* [meta-oe][PATCH 1/4] libgcc: made libgcc-lic "GPL-3.0-with-GCC-exception" @ 2020-05-26 8:12 Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 2/4] elfutils: made elfutils-lic "GPLv2 | LGPLv3+" Matthias Schoepfer ` (2 more replies) 0 siblings, 3 replies; 12+ messages in thread From: Matthias Schoepfer @ 2020-05-26 8:12 UTC (permalink / raw) To: openembedded-core; +Cc: Matthias Schoepfer From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> libgcc LICENSE_${PN} is "GPL-3.0-with-GCC-exception". If libgcc-lic is not also set to the same license, creating of image with INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 AGPL-3.0" COPY_LIC_MANIFEST = "1" COPY_LIC_DIRS = "1" LICENSE_CREATE_PACKAGE = "1" will fail because libgcc-lic will have incompatible license. Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> --- meta/recipes-devtools/gcc/libgcc.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/gcc/libgcc.inc b/meta/recipes-devtools/gcc/libgcc.inc index 6d48ec9809..2e5b1fe492 100644 --- a/meta/recipes-devtools/gcc/libgcc.inc +++ b/meta/recipes-devtools/gcc/libgcc.inc @@ -35,7 +35,7 @@ PACKAGES = "\ LICENSE_${PN} = "GPL-3.0-with-GCC-exception" LICENSE_${PN}-dev = "GPL-3.0-with-GCC-exception" LICENSE_${PN}-dbg = "GPL-3.0-with-GCC-exception" - +LICENSE_${PN}-lic = "GPL-3.0-with-GCC-exception" FILES_${PN}-dev = "\ ${base_libdir}/libgcc*.so \ -- 2.26.2 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [meta-oe][PATCH 2/4] elfutils: made elfutils-lic "GPLv2 | LGPLv3+" 2020-05-26 8:12 [meta-oe][PATCH 1/4] libgcc: made libgcc-lic "GPL-3.0-with-GCC-exception" Matthias Schoepfer @ 2020-05-26 8:12 ` Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 4/4] libksba: made libksba-lic "GPLv2+ | LGPLv3+" Matthias Schoepfer 2 siblings, 0 replies; 12+ messages in thread From: Matthias Schoepfer @ 2020-05-26 8:12 UTC (permalink / raw) To: openembedded-core; +Cc: Matthias Schoepfer From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> If not set manually to "GPLv2 | LGPLv3+", install of non GPLv3 parts of elfutils will be prevented in a setup that has INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 AGPL-3.0" COPY_LIC_MANIFEST = "1" COPY_LIC_DIRS = "1" LICENSE_CREATE_PACKAGE = "1" set, because during image creation, elfutils-lic will have incompatible license. Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> --- meta/recipes-devtools/elfutils/elfutils_0.179.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/elfutils/elfutils_0.179.bb b/meta/recipes-devtools/elfutils/elfutils_0.179.bb index 1da95ec1de..ea185abd83 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.179.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.179.bb @@ -105,6 +105,7 @@ PACKAGES =+ "${PN}-binutils libelf libasm libdw" # submit patches." LICENSE_${PN}-binutils = "GPLv3+" LICENSE_${PN} = "GPLv3+" +LICENSE_${PN}-lic = "GPLv2 | LGPLv3+" LICENSE_libelf = "GPLv2 | LGPLv3+" LICENSE_libasm = "GPLv2 | LGPLv3+" LICENSE_libdw = "GPLv2 | LGPLv3+" -- 2.26.2 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-05-26 8:12 [meta-oe][PATCH 1/4] libgcc: made libgcc-lic "GPL-3.0-with-GCC-exception" Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 2/4] elfutils: made elfutils-lic "GPLv2 | LGPLv3+" Matthias Schoepfer @ 2020-05-26 8:12 ` Matthias Schoepfer 2020-05-26 8:19 ` [OE-core] " Richard Purdie 2020-05-26 8:12 ` [meta-oe][PATCH 4/4] libksba: made libksba-lic "GPLv2+ | LGPLv3+" Matthias Schoepfer 2 siblings, 1 reply; 12+ messages in thread From: Matthias Schoepfer @ 2020-05-26 8:12 UTC (permalink / raw) To: openembedded-core; +Cc: Matthias Schoepfer From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> With the exception of dumpsexp.c, which is GPLv3, all other parts of libgcrypt are GPLv2+ & LGPLv2.1+, BSD or MIT or other "permissive" licenses. If