION).tar.gz
 LZOP_SITE = http://www.lzop.org/download/
+LZOP_LICENSE = GPLv2+
+LZOP_LICENSE_FILES = COPYING
 LZOP_DEPENDENCIES = lzo
 
 $(eval $(call AUTOTARGETS))
-- 
1.7.5.4

[Buildroot] [PATCH v3 19/22] libusb: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/libusb/libusb.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/libusb/libusb.mk b/package/libusb/libusb.mk
index 9abfcfc..ac0f0d2 100644
--- a/package/libusb/libusb.mk
+++ b/package/libusb/libusb.mk
@@ -6,6 +6,8 @@
 LIBUSB_VERSION = 1.0.9
 LIBUSB_SOURCE = libusb-$(LIBUSB_VERSION).tar.bz2
 LIBUSB_SITE = http://$(BR2_SOURCEFORGE_MIRROR).dl.sourceforge.net/project/libusb/libusb-1.0/libusb-$(LIBUSB_VERSION)
+LIBUSB_LICENSE = LGPLv2.1+
+LIBUSB_LICENSE_FILES = COPYING
 LIBUSB_DEPENDENCIES = host-pkg-config
 LIBUSB_INSTALL_STAGING = YES
 
-- 
1.7.5.4

[Buildroot] [PATCH v3 20/22] pcre: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/pcre/pcre.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/pcre/pcre.mk b/package/pcre/pcre.mk
index db896fd..d01ca84 100644
--- a/package/pcre/pcre.mk
+++ b/package/pcre/pcre.mk
@@ -6,6 +6,8 @@
 
 PCRE_VERSION = 8.30
 PCRE_SITE = ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre
+PCRE_LICENSE = BSD-3c
+PCRE_LICENSE_FILES = LICENCE
 PCRE_INSTALL_STAGING = YES
 
 ifneq ($(BR2_INSTALL_LIBSTDCPP),y)
-- 
1.7.5.4

[Buildroot] [PATCH v3 21/22] netsnmp: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/netsnmp/netsnmp.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/netsnmp/netsnmp.mk b/package/netsnmp/netsnmp.mk
index 448e3fd..125782f 100644
--- a/package/netsnmp/netsnmp.mk
+++ b/package/netsnmp/netsnmp.mk
@@ -7,6 +7,8 @@
 NETSNMP_VERSION = 5.7.1
 NETSNMP_SITE = http://$(BR2_SOURCEFORGE_MIRROR).dl.sourceforge.net/sourceforge/net-snmp
 NETSNMP_SOURCE = net-snmp-$(NETSNMP_VERSION).tar.gz
+NETSNMP_LICENSE = Various BSD-like
+NETSNMP_LICENSE_FILES = COPYING
 NETSNMP_INSTALL_STAGING = YES
 NETSNMP_CONF_ENV = ac_cv_NETSNMP_CAN_USE_SYSCTL=yes
 NETSNMP_CONF_OPT = --with-persistent-directory=/var/lib/snmp --disable-static \
-- 
1.7.5.4

[Buildroot] [PATCH v3 22/22] berkeleydb: define license

[Luca Ceresoli]

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
---
 package/berkeleydb/berkeleydb.mk |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/package/berkeleydb/berkeleydb.mk b/package/berkeleydb/berkeleydb.mk
index d737896..b42c000 100644
--- a/package/berkeleydb/berkeleydb.mk
+++ b/package/berkeleydb/berkeleydb.mk
@@ -7,6 +7,8 @@ BERKELEYDB_VERSION = 5.3.15
 BERKELEYDB_SITE = http://download.oracle.com/berkeley-db
 BERKELEYDB_SOURCE = db-$(BERKELEYDB_VERSION).NC.tar.gz
 BERKELEYDB_SUBDIR = build_unix
+BERKELEYDB_LICENSE = BerkeleyDB License
+BERKELEYDB_LICENSE_FILES = LICENSE
 BERKELEYDB_INSTALL_STAGING = YES
 BERKELEYDB_BINARIES = db_archive db_checkpoint db_deadlock db_dump \
 	db_hotbackup db_load db_log_verify db_printlog db_recover db_replicate \
-- 
1.7.5.4

[Buildroot] [PATCH v3 09/22] manual: add advice about GPL compliance for Buildroot

[Thomas De Schampheleire]

On Mon, May 7, 2012 at 10:12 PM, Luca Ceresoli <luca@lucaceresoli.net> wrote:
> Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
> ---
> ?docs/manual/using.txt | ? 27 +++++++++++++++++++++++++++
> ?1 files changed, 27 insertions(+), 0 deletions(-)
>
> diff --git a/docs/manual/using.txt b/docs/manual/using.txt
> index 09f4136..411136b 100644
> --- a/docs/manual/using.txt
> +++ b/docs/manual/using.txt
> @@ -281,3 +281,30 @@ Buildroot, with the name used in the manifest file:
> ?* +BSD-4c+: Original BSD 4-clause license;
> ?* +BSD-3c+: BSD 3-clause license;
> ?* +BSD-2c+: BSD 2-clause license.
> +
> +Complying with the Buildroot license
> +------------------------------------
> +
> +Buildroot itself is an opensource software, released under the
> +http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU General Public
> +License, version 2] or (at your option) any later version.
> +However, being a build system, it is not normally part of the end product:
> +if you develop the root filesystem, kernel, bootloader or toolchain for a
> +device, the code of Buildroot is only present on the development machine, not
> +in the device storage.
> +
> +Nevertheless, the general view of the Buildroot developers is that you should
> +release the Buildroot source code along with the source code of other packages
> +when releasing a product that contains GPL-licensed software.
> +This is because the
> +http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU GPL]
> +defines the "'complete source code'" for an executable work as "'all the
> +source code for all modules it contains, plus any associated interface
> +definition files, plus the scripts used to control compilation and installation
> +of the executable'".
> +Buildroot is part of the 'scripts used to control compilation and
> +installation of the executable', and as such it is considered part of the
> +material that must be redistributed.
> +
> +Keep in mind this is only the Buildroot developers' opinion, and you should
> +consult your legal department or lawyer for any doubt.

