I agree. That’s why I said I don’t support RedHat’s choice to close off access to their source to non-customers. RedHat is still complying with their end of the license though, by keeping source access open to the recipients of their binary distribution. This is how Rocky is aiming to maintain 1:1 binary. RedHat is still publishing their Universal Base Image Docker image, so they need to keep source for that open, and Rocky will be using that method to get sources.
My stance is that we as users should be moving on from RedHat and RedHat derivatives, or just pay for RedHat if that’s what we want. Continuing to use derivatives will just convince RedHat we’ll all pay up if they can just get rid of those other options.
Having a prerequisite contract that allows them to punish customers who exercise their rights to the software is not complying with the license. Selling the code is allowed (though if it were written in the modern era where distribution costs are negligible I’m not sure it would be. Predicating distribution on other contracts that limit your rights is not.
You don’t have a right to their sources until they distribute to you. And they have the right to choose to whom they do business (as long as they’re not violatong discrimination laws). If they’ve distributed their product to you they have to give you the source, and they will. And if you distribute that source, they won’t distribute the next release to you, so you won’t have license to those subsequent sources. Compliant with the letter, not the spirit. It’s shitty. And I think we should accordingly not do business with RedHat. That’s what Alma is chosing here, by pivoting to no longer being 1:1 source rebuild distribution. Rocky is trying to hold onto the model that RedHat is trying to kill, by finding ways to still be a non-paying recipient of an RH distribution, requiring they be given access to source. I think we can expect RedHat to try and find a way to cut that off. Then Rocky will either pivot or die. But I wouldn’t want to wait and see and then be screwed. I would want to break all dependence on an entity intent on breaking me. And I’d be wary of recommending Rocky as a migration from CentOS because of RedHat’s actions.
It’s not compliant with the letter. The GPL doesn’t allow you to place other limitations on someone to receive the source. “You have the rights the GPL grants you, but we can punish you for exercising it” is a blatant and egregious breach of the GPL.
They’re not betting that there’s a 1 in a billion chance that they’re right. They know with absolute certainty that they aren’t even in the neighborhood of complying with the license. They’re betting that no one is willing to spend the massive amount of money it would take to punish them for their stolen code.
Just to reiterate, I don’t think RH is in the right here.
They’re “punishing” you by not taking any more of your money for future versions. Maybe we’ll see a court case out of it to settle the question but I doubt it. But consider you are a customer, and you have to ship RH binaries with your application. In order to comply with the license you must also make the source available. RedHat can’t stop you from doing so, they just won’t give you access to any more updates (and stop taking your money). So now you can’t ship security updates to your customer. So now you have a legal liability by being a RedHat customer. Either you fail to comply with GPL yourself for the sake of updates, or you expose your customer to known security risks because you compiled with the GPL. So … why do business with RedHat anymore? Explain this problem to your customers why you can’t certify on RedHat anymore.
“If you distribute the code you’re entitled to distribute we can terminate your contract” is identical to “if you distribute the code you’re entitled to distribute we can charge you money”. They’re additional restrictions that are unconditionally not under any circumstances allowed by the GPL. You cannot restrict redistribution in any way for any reason outside of the GPL terms.
The second you do so, you are no longer covered under the GPL and everything you’re distributing is copyright infringement.
“If you distribute the code you’re entitled to distribute we can terminate your contract” is identical to “if you distribute the code you’re entitled to distribute we can charge you money”
I’m not a lawyer, but I categorically disagree that those two statements are the same. If someone takes RedHat to court and wins, fantastic. But as I’ve said, I wouldn’t make business plans that rely on winning that case.
I agree. That’s why I said I don’t support RedHat’s choice to close off access to their source to non-customers. RedHat is still complying with their end of the license though, by keeping source access open to the recipients of their binary distribution. This is how Rocky is aiming to maintain 1:1 binary. RedHat is still publishing their Universal Base Image Docker image, so they need to keep source for that open, and Rocky will be using that method to get sources.
My stance is that we as users should be moving on from RedHat and RedHat derivatives, or just pay for RedHat if that’s what we want. Continuing to use derivatives will just convince RedHat we’ll all pay up if they can just get rid of those other options.
Having a prerequisite contract that allows them to punish customers who exercise their rights to the software is not complying with the license. Selling the code is allowed (though if it were written in the modern era where distribution costs are negligible I’m not sure it would be. Predicating distribution on other contracts that limit your rights is not.
You don’t have a right to their sources until they distribute to you. And they have the right to choose to whom they do business (as long as they’re not violatong discrimination laws). If they’ve distributed their product to you they have to give you the source, and they will. And if you distribute that source, they won’t distribute the next release to you, so you won’t have license to those subsequent sources. Compliant with the letter, not the spirit. It’s shitty. And I think we should accordingly not do business with RedHat. That’s what Alma is chosing here, by pivoting to no longer being 1:1 source rebuild distribution. Rocky is trying to hold onto the model that RedHat is trying to kill, by finding ways to still be a non-paying recipient of an RH distribution, requiring they be given access to source. I think we can expect RedHat to try and find a way to cut that off. Then Rocky will either pivot or die. But I wouldn’t want to wait and see and then be screwed. I would want to break all dependence on an entity intent on breaking me. And I’d be wary of recommending Rocky as a migration from CentOS because of RedHat’s actions.
It’s not compliant with the letter. The GPL doesn’t allow you to place other limitations on someone to receive the source. “You have the rights the GPL grants you, but we can punish you for exercising it” is a blatant and egregious breach of the GPL.
They’re not betting that there’s a 1 in a billion chance that they’re right. They know with absolute certainty that they aren’t even in the neighborhood of complying with the license. They’re betting that no one is willing to spend the massive amount of money it would take to punish them for their stolen code.
Just to reiterate, I don’t think RH is in the right here.
They’re “punishing” you by not taking any more of your money for future versions. Maybe we’ll see a court case out of it to settle the question but I doubt it. But consider you are a customer, and you have to ship RH binaries with your application. In order to comply with the license you must also make the source available. RedHat can’t stop you from doing so, they just won’t give you access to any more updates (and stop taking your money). So now you can’t ship security updates to your customer. So now you have a legal liability by being a RedHat customer. Either you fail to comply with GPL yourself for the sake of updates, or you expose your customer to known security risks because you compiled with the GPL. So … why do business with RedHat anymore? Explain this problem to your customers why you can’t certify on RedHat anymore.
“If you distribute the code you’re entitled to distribute we can terminate your contract” is identical to “if you distribute the code you’re entitled to distribute we can charge you money”. They’re additional restrictions that are unconditionally not under any circumstances allowed by the GPL. You cannot restrict redistribution in any way for any reason outside of the GPL terms.
The second you do so, you are no longer covered under the GPL and everything you’re distributing is copyright infringement.
I’m not a lawyer, but I categorically disagree that those two statements are the same. If someone takes RedHat to court and wins, fantastic. But as I’ve said, I wouldn’t make business plans that rely on winning that case.