libgcrypt-lic is not set to "GPLv2+ & LGPLv2.1+", image creation will fail with settings like INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 AGPL-3.0" COPY_LIC_MANIFEST = "1" COPY_LIC_DIRS = "1" LICENSE_CREATE_PACKAGE = "1" Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> --- meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb index 4e0eb0a169..fd40cdcf83 100644 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb @@ -7,6 +7,7 @@ SECTION = "libs" LICENSE = "GPLv2+ & LGPLv2.1+ & GPLv3+" LICENSE_${PN} = "LGPLv2.1+" LICENSE_${PN}-dev = "GPLv2+ & LGPLv2.1+" +LICENSE_${PN}-lic = "GPLv2+ & LGPLv2.1+" LICENSE_dumpsexp-dev = "GPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ -- 2.26.2 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-05-26 8:12 ` [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" Matthias Schoepfer @ 2020-05-26 8:19 ` Richard Purdie 2020-05-26 11:20 ` Matthias Schoepfer 0 siblings, 1 reply; 12+ messages in thread From: Richard Purdie @ 2020-05-26 8:19 UTC (permalink / raw) To: matthias.schoepfer, openembedded-core; +Cc: Matthias Schoepfer On Tue, 2020-05-26 at 10:12 +0200, Matthias Schoepfer via lists.openembedded.org wrote: > From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> > > With the exception of dumpsexp.c, which is GPLv3, all other parts > of libgcrypt are GPLv2+ & LGPLv2.1+, BSD or MIT or other "permissive" > licenses. > > If libgcrypt-lic is not set to "GPLv2+ & LGPLv2.1+", image creation > will > fail with settings like > > INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 > AGPL-3.0" > COPY_LIC_MANIFEST = "1" > COPY_LIC_DIRS = "1" > LICENSE_CREATE_PACKAGE = "1" > > Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> > --- > meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > index 4e0eb0a169..fd40cdcf83 100644 > --- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > @@ -7,6 +7,7 @@ SECTION = "libs" > LICENSE = "GPLv2+ & LGPLv2.1+ & GPLv3+" > LICENSE_${PN} = "LGPLv2.1+" > LICENSE_${PN}-dev = "GPLv2+ & LGPLv2.1+" > +LICENSE_${PN}-lic = "GPLv2+ & LGPLv2.1+" > LICENSE_dumpsexp-dev = "GPLv3+" I don't like this approach at all. Its obviously inconvenient if your image uses only the non-GPLv3 pieces but this doesn't change the fact that the main package license does include GLPv3 and ${PN}-lic is right to include it. You're breaking the metadata to fit your use case for convenience. If you're excluding GPLv3 things from packaging, you could then (and only then) justifiably adjust ${PN}-lic to a different license so the code should be doing that, not changing the underlying metadata to suit you. Cheers, Richard ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-05-26 8:19 ` [OE-core] " Richard Purdie @ 2020-05-26 11:20 ` Matthias Schoepfer 2020-05-26 11:37 ` Adrian Bunk 2020-05-26 11:37 ` Richard Purdie 0 siblings, 2 replies; 12+ messages in thread From: Matthias Schoepfer @ 2020-05-26 11:20 UTC (permalink / raw) To: Richard Purdie, openembedded-core; +Cc: Matthias Schoepfer Hi Richard, On 5/26/20 10:19 AM, Richard Purdie wrote: > On Tue, 2020-05-26 at 10:12 +0200, Matthias Schoepfer via > lists.openembedded.org wrote: >> From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> >> >> With the exception of dumpsexp.c, which is GPLv3, all other parts >> of libgcrypt are GPLv2+ & LGPLv2.1+, BSD or MIT or other "permissive" >> licenses. >> >> If libgcrypt-lic is not set to "GPLv2+ & LGPLv2.1+", image creation >> will >> fail with settings like >> >> INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 >> AGPL-3.0" >> COPY_LIC_MANIFEST = "1" >> COPY_LIC_DIRS = "1" >> LICENSE_CREATE_PACKAGE = "1" >> >> Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> >> --- >> meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb >> b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb >> index 4e0eb0a169..fd40cdcf83 100644 >> --- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb >> +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb >> @@ -7,6 +7,7 @@ SECTION = "libs" >> LICENSE = "GPLv2+ & LGPLv2.1+ & GPLv3+" >> LICENSE_${PN} = "LGPLv2.1+" >> LICENSE_${PN}-dev = "GPLv2+ & LGPLv2.1+" >> +LICENSE_${PN}-lic = "GPLv2+ & LGPLv2.1+" >> LICENSE_dumpsexp-dev = "GPLv3+" > > I don't like this approach at all. Its obviously inconvenient if your > image uses only the non-GPLv3 pieces but this doesn't change the fact > that the main package license does include GLPv3 and ${PN}-lic is right > to include it. You're breaking the metadata to fit your use case for > convenience. > > If you're excluding GPLv3 things from packaging, you could then (and > only then) justifiably adjust ${PN}-lic to a different license so the > code should be doing that, not changing the underlying metadata to suit > you. The question here seems to be, is the GPLv3 License itself GPLv3 licensed. I followed the approach Khem Raj gave me on the yocto mailing list. I do not like the approach either, but lack a better solution. In this very specific package, only one .c file is licensed GPLv3, even the COPYING file claims, everything is GPLv2 and LGPLv2.1+. dumpsexp, the only GPLv3 file, is not even in the package by default. The line LICENSE_${PN} = "LGPLv2.1+" pretty much tells the tale here. Also, LICENSE file states, that there are other licenses also involved, BSD 3 Clause, Public Domain and OCB license... Thanks and Regards, Matthias -- Dr.-Ing. Matthias Schöpfer matthias.schoepfer@googlemail.com ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-05-26 11:20 ` Matthias Schoepfer @ 2020-05-26 11:37 ` Adrian Bunk 2020-05-26 11:37 ` Richard Purdie 1 sibling, 0 replies; 12+ messages in thread From: Adrian Bunk @ 2020-05-26 11:37 UTC (permalink / raw) To: matthias.schoepfer; +Cc: Richard Purdie, openembedded-core, Matthias Schoepfer On Tue, May 26, 2020 at 01:20:50PM +0200, Matthias Schoepfer via lists.openembedded.org wrote: >... > The question here seems to be, is the GPLv3 License itself GPLv3 licensed. >... Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. cu Adrian ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-05-26 11:20 ` Matthias Schoepfer 2020-05-26 11:37 ` Adrian Bunk @ 2020-05-26 11:37 ` Richard Purdie 2020-07-06 16:16 ` Matthias Schoepfer 1 sibling, 1 reply; 12+ messages in thread From: Richard Purdie @ 2020-05-26 11:37 UTC (permalink / raw) To: Matthias Schoepfer, openembedded-core; +Cc: Matthias Schoepfer On Tue, 2020-05-26 at 13:20 +0200, Matthias Schoepfer wrote: > Hi Richard, > > On 5/26/20 10:19 AM, Richard Purdie wrote: > > On Tue, 2020-05-26 at 10:12 +0200, Matthias Schoepfer via > > lists.openembedded.org wrote: > > > From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> > > > > > > With the exception of dumpsexp.c, which is GPLv3, all other parts > > > of libgcrypt are GPLv2+ & LGPLv2.1+, BSD or MIT or other "permissive" > > > licenses. > > > > > > If libgcrypt-lic is not set to "GPLv2+ & LGPLv2.1+", image creation > > > will > > > fail with settings like > > > > > > INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 > > > AGPL-3.0" > > > COPY_LIC_MANIFEST = "1" > > > COPY_LIC_DIRS = "1" > > > LICENSE_CREATE_PACKAGE = "1" > > > > > > Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> > > > --- > > > meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > > > b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > > > index 4e0eb0a169..fd40cdcf83 100644 > > > --- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > > > +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb > > > @@ -7,6 +7,7 @@ SECTION = "libs" > > > LICENSE = "GPLv2+ & LGPLv2.1+ & GPLv3+" > > > LICENSE_${PN} = "LGPLv2.1+" > > > LICENSE_${PN}-dev = "GPLv2+ & LGPLv2.1+" > > > +LICENSE_${PN}-lic = "GPLv2+ & LGPLv2.1+" > > > LICENSE_dumpsexp-dev = "GPLv3+" > > > > I don't like this approach at all. Its obviously inconvenient if your > > image uses only the non-GPLv3 pieces but this doesn't change the fact > > that the main package license does include GLPv3 and ${PN}-lic is right > > to include it. You're breaking the metadata to fit your use case for > > convenience. > > > > If you're excluding GPLv3 things from packaging, you could then (and > > only then) justifiably adjust ${PN}-lic to a different license so the > > code should be doing that, not changing the underlying metadata to suit > > you. > > The question here seems to be, is the GPLv3 License itself GPLv3 > licensed. I followed the approach Khem Raj gave me on the yocto mailing > list. I do not like the approach either, but lack a better solution. In > this very specific package, only one .c file is licensed GPLv3, even the > COPYING file claims, everything is GPLv2 and LGPLv2.1+. > > dumpsexp, the only GPLv3 file, is not even in the package by default. > The line > LICENSE_${PN} = "LGPLv2.1+" > pretty much tells the tale here. > > Also, LICENSE file states, that there are other licenses also involved, > BSD 3 Clause, Public Domain and OCB license... I think we need to be really clear about what the license of ${PN}-lic means. That leads to a really good question, which license is the license text itself under? I've asked this on our licensing list to see if anyone knows. Cheers, Richard ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-05-26 11:37 ` Richard Purdie @ 2020-07-06 16:16 ` Matthias Schoepfer 2020-07-06 16:26 ` Richard Purdie 0 siblings, 1 reply; 12+ messages in thread From: Matthias Schoepfer @ 2020-07-06 16:16 UTC (permalink / raw) To: Richard Purdie, openembedded-core Hi Richard, On 5/26/20 1:37 PM, Richard Purdie wrote: > I think we need to be really clear about what the license of ${PN}-lic > means. > > That leads to a really good question, which license is the license text > itself under? > > I've asked this on our licensing list to see if anyone knows. > > Cheers, > > Richard I do not mean to annoy you by any means, but what is the status here. What would be a good approach? Adrian said, at least GPL License is free to copy and distribute. So another idea would be, to generally whitelist those license packages instead one by one. Regards, Matthias ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-07-06 16:16 ` Matthias Schoepfer @ 2020-07-06 16:26 ` Richard Purdie 2020-07-08 8:19 ` Matthias Schoepfer 0 siblings, 1 reply; 12+ messages in thread From: Richard Purdie @ 2020-07-06 16:26 UTC (permalink / raw) To: Matthias Schoepfer, openembedded-core On Mon, 2020-07-06 at 18:16 +0200, Matthias Schoepfer wrote: > On 5/26/20 1:37 PM, Richard Purdie wrote: > > I think we need to be really clear about what the license of ${PN}-lic > > means. > > > > That leads to a really good question, which license is the license text > > itself under? > > > > I've asked this on our licensing list to see if anyone knows. > > > > Cheers, > > > > Richard > > I do not mean to annoy you by any means, but what is the status here. > What would be a good approach? Adrian said, at least GPL License is free > to copy and distribute. So another idea would be, to generally whitelist > those license packages instead one by one. I did eventually get a response from the people on the SPDX-legal mailing list. There wasn't a 100% clear consensus but for Yocto Project/OE's situation, I think the LICENSE for these packages needs to be: XXX-license-text which for SPDX identifiers would be exported as: LicenseRef-XXX-license-text The idea here is to spell out that it is the license text. People can then process that accordingly in output data from