I'm not a native English speaker myself, but I would have written 'in
case of any doubt' instead of 'for any doubt'.

[Buildroot] [PATCH v3 02/22] gettext: warn that legal-info is not implemented

[Thomas De Schampheleire]

On Mon, May 7, 2012 at 10:12 PM, Luca Ceresoli <luca@lucaceresoli.net> wrote:
> Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
> ---
> ?package/gettext/gettext.mk | ? ?3 +++
> ?1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/package/gettext/gettext.mk b/package/gettext/gettext.mk
> index f3605da..1d9d84d 100644
> --- a/package/gettext/gettext.mk
> +++ b/package/gettext/gettext.mk
> @@ -113,6 +113,9 @@ $(STAGING_DIR)/$(GETTEXT_TARGET_BINARY): $(GETTEXT_DIR)/$(GETTEXT_BINARY)
> ? ? ? ? ? ? ? ?autopoint envsubst gettext.sh gettextize msg* ?gettext)
> ? ? ? ?touch -c $@
>
> +gettext-legal-info:
> + ? ? ? @$(call legal-warning-pkg,gettext,cannot produce any legal info)
> +

I don't think this statement is not entirely correct. It's not that we
'cannot' produce the info. It's just that currently, we did not add
the necessary license definitions, right?
What about something like 'legal-info not yet implemented' or 'no
legal info saved yet' or ...?

Moreover, will this be added to each package for which no legal info
is provided? What about making this message the default by putting it
in pkg-gentargets.mk, if no suitable variables were defined?

> ?gettext: host-pkg-config $(if $(BR2_PACKAGE_LIBICONV),libiconv) $(STAGING_DIR)/$(GETTEXT_TARGET_BINARY)
>
> ?gettext-unpacked: $(GETTEXT_DIR)/.unpacked
> --
> 1.7.5.4
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

[Buildroot] [PATCH v3 02/22] gettext: warn that legal-info is not implemented

[Thomas Petazzoni]

Hello,

Le Wed, 9 May 2012 08:21:25 +0200,
Thomas De Schampheleire <patrickdepinguin+buildroot@gmail.com> a ?crit :

> Moreover, will this be added to each package for which no legal info
> is provided? What about making this message the default by putting it
> in pkg-gentargets.mk, if no suitable variables were defined?

It is already the case, but the point is that gettext has not yet been
converted to gentargets (but Maxime Ripard and Samuel Martin have been
sending patches about this recently).

Thomas
-- 
Thomas Petazzoni, Free Electrons
Kernel, drivers, real-time and embedded Linux
development, consulting, training and support.
http://free-electrons.com

[Buildroot] [PATCH v3 02/22] gettext: warn that legal-info is not implemented

[Luca Ceresoli]

Thomas De Schampheleire wrote:
> On Mon, May 7, 2012 at 10:12 PM, Luca Ceresoli<luca@lucaceresoli.net>  wrote:
>> Signed-off-by: Luca Ceresoli<luca@lucaceresoli.net>
>> ---
>>   package/gettext/gettext.mk |    3 +++
>>   1 files changed, 3 insertions(+), 0 deletions(-)
>>
>> diff --git a/package/gettext/gettext.mk b/package/gettext/gettext.mk
>> index f3605da..1d9d84d 100644
>> --- a/package/gettext/gettext.mk
>> +++ b/package/gettext/gettext.mk
>> @@ -113,6 +113,9 @@ $(STAGING_DIR)/$(GETTEXT_TARGET_BINARY): $(GETTEXT_DIR)/$(GETTEXT_BINARY)
>>                 autopoint envsubst gettext.sh gettextize msg* ?gettext)
>>         touch -c $@
>>
>> +gettext-legal-info:
>> +       @$(call legal-warning-pkg,gettext,cannot produce any legal info)
>> +
> I don't think this statement is not entirely correct. It's not that we
> 'cannot' produce the info. It's just that currently, we did not add
> the necessary license definitions, right?
> What about something like 'legal-info not yet implemented' or 'no
> legal info saved yet' or ...?
Yes, 'legal-info not yet implemented' is more understandable.
I'll change that.


> Moreover, will this be added to each package for which no legal info
> is provided? What about making this message the default by putting it
> in pkg-gentargets.mk, if no suitable variables were defined?

Gentargets packages without _LICENSE / _LICENSE_FILES defined are handled
automatically by gentargets. They get listed in the manifest this way:

$ cat legal-info/manifest.csv
package,version,license,license files,source archive
...
freetype,2.4.8,unknown,not saved,freetype-2.4.8.tar.bz2

The problem with non-gentargets packages is that they do not get listed
automatically in the manifest, because the manifest is produced by the
gentargets infrastrucure.

Hence we should:
  - convert these packages to gentargets, or
  - manually implement a<PKG>-legal-info for these packages, or
  - make the user aware that these packages are not handled by the legal-info
    stuff: no manifest entry, no tarball, no license files.

The first option is the best thing to do, but it's out of the scope of this
patchset. The number of manual packages is consistently approaching zero
anyway.

I don't like the second option: this is work that would mostly be wasted when
converting to gentargets. I would rather spend my time converting to
gentargets.
  
The third option is the warning you see.

