## gitguide-hdhoang

Showing 32 commits
Ancestor: 85bbbf1ec649
19 files changed with 1345 insertions and 0 deletions:
bin+new file
 new file 100644 1 % Copyright (C) 2018, Bradley M. Kuhn  2 % License: CC-BY-SA-4.0  3 4 \documentstyle[twocolumn]{article}  5 \pagestyle{empty}  6 \begin{document}  7 8 %don't want date printed  9 \date{}  10 11 %make title bold and 14 pt font (Latex default is non-bold, 16 pt)  12 13 \title{\Large\bf A Comprehensive Consideration of Installation Requirements of the GPL}  14 15 %for two authors (this is what is printed)  16 17 \author{\begin{tabular}[t]{c@{\extracolsep{8em}}c@{\extracolsep{8em}}c}  18  Bradley M. Kuhn & Behan Webster \\  19  Software Freedom Conservancy, Inc. & Converse In Code  20 \end{tabular}  21 }  22 23 \thispagestyle{empty}  24 25 \maketitle  26 27 \subsection*{\centering Abstract}  28 29 The GNU General License (GPL'') is the most widely used \textit{copyleft}  30 license for software. Copyleft licenses function as copyright license in  31 atypical manner: rather than restricting permission to copy, modify and  32 redistribute the software, copyleft licenses encourage and enable such  33 activities. However, these license have strict requirements that mandate  34 further software sharing by enabling downstream users to easily improve,  35 modify, and upgrade the copylefted software on their own.  36 37 GPL has two versions in common use: version 2 (GPLv2'') and version 3  38 (GPLv3''). Both versions require those who redistribute the software to  39 provide information related to the installation of software modified by  40 downstream. These installation requirements, however, differ somewhat in  41 their details. While some business practices around license compliance  42 efforts have reached adequate sophistication to address simpler compliance  43 problems, firms have generally given inadequate attention to the installation  44 requirements of both common versions of GPL\@. Misunderstanding of these  45 clauses is often common, and violations related to installation instructions  46 remain prevalent.  47 48 Furthermore, perceived differences in the requirements, and lack of rigorous  49 study of the Installation Information requirements of GPLv3\S6 has allowed  50 rumor and impression, rather than a textually grounded adherence to the  51 written rules, to govern industry response in adoption of software licensed  52 under GPLv3. The resulting scenario often causes redistributors to assume  53 the GPLv2 has \textbf{no} requirements regarding installation information,  54 and that GPLv3's requirements in this regard are impossible to meet,  55 particularly in security-conscious embedded products.  56 57 This paper explores the installation provisions of both common versions of  58 GPL, discusses historical motivations and context for each, and suggests best  59 practices regarding installation information for firms that redistribute  60 software under both licenses.  61 62 \section{Introduction}  63 64 Free, Libre and Open Source (FLOSS'') licenses are typically categorized as  65 either copyleft or non-copyleft licenses. The license compliance demands of  66 most non-copyleft licenses typically center purely around issues of author  67 attribution, and thus are straightforwardly addressed by license compliance  68 programs such as OpenChain and SPDX, which focus on the details of properly  69 annotating licensing information for software in the supply-chain to assure  70 proper downstream license and related author credit notification.  71 72 Copyleft licenses do indeed require proper downstream license and credit  73 notification, and thus we can broadly model copyleft license requirements as  74 a proper superset of those requirements of non-copyleft licenses. The  75 compliance subset of license annotation is a well-studied problem, and many  76 automation tools exist and remain under active development to assist in these  77 aspects of compliance. Unfortunately, the nascent state of industry  78 compliance efforts currently means that firms are often ill-equipped to  79 handle the additional requirements of copyleft licenses.  