the build system but its clear its different from the license itself. It avoids us making any claims as to what this license actually is, for the FSF licences its relatively clear, for others it may not be. We could factor all of the *GPL licenses into "FSF-license-text" since they're all common as far as I know, but that isn't easily automated so is probably not worth doing. Does that help move things forward? Cheers, Richard ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-07-06 16:26 ` Richard Purdie @ 2020-07-08 8:19 ` Matthias Schoepfer 2020-07-08 9:00 ` Richard Purdie 0 siblings, 1 reply; 12+ messages in thread From: Matthias Schoepfer @ 2020-07-08 8:19 UTC (permalink / raw) To: Richard Purdie, openembedded-core Hi Richard, thanks, that does help maybe a little. Personally, I find the license / compliance topic one of the most annoying things in embedded development *by far*. I also wonder, why nobody else has stumbled across this, since I guess it is quite common to rule out GPLv3, because most project managers I have seen are very worried about this. Nobody (at least not our lawyers can) can say, how you can safely use GPLv3ed software. Starts out with standard template library. It really is only headers. Are they subject to the linking exception? My favorite solution would be to open source everything. But my company does not like this very much... Anyhow: There are 4 recipes affected. These are somewhat special, because GPLv3 is only applicable on certain packages that are not commonly installed on the target. If I got you right, we should set: LICENSE_${PN}-lic = "FSF-license-text" If that is correct, I will happily prepare a patch set... Regards, Matthias On 7/6/20 6:26 PM, Richard Purdie wrote: > I did eventually get a response from the people on the SPDX-legal > mailing list. There wasn't a 100% clear consensus but for Yocto > Project/OE's situation, I think the LICENSE for these packages needs to > be: > > XXX-license-text > > which for SPDX identifiers would be exported as: > > LicenseRef-XXX-license-text > > The idea here is to spell out that it is the license text. People can > then process that accordingly in output data from the build system but > its clear its different from the license itself. It avoids us making > any claims as to what this license actually is, for the FSF licences > its relatively clear, for others it may not be. > > We could factor all of the *GPL licenses into "FSF-license-text" since > they're all common as far as I know, but that isn't easily automated so > is probably not worth doing. > > Does that help move things forward? > > Cheers, > > Richard ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [OE-core] [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" 2020-07-08 8:19 ` Matthias Schoepfer @ 2020-07-08 9:00 ` Richard Purdie 0 siblings, 0 replies; 12+ messages in thread From: Richard Purdie @ 2020-07-08 9:00 UTC (permalink / raw) To: Matthias Schoepfer, openembedded-core On Wed, 2020-07-08 at 10:19 +0200, Matthias Schoepfer wrote: > thanks, that does help maybe a little. Personally, I find the license > / compliance topic one of the most annoying things in embedded > development *by far*. I also wonder, why nobody else has stumbled > across this, since I guess it is quite common to rule out GPLv3, > because most project managers I have seen are very worried about > this. Nobody (at least not our lawyers can) can say, how you can > safely use GPLv3ed software. > Starts out with standard template library. It really is only > headers. headers. > Are they subject to the linking exception? My favorite solution would > be to open source everything. But my company does not like this very > much... > > Anyhow: There are 4 recipes affected. These are somewhat special, > because GPLv3 is only