Luca

[Buildroot] [PATCH v3 00/22] Automatically produce legal compliance info

[Thomas De Schampheleire]

Hi Luca,

On Mon, May 7, 2012 at 10:10 PM, Luca Ceresoli <luca@lucaceresoli.net> wrote:
> Hi,
>
> here is the third version of the legal-info feature implementation.
>
> For the records, previous versions are here:
> v1: http://lists.busybox.net/pipermail/buildroot/2012-January/049590.html
> v2: http://lists.busybox.net/pipermail/buildroot/2012-March/051132.html
>
> The approach is based on two per-package constants in eack .mk file, such as:
> ?FOO_LICENSE = GPLv2+
> ?FOO_LICENSE_FILES = COPYING
> ?BAR_LICENSE = LGPLv2.1 + GPLv3
> ?BAR_LICENSE_FILES = COPYING.LGPL demo-app/COPYING.GPL3
> ?MYAPP_LICENSE = PROPRIETARY
> This is the only effort required to the package creator. If <PKG>_LICENSE is
> not specified it defaults to "unknown".
>
> After running 'make legal-info', the following things will be produced in
> $(O)/legal-info/:
> ?$ find legal-info/ -type f
> ?legal-info/README ? ? ? ? ? ?# Lists saved stuff, warns about unsaved stuff
> ?legal-info/licenses.txt ? ? ?# Text of all licenses
> ?legal-info/buildroot.config ?# The buildroot config
> ?legal-info/licenses/buildroot/COPYING ? ? ? # License files, one dir per pkg
> ?legal-info/licenses/busybox/LICENSE
> ?legal-info/licenses/...other packages...
> ?legal-info/manifest.csv ? ? ? ? ? ? ? ? ? ? # CSV table summarizing all info
> ?legal-info/sources/busybox-1.19.4.tar.bz2 ? # tarballs
> ?legal-info/sources/kmod-5.tar.xz
> ?legal-info/sources/libtool-2.2.10.tar.gz
> ?legal-info/sources/...other packages...
>
> Given the technical difficulties, the toolchain and the BR sources are not
> saved. Warnings are generated to make sure the user is aware of this.
>
> One of the issues raised about the previous patchset was about packages
> without a license file, such as jpeg or fbset. These usually declare their
> license in a comment at the top of one or more source files.
>
> Yann E. Morin suggested to solve this problem in a general way implementing a
> _LICENSE_HOOK that does whatever is needed to copy the license.
> I found the idea good and started implementing it, but I did not reach
> anything decently structured yet. As I don't want to further delay the basic
> work, I chose to postpone this feature to a later step.
>
>
> License compliance advice to users
> ==================================
>
> During the latest Buildroot Developer Day in February, a request was made to
> give an advice from Buildroot developers' to Buildroot users about how to
> comply with both Buildroot's and the packages' licenses.
> This is added to the manual in patch 9. Of course this must match as much as
> possible what the developers think, so please read it and give comments!
>
>
> Possible future improvements
> ============================
>
> These are left as future enhancemenst, after the merge of the first core
> functionality, in order to keep it as simple as possible for a first step.
>
> - The toolchain is not currently saved (internal, external, ct-NG, no
> ?discrimination). Actually, only GENTARGETS-based packages are handled, so the
> ?best approach might be to "simply" migrate the toolchains to GENTARGETS.
>
> - Save the Buildroot sources too. If the sources are not a git clone this might
> ?be as simple as tar of the current directory and exclude dl and output, but
> ?this has never been tested. Also, make sure this works for out-of-tree BR
> ?builds.
>
> - Add a hook for a post-legal-info script.
>
> - Add a <PKG>_LICENSE_HOOK for packages without a license file.
>
>
> Changelog
> =========
>
> Changed in v3:
> - moved the $(1)-legal-info target near the end of GENTARGETS_INNER, out of the
> ?may of target sequencing where it used to be in the previous patch sets;
> - improved readability by creating a set of functions to produce a warning,
> ?to add a line to the csv, etc as suggested by ThomasDS (this made the core
> ?code shorter and cleaner);
> - clarified the BSD-like licenses, differentiating 2/3/4 clauses and others;
> - clarified *GPL licenses, and dropped definitions for packages that do not
> ?have a clear and simple use of those licenses (tslib, busybox, qt);
> - dropped warning patches for tinyhttpd, xfsprogs, microperl, fis, doom-wads,
> ?uemacs and cups which have now been converted to GEN/AUTOTARGETS;
> - updated after the split of Makefile.package.in in pkg-*.mk and related
> ?cleanups;
> - added a few lines of explanation in the message of the first big commit that
> ?implements all the logic;
> - documented the legal-info stuff in the manual;
> - added (tentative) advice about Buildroot license compliance;
> - various improvements here and there.
>
> Changed in v2:
> - squashed together patches 1-4 from RFC v1; now all the legal-info mechanism
> ?is implmented in a unique patch.
> - rebase on top of current master
> - don't clean $(REDIST_SOURCES_DIR): it is a subdir of $(LEGAL_INFO_DIR), so
> ?doesn't need to be cleaned twice
> - added legal-info-clean target
> - made legal-info target .PHONY
> - remove the output/legal-info dir before populating it
> - when saving source tarballs, create hardlinks instead of copies if possible
> - add infrastructure to warn the user about info that has not been saved: a
> ?.warnings file is filled with such info and displayed to the user at the
> ?end of the legal-info processing
> - ensure manual (non-GENTARGETS-based) packages return error, at least; this
> ?required to explicitly create a -legal-info target for each of them, or
> ?they would have been silently skipped.
> - list also Buildroot in the manifest file! :)
> - save the Buildroot .config
> - save license files listed in <PKG>_LICENSE_FILES, both in a separate
> ?directory for each package and all together in a unique file
> - various cleanups.
>
> Patches
> =======
>
> - The implementation is all in the first commit, which is commented on its
> ?own.
> - A few patches follow to make non-GENTARGETS packages warn about their
> ?dumbness.
> - A couple of patches add documentation about the legal-info stuff.
> - Other commits define licenses for some packages.
>
> The following changes since commit 057c729c2438107b426576121bcf83f792734a6f:
>
> ?external-toolchain: add support for Linaro 2012.04 (2012-05-07 17:08:37 +0200)
>
> are available in the git repository at:
> ?git://github.com/lucaceresoli/buildroot.git legal-info
>
> Luca Ceresoli (22):
> ?legal-info: infrastructure to collect legally-relevant material
> ?gettext: warn that legal-info is not implemented
> ?netkitbase: warn that legal-info is not implemented
> ?netkittelnet: warn that legal-info is not implemented
> ?newt: warn that legal-info is not implemented
> ?ttcp: warn that legal-info is not implemented
> ?vpnc: warn that legal-info is not implemented
> ?manual: document usage of the legal-info feature
> ?manual: add advice about GPL compliance for Buildroot
> ?linux: define license
> ?m4: define license
> ?mpc: define license
> ?fakeroot: define license
> ?bzip2: define license
> ?directfb: define license
> ?iostat: define license
> ?lzo: define license
> ?lzop: define license
> ?libusb: define license
> ?pcre: define license
> ?netsnmp: define license
> ?berkeleydb: define license
>
> ?Makefile ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? | ? 42 +++++++++-
> ?docs/manual/adding-packages-gentargets.txt | ? 18 ++++
> ?docs/manual/using.txt ? ? ? ? ? ? ? ? ? ? ?| ?127 ++++++++++++++++++++++++++++
> ?linux/linux.mk ? ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/berkeleydb/berkeleydb.mk ? ? ? ? ? | ? ?2 +
> ?package/bzip2/bzip2.mk ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/directfb/directfb.mk ? ? ? ? ? ? ? | ? ?2 +
> ?package/fakeroot/fakeroot.mk ? ? ? ? ? ? ? | ? ?2 +
> ?package/gettext/gettext.mk ? ? ? ? ? ? ? ? | ? ?3 +
> ?package/iostat/iostat.mk ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/libusb/libusb.mk ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/lzo/lzo.mk ? ? ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/lzop/lzop.mk ? ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/m4/m4.mk ? ? ? ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/mpc/mpc.mk ? ? ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/netkitbase/netkitbase.mk ? ? ? ? ? | ? ?3 +
> ?package/netkittelnet/netkittelnet.mk ? ? ? | ? ?3 +
> ?package/netsnmp/netsnmp.mk ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/newt/newt.mk ? ? ? ? ? ? ? ? ? ? ? | ? ?3 +
> ?package/pcre/pcre.mk ? ? ? ? ? ? ? ? ? ? ? | ? ?2 +
> ?package/pkg-gentargets.mk ? ? ? ? ? ? ? ? ?| ? 65 ++++++++++++++
> ?package/pkg-utils.mk ? ? ? ? ? ? ? ? ? ? ? | ? 25 ++++++
> ?package/ttcp/ttcp.mk ? ? ? ? ? ? ? ? ? ? ? | ? ?3 +
> ?package/vpnc/vpnc.mk ? ? ? ? ? ? ? ? ? ? ? | ? ?3 +
> ?support/legal-info/README.header ? ? ? ? ? | ? 24 +++++
> ?support/legal-info/README.warnings-header ?| ? ?4 +
> ?26 files changed, 346 insertions(+), 3 deletions(-)
> ?create mode 100644 support/legal-info/README.header
> ?create mode 100644 support/legal-info/README.warnings-header
>