80 81 In particular, software copyleft licenses are specifically designed to  82 promulgate a transparent agenda to champion the rights of downstream users to  83 effectively and easily copy, modify, reinstall and redistribute the software  84 both commercially and non-commercially. Proper verification of source code  85 for license compliance generally cannot be automated. Indeed, given that  86 program equivalence (often colloquially called the Halting Problem'') was  87 mathematically proven as an undecidable problem in the computing subfield of  88 Theory of Computation, we know that a generalized solution that shows  89 specific source code corresponds to a specific set of binaries remains  90 unsolvable in the general case.  91 92 We do expect automation tools that approximate solutions for the specific  93 cases of most interest to adopter of copylefted software to eventually exist.  94 Currently, much research and industry attention has turned toward the  95 software engineering problem of reproducible builds''. We find this area  96 of endeavor directly applicable to the requirements of copyleft license  97 compliance, and believe that reproducible build techniques will eventually  98 become as common for compliance with source code provisioning terms of  99 FLOSS licenses as SPDX and OpenChain are for the license notice and  100 attribution requirements are today.  101 102 However, even that solution, when it exists, will not fully satisfy the goals  103 of many firms. Frankly, most firms do not share the idealistic goals of  104 software freedom activists who design copyleft licenses. These activists  105 seek to defends the rights of software users by creating copyleft licenses  106 that mandate source code provisioning, which include the rights to modify and  107 install modified versions of the software. However, in what the inventor of  108 copyleft, Richard M.~Stallman, called pragmatic idealism'', copyleft  109 licenses make reasonable trade-offs regarding how much disclosure is required  110 to downstream. While conventional wisdom often considered copyleft licenses  111 to contain substantial and complicated requirements, ultimately the  112 requirements are substantially more permissive than most industry-standard  113 proprietary licenses, which often complete prohibit redistribution of the  114 software and disclose absolutely no source code. Copyleft licenses typically  115 make a clear compromise between maximal software freedom for the downstream  116 recipient and permission for firms to distribute proprietary software in  117 aggregation with copylefted software.  118 119 By way of hypothetical counterexample, consider this possible copyleft''  120 license that one might create:  121 122 \begin{quotation}  123  \begin{center}  124  {\Large The Unreasonably Overly Broad Copyleft License}  125  If you distribute this software in any form, you agree to publicly release  126  the complete source code of all software that you and your successors in  127  interest write, in any form, for perpetuity.  128 \end{quotation}  129 130 Besides likely being unenforceable for various reasons, firms would quickly  131 ban all software under this license, and ban all employees from ever using  132 such software at home or work. A highly broad license of this nature, even  133 if succeeded in the very short term in a few instances, would fail long-term  134 to reach the long term goal of maximizing software freedom for users.  135 Copyleft, therefore, must find a balance between two competing goals:  136 137 \begin{itemize}  138 139 \item Ensure the rights to copy, share, modify, redistribute,  140  and reinstall the software for downstream users.  141 142 \item Entice firms that do not seek the same goals as the activists to adopt,  143  share and improve the copylefted software to assure its promulgation.  144 \end{itemize}  145 146 In essence, much FLOSS licensing balances these competing goals.  147 Non-copyleft licenses favor the latter much more than the former, and  148 copyleft licenses seek to create an optimal policy between the maximal  149 software freedom'' vs. adoption and popularity'' dichotomy, to assure that  150 in the long term, users have these specific rights, but also allow for short  151 term interest of firms and individuals alike who may not share the software  152 freedom activist perspective.  