applicable on certain packages that are not > commonly installed on the target. > > If I got you right, we should set: > > LICENSE_${PN}-lic = "FSF-license-text" > > If that is correct, I will happily prepare a patch set... I've been looking at the license.bbclass code for other reasons and it has a few issues. I suspect not many people are actually enabling the separate license packages, I don't think its enabled anywhere in our automated testing either. I think we'll have to have some code which translates "XXX" into "XXX- license-text" for the license of ${PN}-lic. Something like: def convert_to_license_texts(d): licenses = d.getVar("LICENSE") ret = [] for x in licenses.split(): if "|" in x or "&" in x: ret.append(x) else: ret.append(x + "-license-text") return ret.join(" ") LICENSE_${PN}-lic = "${@convert_to_license_texts(d)}" (admittedly completely untested) Ideally we'd have some mapping to convert the GPL/LGPL entries to FSF- license-text and simplify out any |/& expressions but for now the above is probably good enough. Cheers, Richard ^ permalink raw reply [flat|nested] 12+ messages in thread
* [meta-oe][PATCH 4/4] libksba: made libksba-lic "GPLv2+ | LGPLv3+" 2020-05-26 8:12 [meta-oe][PATCH 1/4] libgcc: made libgcc-lic "GPL-3.0-with-GCC-exception" Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 2/4] elfutils: made elfutils-lic "GPLv2 | LGPLv3+" Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" Matthias Schoepfer @ 2020-05-26 8:12 ` Matthias Schoepfer 2 siblings, 0 replies; 12+ messages in thread From: Matthias Schoepfer @ 2020-05-26 8:12 UTC (permalink / raw) To: openembedded-core; +Cc: Matthias Schoepfer From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> If not set manually to "GPLv2+ | LGPLv3+", install of non GPLv3 parts (the library in this case) will be prevented in a setup that has INCOMPATIBLE_LICENSE = "GPLv3 LGPLv3 GPLv3+ LGPLv3+ GPL-3.0 LGPL-3.0 AGPL-3.0" COPY_LIC_MANIFEST = "1" COPY_LIC_DIRS = "1" LICENSE_CREATE_PACKAGE = "1" set, because during image creation, libksba-lic will have incompatible license. Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> --- meta/recipes-support/libksba/libksba_1.3.5.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/libksba/libksba_1.3.5.bb b/meta/recipes-support/libksba/libksba_1.3.5.bb index 336d7f8177..1a8f18a9ef 100644 --- a/meta/recipes-support/libksba/libksba_1.3.5.bb +++ b/meta/recipes-support/libksba/libksba_1.3.5.bb @@ -3,6 +3,7 @@ HOMEPAGE = "http://www.gnupg.org/related_software/libksba/" LICENSE = "GPLv3+ & (GPLv2+ | LGPLv3+)" LICENSE_${PN} = "GPLv2+ | LGPLv3+" LICENSE_${PN}-doc = "GPLv3+" +LICENSE_${PN}-lic = "GPLv2+ | LGPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=fd541d83f75d038c4e0617b672ed8bda \ file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://COPYING.GPLv3;md5=2f31b266d3440dd7ee50f92cf67d8e6c \ -- 2.26.2 ^ permalink raw reply related [flat|nested] 12+ messages in thread
end of thread, other threads:[~2020-07-08 9:00 UTC | newest] Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-05-26 8:12 [meta-oe][PATCH 1/4] libgcc: made libgcc-lic "GPL-3.0-with-GCC-exception" Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 2/4] elfutils: made elfutils-lic "GPLv2 | LGPLv3+" Matthias Schoepfer 2020-05-26 8:12 ` [meta-oe][PATCH 3/4] libgcrypt: made libgcrypt-lic license "GPLv2+ & LGPLv2.1+" Matthias Schoepfer 2020-05-26 8:19 ` [OE-core] " Richard Purdie 2020-05-26 11:20 ` Matthias Schoepfer 2020-05-26 11:37 ` Adrian Bunk 2020-05-26 11:37 ` Richard Purdie 2020-07-06 16:16 ` Matthias Schoepfer 2020-07-06 16:26 ` Richard Purdie 2020-07-08 8:19 ` Matthias Schoepfer 2020-07-08 9:00 ` Richard Purdie 2020-05-26 8:12 ` [meta-oe][PATCH 4/4] libksba: made libksba-lic "GPLv2+ | LGPLv3+" Matthias Schoepfer
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.