I pulled from your branch and did some tests with it. Some observations:

- If you start from a clean env without .config, the 'legal-info'
target does not exist. This is because it's in the 'have-config'
block. This may make sense, but it would be nice if this were noted
somewhere (the fact that you have to have a config first).

- I then created a config, (either with a defconfig (I took pandaboard
as example) or by just starting 'make menuconfig' and immediately
saving) and executed 'make legal-info'. Now I got:

>>> busybox 1.20.0 Downloading
/home/tdescham/repo/contrib/buildroot-import/dl/busybox-1.20.0.tar.bz2:
No such file or directory
/home/tdescham/repo/contrib/buildroot-import/dl/busybox-1.20.0.tar.bz2:
No such file or directory
make: *** [/home/tdescham/repo/contrib/buildroot-import/output/build/busybox-1.20.0/.stamp_downloaded]
Error 1

This was fixed by explicitly running 'make dirs'. I think then that
'dirs' should be a prerequisite for the legal-info target.

- After that I played a bit by adding legal info to busybox and see
how legal-info behaved. All was as expected, no comments here.

- Then I tried specifying a proprietary package, and noticed that this
is case-sensitive PROPRIETARY. Although I understand that this is
easier, and I am not against keeping this, this fact was not mentioned
in the docs. In fact, the common license list in usage.txt does not
specify the PROPRIETARY license at all. I feel that we should mention
this possibility at least somewhere, either in that using.txt place,
or in the adding-packages-gentargets.txt file.

For the rest, I have no comments on this proposal. Again, nice job and
thanks for taking this up!

Best regards,
Thomas

[Buildroot] [PATCH v3 02/22] gettext: warn that legal-info is not implemented

[Thomas De Schampheleire]