153 154 \section{Historical Background}  155 156 Despite the awareness of copyleft activists, the adoption of copyleft  157 licenses has been wrought with acrimony and accusation. To our knowledge,  158 there are no specific empirical studies of attitudes and reasoning why firms  159 initially rejected copyleft (and that some still do). However, consideration  160 of anecdotes can illuminate study of the reasons why confusion exists  161 regarding copyleft licensing requirements in general, and in particular  162 (which will be the focus of this article) the installation requirements of  163 the GNU General Public License (GPL'').  164 165 The Free Software Foundation (FSF''), which is the license steward for all  166 existing versions of the GPL, was the first to license software under GPL\@.  167 Released in 1991, GPLv2 came into wide use by other software authors,  168 including those of Linux. During the 1990s, the alternative body of software  169 released under GPLv2 gained slow but steady adoption, until major firms could  170 no longer ignore it.  171 172 In 2001, Microsoft launched a series of political attacks against the GPL\@.  173 Over a period of months, various Microsoft executives called the GPL  174 unAmerican'' and a cancer'' on the software industry. This was the first  175 time most in the industry had ever heard of the GPL, and the rhetoric created  176 the expected fervor.  177 178 The industry context of the time was the growing adoption of GPL'd software,  179 and Linux, in particular, by firms. While Microsoft was not the first to  180 draw negative attention to GPL's copyleft provisions, but sadly the  181 misunderstandings launched in these attacks remain with us today.  182 183 Adoption of FLOSS grew quickly in the last two decades. License compliance  184 and FLOSS supply-chain adoption techniques have become essential components  185 of most large firms along with this adoption. However, these tools and  186 procedures have focused on the straightforward problems of license notice,  187 attribution, and supply-chain FLOSS inclusion discovery techniques. The  188 finer points of copyleft license compliance, particularly source code  189 provisioning and installation requirements of GPL, remain often  190 misunderstood, and sometimes outright ignored.  191 192 Historically, firms have often reacted to the two popular versions of the GPL  193 in the same pattern. During the feverish anti-copyleft rhetoric of the  194 1990s, firms widely considered the GPLv2 as a toxic license they could not  195 abide. Eventually, executives and lawyers at major firms learned what their  196 engineers often already knew: that GPLv2 was not unreasonable, its  197 requirements were well understood and could be respected by businesses that  198 produced both FLOSS and proprietary products.  199 200 We now see the same process happening, albeit much more slowly, with GPLv3.  201 We hear rhetoric drawing attention to perceived differences between GPLv2's  202 and GPLv3's requirements, which seem untenable to firms, some of whom  203 maintain GPLv2'd forks of projects that have moved on to the  204 GPLv3-or-later'' upstream.  205 206 \end{document}
 new file 100644 1 # Makefile for Presentation  2 #  3 # You can change the PRESENTATION_BASE below, or if you like, or set it as  4 # an environment variable before you type make.  5 6 ifndef PRESENTATION_BASE  7 PRESENTATION_BASE=violation-intro  8 endif  9 10 DO_INCREMENTAL_POINTS = -i -s  11 12 13 # This should be the path to your checkout of the repository. Under that  14 # directory, you must have a checkout of /Admin/Forms/TeX.  15 16 PATH := $(PATH):/usr/share/tex4ht  17 18 19 PANDOC=/usr/bin/pandoc  20 TEX4HT=tex4ht  21 T4HT=t4ht  22 PDFLATEX = pdflatex  23 LATEX = /usr/bin/latex  24 BIBTEX = bibtex  25 FIG2DEV = fig2dev  26 DVIPS=/usr/bin/dvips  27 28 PDF_FIGS = ui/conservancy/logo.pdf  29 EPS_FIGS = ui/conservancy/logo.eps  30 31 all: err$(PRESENTATION_BASE).ps $(PRESENTATION_BASE).html  32 all:$(PRESENTATION_BASE).html  33 34 .SUFFIXES: .fig .postscript .eps .pdf .pstex_t .pstex .ps .dvi .tex  35 36 .postscript.pdf:  37  ps2pdf $<$@  38 39 .postscript.eps:  40  ps2epsi $<$@  41 42 .dvi.ps:  43  $(DVIPS)$< -o $@  44 45 .tex.dvi:  46 $(LATEX) $<  47 48 .fig.pdf:  49 $(FIG2DEV) -L pdf -p "portrait" -c $< >$@  50 51 .fig.pstex_t:  52  $(FIG2DEV) -L pstex_t$< > $@  53 54 .fig.pstex:  55 $(FIG2DEV) -L pstex $< >$@  56 57 $(PRESENTATION_BASE).tex:$(PDF_FIGS) $(PRESENTATION_BASE).md  58 $(PANDOC) -S -s -f