On Wed, May 9, 2012 at 9:30 AM, Luca Ceresoli <luca@lucaceresoli.net> wrote:
> Thomas De Schampheleire wrote:
>>
>> On Mon, May 7, 2012 at 10:12 PM, Luca Ceresoli<luca@lucaceresoli.net>
>> ?wrote:
>>>
>>> Signed-off-by: Luca Ceresoli<luca@lucaceresoli.net>
>>> ---
>>> ?package/gettext/gettext.mk | ? ?3 +++
>>> ?1 files changed, 3 insertions(+), 0 deletions(-)
>>>
>>> diff --git a/package/gettext/gettext.mk b/package/gettext/gettext.mk
>>> index f3605da..1d9d84d 100644
>>> --- a/package/gettext/gettext.mk
>>> +++ b/package/gettext/gettext.mk
>>> @@ -113,6 +113,9 @@ $(STAGING_DIR)/$(GETTEXT_TARGET_BINARY):
>>> $(GETTEXT_DIR)/$(GETTEXT_BINARY)
>>> ? ? ? ? ? ? ? ?autopoint envsubst gettext.sh gettextize msg* ?gettext)
>>> ? ? ? ?touch -c $@
>>>
>>> +gettext-legal-info:
>>> + ? ? ? @$(call legal-warning-pkg,gettext,cannot produce any legal info)
>>> +
>>
>> I don't think this statement is not entirely correct. It's not that we
>> 'cannot' produce the info. It's just that currently, we did not add
>> the necessary license definitions, right?
>> What about something like 'legal-info not yet implemented' or 'no
>> legal info saved yet' or ...?
>
> Yes, 'legal-info not yet implemented' is more understandable.
> I'll change that.
>
>
>
>> Moreover, will this be added to each package for which no legal info
>> is provided? What about making this message the default by putting it
>> in pkg-gentargets.mk, if no suitable variables were defined?
>
>
> Gentargets packages without _LICENSE / _LICENSE_FILES defined are handled
> automatically by gentargets. They get listed in the manifest this way:
>
> $ cat legal-info/manifest.csv
> package,version,license,license files,source archive
> ...
> freetype,2.4.8,unknown,not saved,freetype-2.4.8.tar.bz2
>
> The problem with non-gentargets packages is that they do not get listed
> automatically in the manifest, because the manifest is produced by the
> gentargets infrastrucure.
>
> Hence we should:
> ?- convert these packages to gentargets, or
> ?- manually implement a<PKG>-legal-info for these packages, or
> ?- make the user aware that these packages are not handled by the legal-info
> ? stuff: no manifest entry, no tarball, no license files.
>
> The first option is the best thing to do, but it's out of the scope of this
> patchset. The number of manual packages is consistently approaching zero
> anyway.
>
> I don't like the second option: this is work that would mostly be wasted
> when
> converting to gentargets. I would rather spend my time converting to
> gentargets.
> ?The third option is the warning you see.
>

Ok, thanks Thomas and Luca for the clarification.

[Buildroot] [PATCH v3 01/22] legal-info: infrastructure to collect legally-relevant material

[Arnout Vandecappelle]

On 05/07/12 22:12, Luca Ceresoli wrote:
> This allows to automatically collect material that may be needed to comply with
> the license of packages that Buildroot prepares for the target device.
>
> The core of the implementation is made by the following parts:
>   - in package/pkg-utils.mk some helper functions are defined for common actions
>     such as generating a warning, producing info about a package etc;
>   - in package/pkg-gentargets.mk, within the GENTARGETS framework, a new
>     <PKG>-legal-info target produces all the info for a given package;
>   - Makefile implements the top-level targets:
>     - legal-info-prepare creates the output directory and produces legal info
>       about Buildroot itself and the toolchain, which mostly means just warning
>       the user that this is not implemented;
>     - legal-info, the only target that is supposed to be used directly, depends
>       on all of the above and finishes things by producing the README files from
>       the various pieces.
>
> Signed-off-by: Luca Ceresoli<luca@lucaceresoli.net>

  Looks great!

  Any chance that this can still go into the 2012.05 release?  I have one customer
who would be really pleased with that...

  Except for the dirs dependency, I think it can go in as it is.  But of course I
do have some optional remarks :-)

> +TARGETS_LEGAL_INFO:=$(patsubst %,%-legal-info,\
> +		$(filter-out host-makedevs,\
> +		$(TARGETS) $(BASE_TARGETS) $(TARGETS_HOST_DEPS) $(HOST_DEPS))))

  I guess host-makedevs is filtered out here because it has no tar file?
In that case, the same should be done for makedevs and mcookie.  But maybe
it's better to define the SITE_METHOD of these packages as local.  Then they
will be registered as "not saved" in the manifest.

[snip]
> +legal-info-clean:
> +	@rm -fr $(LEGAL_INFO_DIR)

  We usually use '$(RM) -r', I think.

> +
> +legal-info-prepare: $(LEGAL_INFO_DIR)

  I would add an announcement here:
	@$(call MESSAGE,"Collecting legal info")

> +	@$(call legal-license-file,buildroot,COPYING,COPYING)
> +	@$(call legal-manifest,package,version,license,license files,source archive)

  I would Capitalize the titles.

> +	@$(call legal-manifest,buildroot,$(BR2_VERSION_FULL),GPLv2+,COPYING,not saved)
> +	@$(call legal-warning,the Buildroot source code has not been saved)
> +	@$(call legal-warning,the toolchain has not been saved)
> +	@cp $(CONFIG_DIR)/.config $(LEGAL_INFO_DIR)/buildroot.config
[snip]
> +$(2)_RAWNAME			=  $(patsubst host-%,%,$(1))

  Not for this patch, but it would be better to add an argument to
GENTARGETS for the lowercase non-host name.

  Also, the %/.stamp_patched target could reuse this variable.

>
>
> +ifneq ($$($(3)_LICENSE),PROPRIETARY)
> +ifneq ($$($(3)_SITE_METHOD),local)
> +ifneq ($$($(3)_SITE_METHOD),override)
> +# Packages that have a tarball need it downloaded and extracted beforehand
> +$(1)-legal-info:	$(1)-extract $(REDIST_SOURCES_DIR)
> +endif
> +endif
> +endif

  I would combine these conditions with the ones below for setting
_MANIFEST_TARBALL.  Or you could put it as

ifneq ($$($(2)_MANIFEST_TARBALL),not saved)
$(1)-legal-info:	$(1)-extract $(REDIST_SOURCES_DIR)
endif

  BTW, why is it $(3)_LICENSE here and $(2)_LICENSE below?

> +
>   $(1)-show-depends:
>   			@echo $$($(2)_DEPENDENCIES)
>
> @@ -412,6 +436,47 @@ else
>   $(2)_KCONFIG_VAR = BR2_PACKAGE_$(2)
>   endif
>
> +# Set values used later for legal-info manifest
> +ifneq ($$($(2)_LICENSE),PROPRIETARY)
> +ifneq ($$($(2)_SITE_METHOD),local)
> +ifneq ($$($(2)_SITE_METHOD),override)
> +$(2)_MANIFEST_TARBALL = $$($(2)_SOURCE)
> +ifneq ($(call qstrip,$$($(2)_LICENSE_FILES)),)

  Why is there a qstrip here?  The variable is defined in a .mk
file so doesn't contain quotes, right?

> +$(2)_MANIFEST_LICENSE_FILES = $$($(2)_LICENSE_FILES)
> +endif
> +endif
> +endif
> +endif
> +# defaults for packages without tarball or license files
> +$(2)_MANIFEST_TARBALL ?= not saved
> +$(2)_MANIFEST_LICENSE_FILES ?= not saved
> +
> +# legal-info: produce legally relevant info.
> +$(1)-legal-info:
> +ifeq ($$($(2)_LICENSE),PROPRIETARY)
> +# Proprietary packages: nothing to save
> +else ifeq ($$($(2)_SITE_METHOD),local)
> +# Packages without a tarball: don't save and warn
> +	@$(call legal-warning-pkg-savednothing,$$($(2)_RAWNAME),local)
> +else ifeq ($$($(2)_SITE_METHOD),override)
> +	@$(call legal-warning-pkg-savednothing,$$($(2)_RAWNAME),override)
> +else
> +# Other packages
> +# Save license files if defined
> +ifeq ($(call qstrip,$$($(2)_LICENSE_FILES)),)
> +	@$(call legal-license-nofiles,$$($(2)_RAWNAME))
> +	@$(call legal-warning-pkg,$$($(2)_RAWNAME),cannot save license ($(2)_LICENSE_FILES not defined))
> +else
> +	@for F in $$($(2)_LICENSE_FILES); do \
> +		$(call legal-license-file,$$($(2)_RAWNAME),$$$${F},$$($(2)_DIR)/$$$${F}); \
> +		done
> +endif
> +# Copy the source tarball (just hardlink if possible)
> +	@cp -l $(DL_DIR)/$$($(2)_SOURCE) $(REDIST_SOURCES_DIR) 2>/dev/null || \
> +	   cp $(DL_DIR)/$$($(2)_SOURCE) $(REDIST_SOURCES_DIR)

  Genius!

> +endif
> +	@$(call legal-manifest,$$($(2)_RAWNAME),$$($(2)_VERSION),$$($(2)_LICENSE),$$($(2)_MANIFEST_LICENSE_FILES),$$($(2)_MANIFEST_TARBALL))
> +

  I'm not sure if it would work, but maybe this could be moved out
of the GENTARGETS and defined as a pattern rule, like all the other
stuff.  That saves a lot of double $$.

[snip]

  Regards,
  Arnout
-- 
Arnout Vandecappelle                               arnout at mind be
Senior Embedded Software Architect                 +32-16-286540
Essensium/Mind                                     http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium                BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7CB5 E4CC 6C2E EFD4 6E3D A754 F963 ECAB 2450 2F1F

[Buildroot] [PATCH v3 01/22] legal-info: infrastructure to collect legally-relevant material

[Luca Ceresoli]

Hi Arnout,
thanks for your review.

Arnout Vandecappelle wrote:
> On 05/07/12 22:12, Luca Ceresoli wrote:
>> This allows to automatically collect material that may be needed to 
>> comply with
>> the license of packages that Buildroot prepares for the target device.
>>
>> The core of the implementation is made by the following parts:
>>   - in package/pkg-utils.mk some helper functions are defined for 
>> common actions
>>     such as generating a warning, producing info about a package etc;
>>   - in package/pkg-gentargets.mk, within the GENTARGETS framework, a new
>> <PKG>-legal-info target produces all the info for a given package;
>>   - Makefile implements the top-level targets:
>>     - legal-info-prepare creates the output directory and produces 
>> legal info
>>       about Buildroot itself and the toolchain, which mostly means 
>> just warning
>>       the user that this is not implemented;
>>     - legal-info, the only target that is supposed to be used 
>> directly, depends
>>       on all of the above and finishes things by producing the README 
>> files from
>>       the various pieces.
>>
>> Signed-off-by: Luca Ceresoli<luca@lucaceresoli.net> 
>
>  Looks great!
>
>  Any chance that this can still go into the 2012.05 release?  I have 
> one customer
> who would be really pleased with that...
>
>  Except for the dirs dependency, I think it can go in as it is.  But 
> of course I
> do have some optional remarks :-)
>
>> +TARGETS_LEGAL_INFO:=$(patsubst %,%-legal-info,\
>> +        $(filter-out host-makedevs,\
>> +        $(TARGETS) $(BASE_TARGETS) $(TARGETS_HOST_DEPS) $(HOST_DEPS)))) 
>
>  I guess host-makedevs is filtered out here because it has no tar file?
> In that case, the same should be done for makedevs and mcookie.  But 
> maybe
> it's better to define the SITE_METHOD of these packages as local.  
> Then they
> will be registered as "not saved" in the manifest. 

My ignorance, I didn't know about the existence of mcookie in Buildroot.
I would like to omit entirely these packages from the legal-info list, 
as they are
actually a part of Buildroot.
But since using filter-out is pretty dirty, I think a clean 
implementation would be
to exclude from legal-info processing all packages with an empyt _SOURCE 
variable.
The assumption here is that if they don't have an external source, they 
are part of
Buildroot.

Do you think this is a good idea?

$ git grep -E '_SOURCE[^A-Z_]*=[^A-Za-z]*$' package/
package/makedevs/makedevs.mk:MAKEDEVS_SOURCE =
package/makedevs/makedevs.mk:HOST_MAKEDEVS_SOURCE =
package/x11r7/mcookie/mcookie.mk:MCOOKIE_SOURCE =

Look, they turned out to be makedevs and mcookie! :)

>
> [snip]
>> +legal-info-clean:
>> +    @rm -fr $(LEGAL_INFO_DIR) 
>
>  We usually use '$(RM) -r', I think. 

Apparently not (although that might be nice).

>
>
>> +
>> +legal-info-prepare: $(LEGAL_INFO_DIR) 
>
>  I would add an announcement here:
>     @$(call MESSAGE,"Collecting legal info") 

Fine, will do.

>
>> +    @$(call legal-license-file,buildroot,COPYING,COPYING)
>> +    @$(call legal-manifest,package,version,license,license 
>> files,source archive) 
>
>  I would Capitalize the titles.

That's sound, will do.

>
>> +    @$(call 
>> legal-manifest,buildroot,$(BR2_VERSION_FULL),GPLv2+,COPYING,not saved)
>> +    @$(call legal-warning,the Buildroot source code has not been saved)
>> +    @$(call legal-warning,the toolchain has not been saved)
>> +    @cp $(CONFIG_DIR)/.config $(LEGAL_INFO_DIR)/buildroot.config 
> [snip]
>> +$(2)_RAWNAME            =  $(patsubst host-%,%,$(1)) 
>
>  Not for this patch, but it would be better to add an argument to
> GENTARGETS for the lowercase non-host name.
>
>  Also, the %/.stamp_patched target could reuse this variable.
>
>>
>> +ifneq ($$($(3)_LICENSE),PROPRIETARY)
>> +ifneq ($$($(3)_SITE_METHOD),local)
>> +ifneq ($$($(3)_SITE_METHOD),override)
>> +# Packages that have a tarball need it downloaded and extracted 
>> beforehand
>> +$(1)-legal-info:    $(1)-extract $(REDIST_SOURCES_DIR)
>> +endif
>> +endif
>> +endif 
>
>  I would combine these conditions with the ones below for setting
> _MANIFEST_TARBALL.  Or you could put it as 

This was to keep dependencies where all other dependencies live, and the
"implementation" in its own place. But the number of extra lines is actually
ugly. I will move the one dependency line below unless there are voices 
against.

> ifneq ($$($(2)_MANIFEST_TARBALL),not saved)
> $(1)-legal-info:    $(1)-extract $(REDIST_SOURCES_DIR)
> endif
>
>  BTW, why is it $(3)_LICENSE here and $(2)_LICENSE below? 

Good catch, these should both be $(2) indeed. Will be fixed in the next 
patchset.

>
>> +
>>   $(1)-show-depends:
>>               @echo $$($(2)_DEPENDENCIES)
>>
>> @@ -412,6 +436,47 @@ else
>>   $(2)_KCONFIG_VAR = BR2_PACKAGE_$(2)
>>   endif
>>
>> +# Set values used later for legal-info manifest
>> +ifneq ($$($(2)_LICENSE),PROPRIETARY)
>> +ifneq ($$($(2)_SITE_METHOD),local)
>> +ifneq ($$($(2)_SITE_METHOD),override)
>> +$(2)_MANIFEST_TARBALL = $$($(2)_SOURCE)
>> +ifneq ($(call qstrip,$$($(2)_LICENSE_FILES)),) 
>
>  Why is there a qstrip here?  The variable is defined in a .mk
> file so doesn't contain quotes, right?

Right. Will fix.

>
>> +$(2)_MANIFEST_LICENSE_FILES = $$($(2)_LICENSE_FILES)
>> +endif
>> +endif
>> +endif
>> +endif
>> +# defaults for packages without tarball or license files
>> +$(2)_MANIFEST_TARBALL ?= not saved
>> +$(2)_MANIFEST_LICENSE_FILES ?= not saved
>> +
>> +# legal-info: produce legally relevant info.
>> +$(1)-legal-info:
>> +ifeq ($$($(2)_LICENSE),PROPRIETARY)
>> +# Proprietary packages: nothing to save
>> +else ifeq ($$($(2)_SITE_METHOD),local)
>> +# Packages without a tarball: don't save and warn
>> +    @$(call legal-warning-pkg-savednothing,$$($(2)_RAWNAME),local)
>> +else ifeq ($$($(2)_SITE_METHOD),override)
>> +    @$(call legal-warning-pkg-savednothing,$$($(2)_RAWNAME),override)
>> +else
>> +# Other packages
>> +# Save license files if defined
>> +ifeq ($(call qstrip,$$($(2)_LICENSE_FILES)),)
>> +    @$(call legal-license-nofiles,$$($(2)_RAWNAME))
>> +    @$(call legal-warning-pkg,$$($(2)_RAWNAME),cannot save license 
>> ($(2)_LICENSE_FILES not defined))
>> +else
>> +    @for F in $$($(2)_LICENSE_FILES); do \
>> +        $(call 
>> legal-license-file,$$($(2)_RAWNAME),$$$${F},$$($(2)_DIR)/$$$${F}); \
>> +        done
>> +endif
>> +# Copy the source tarball (just hardlink if possible)
>> +    @cp -l $(DL_DIR)/$$($(2)_SOURCE) $(REDIST_SOURCES_DIR) 
>> 2>/dev/null || \
>> +       cp $(DL_DIR)/$$($(2)_SOURCE) $(REDIST_SOURCES_DIR) 
>
>  Genius!
>
>> +endif
>> +    @$(call 
>> legal-manifest,$$($(2)_RAWNAME),$$($(2)_VERSION),$$($(2)_LICENSE),$$($(2)_MANIFEST_LICENSE_FILES),$$($(2)_MANIFEST_TARBALL))
>> + 
>
>  I'm not sure if it would work, but maybe this could be moved out
> of the GENTARGETS and defined as a pattern rule, like all the other
> stuff.  That saves a lot of double $$. 

When I tried to do this change, it turned out that it would add more lines
than the dollars it removes, so I reverted everything.
I can't exclude it might be done in a better way that I was able to do,
anyway.

Luca

[Buildroot] [PATCH v3 01/22] legal-info: infrastructure to collect legally-relevant material

[Peter Korsgaard]

>>>>> "Arnout" == Arnout Vandecappelle <arnout@mind.be> writes:

Hi,

 Arnout>  Looks great!

 Arnout>  Any chance that this can still go into the 2012.05 release?  I
 Arnout> have one customer who would be really pleased with that...

Sorry, but I think it's getting too late for that. We can merge it to
-next pretty soon once the remining issues are worked out though.

-- 
Bye, Peter Korsgaard

[Buildroot] [PATCH v3 01/22] legal-info: infrastructure to collect legally-relevant material

[Arnout Vandecappelle]

On 05/14/12 18:54, Luca Ceresoli wrote:
> Arnout Vandecappelle wrote:
>> On 05/07/12 22:12, Luca Ceresoli wrote:
[snip]
>>> +TARGETS_LEGAL_INFO:=$(patsubst %,%-legal-info,\
>>> + $(filter-out host-makedevs,\
>>> + $(TARGETS) $(BASE_TARGETS) $(TARGETS_HOST_DEPS) $(HOST_DEPS))))
>>
>> I guess host-makedevs is filtered out here because it has no tar file?
>> In that case, the same should be done for makedevs and mcookie. But maybe
>> it's better to define the SITE_METHOD of these packages as local. Then they
>> will be registered as "not saved" in the manifest.
>
> My ignorance, I didn't know about the existence of mcookie in Buildroot.
> I would like to omit entirely these packages from the legal-info list, as they are
> actually a part of Buildroot.
> But since using filter-out is pretty dirty, I think a clean implementation would be
> to exclude from legal-info processing all packages with an empyt _SOURCE variable.
> The assumption here is that if they don't have an external source, they are part of
> Buildroot.
>
> Do you think this is a good idea?

  Good plan!

[snip]
>> I'm not sure if it would work, but maybe this could be moved out
>> of the GENTARGETS and defined as a pattern rule, like all the other
>> stuff. That saves a lot of double $$.
>
> When I tried to do this change, it turned out that it would add more lines
> than the dollars it removes, so I reverted everything.
> I can't exclude it might be done in a better way that I was able to do,
> anyway.

  I can take a shot at it once this stuff gets committed.

  Regards,
  Arnout
-- 
Arnout Vandecappelle                               arnout at mind be
Senior Embedded Software Architect                 +32-16-286540
Essensium/Mind                                     http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium                BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7CB5 E4CC 6C2E EFD4 6E3D A754 F963 ECAB 2450 2F1F

[Buildroot] [PATCH v3 00/22] Automatically produce legal compliance info

[Luca Ceresoli]

Hi Thomas,
thanks for reviewing these patches.

Thomas De Schampheleire wrote:
> Hi Luca,
...


> I pulled from your branch and did some tests with it. Some observations:
>
> - If you start from a clean env without .config, the 'legal-info'
> target does not exist. This is because it's in the 'have-config'
> block. This may make sense, but it would be nice if this were noted
> somewhere (the fact that you have to have a config first).

I reworded the manual this way:
>  To make this easier for you, Buildroot can collect for you some material you
>  will probably need. To produce this material, after you configured Buildroot
>  with +make menuconfig+, +make xconfig+ or +make gconfig+, run:


> - I then created a config, (either with a defconfig (I took pandaboard
> as example) or by just starting 'make menuconfig' and immediately
> saving) and executed 'make legal-info'. Now I got:
>
>>>> busybox 1.20.0 Downloading
> /home/tdescham/repo/contrib/buildroot-import/dl/busybox-1.20.0.tar.bz2:
> No such file or directory
> /home/tdescham/repo/contrib/buildroot-import/dl/busybox-1.20.0.tar.bz2:
> No such file or directory
> make: *** [/home/tdescham/repo/contrib/buildroot-import/output/build/busybox-1.20.0/.stamp_downloaded]
> Error 1
>
> This was fixed by explicitly running 'make dirs'. I think then that
> 'dirs' should be a prerequisite for the legal-info target.

Fixed in v4.

>
> - After that I played a bit by adding legal info to busybox and see
> how legal-info behaved. All was as expected, no comments here.
>
> - Then I tried specifying a proprietary package, and noticed that this
> is case-sensitive PROPRIETARY. Although I understand that this is
> easier, and I am not against keeping this, this fact was not mentioned
> in the docs. In fact, the common license list in usage.txt does not
> specify the PROPRIETARY license at all. I feel that we should mention
> this possibility at least somewhere, either in that using.txt place,
> or in the adding-packages-gentargets.txt file.

I added this to the list of licenses in using.txt:

-* +BSD-2c+: BSD 2-clause license.
+* +BSD-2c+: BSD 2-clause license;
+* +PROPRIETARY+: marks a non-opensource package;
+  Buildroot does not save any licensing info or source code for these packages.

and this to adding-packages-gentargets.txt:

  * +LIBFOO_LICENSE+ defines the license (or licenses) under which the package
    is released.
    This name will appear in the manifest file produced by +make legal-info+.
    If the license is one of those listed in xref:legal-info[],
    use the same string to make the manifest file uniform.
    Otherwise, describe the license in a precise and concise way, avoiding
    ambiguous names such as +BSD+ which actually name a family of licenses.
+  If the root filesystem you generate contains non-opensource packages, you
+  can define their license as +PROPRIETARY+: Buildroot will not save any
+  licensing info or source code for this package.
    This variable is optional. If it is not defined, +unknown+ will appear in
    the +license+ field of the manifest file for this package.

Luca

[Buildroot] [PATCH v3 09/22] manual: add advice about GPL compliance for Buildroot

[Luca Ceresoli]

Thomas De Schampheleire wrote:

> On Mon, May 7, 2012 at 10:12 PM, Luca Ceresoli<luca@lucaceresoli.net>  wrote:
>> Signed-off-by: Luca Ceresoli<luca@lucaceresoli.net>
>> ---
>>   docs/manual/using.txt |   27 +++++++++++++++++++++++++++
>>   1 files changed, 27 insertions(+), 0 deletions(-)
>>
>> diff --git a/docs/manual/using.txt b/docs/manual/using.txt
...
>> +Keep in mind this is only the Buildroot developers' opinion, and you should
>> +consult your legal department or lawyer for any doubt.
>
> I'm not a native English speaker myself, but I would have written 'in
> case of any doubt' instead of 'for any doubt'.

Ok, done in v4.

Does your absence of other comments implies you agree on the rest of this simple
but important patch?

Luca