markdown -t latex $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).tex  59 60 $(PRESENTATION_BASE).pdf:$(PRESENTATION_BASE).tex $(PDF_FIGS)  61 $(PANDOC) -S -s -f markdown -t latex $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).tex  62  $(PDFLATEX)$(PRESENTATION_BASE).tex  63  $(PDFLATEX)$(PRESENTATION_BASE).tex  64 65 $(PRESENTATION_BASE).html:$(PRESENTATION_BASE).md  66  $(PANDOC)$(DO_INCREMENTAL_POINTS) -s -S --template ./ui/conservancy/pandoc-s5-template.html -f markdown -t s5 $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).html  67 68 $(PRESENTATION_BASE).dvi:$(PRESENTATION_BASE).tex $(EPS_FIGS)  69 $(LATEX) $(PRESENTATION_BASE).tex  70 $(LATEX) $(PRESENTATION_BASE).tex  71 72 clean:  73  /bin/rm -f$(PRESENTATION_BASE).ps $(PRESENTATION_BASE).pdf$(PRESENTATION_BASE).log texput.log $(PRESENTATION_BASE).lg$(PRESENTATION_BASE).tmp $(PRESENTATION_BASE).xref *.4ct *.4tc *.aux *.dvi$(PRESENTATION_BASE)*.html *.idv *.lg *.tmp $(PRESENTATION_BASE).css$(PRESENTATION_BASE).log $(PRESENTATION_BASE).out$(PRESENTATION_BASE)-js.* $(PRESENTATION_BASE).tex  74 75 err: ;$(ERR)  76 77 install: all  78  /usr/bin/rsync -HavP --exclude ui ./ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/  79  -ssh copyleft.org 'mkdir -p /var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/'  80  /usr/bin/rsync -HavP ui/conservancy/ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/  81  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -exec chmod gou+r {} \;'  82  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -type d -exec chmod gou+rx {} \;'  83  ./pres-cmd presentations/20min-violation-intro/cc-by-sa-4-0_88x31.png | Added tip  new file 100644 binary diff not shown presentations/20min-violation-intro/pres-cmd | Added tip  new file 100755 1 #!/bin/sh  2 3 talk=half-day-gpl/violation-intro  4 5 rsync -HavP ./ /home/pres/$talk/  6 rm -rf /home/pres/$talk/ui  7 rsync -HavP ~/talks/ui/ /home/pres/$talk/ui/  8 find /home/pres/$talk -exec chmod gou+r {} \;  9 find /home/pres/$talk -type d -exec chmod gou+rx {} \;
 new file 100644 1 % The What and How of GPL Violations  2 % Bradley M. Kuhn & Karen M. Sandler  3 % Tuesday 9 May 2017  4 5 # What's a GPL Violation?  6 7 + GPL (both v2 and v3) require:  8  + The whole work licensed under GPL.  9  + (which means all copyrighted material added must be under  10  GPL-compatible licenses.)  11  + Complete, Corresponding Source (CCS) of that work provided, under GPL.  12 13 + The licenses terminate upon violation …  14  + … thus failure to comply means lost distribution rights.  15  + … enforcement uses this rights termination as leverage to  16  restore compliance.  17 18 # Enforcement is Technical  19 20 + Copyleft's policy goals related to technical acts.  21  + modifying, building, and installing software is a technical process.  22 23 + In embedded systems, this process is rarely straightforward.  24  + GPL's requirements are strict.  25 26 + In enforcement, we talk about “the CCS adequately meeting GPL's requirements”  27 28 # Compliance-Friendly Development  29 30 + Use revision control ...  31  - ... to pull in vendor branch.  32  - ... to tag releases.  33 34 + Avoid "Build Guru" ...  35  - ... by documenting build process.  36  - ... and versioning it, too.  37 38 # GPL Binary Requirements  39 40 (v2 § 3, v3 § 6)  41 42 + Four options:  43  - Source alongside binary (v2/v3).  44  - Offer for source (v2/v3).  45  - Internet side-by-side distribution (v3).  46  - Torrent distribution (v3).  47 48 # Source Alongside Binary  49 50 + Simplest option  51 52 + **Obligations end at distribution time.**  53 54 + Physical media required.  55 56 # Offer For Source  57 58 + Useful if not shipping media already.  59 60 + Lasts three years.  61 62 + Mail fulfillment required (not in v3).  63 64 # Side-By-Side Distribution  65 66 + Not in GPLv2, pedantically speaking.  67 68 + Always been considered compliant for v2.  69 70 + v3 clarifies this.  71 72 # Peer-to-Peer Distribution  73 74 + v2 obviously couldn't consider this.  75 76 + v3 allows distribution of equally seeded source and binary.  77 78 # Preparing Corresponding Source  79 80 (v2 § 3, v3 § 1)  81 82 + Make sure all sources are present.  83  - revision system helps a lot here.  84 85 + Build scripts  86  - make sure someone skilled in art can build it.  87 88 # Termination  89 90 (v2 § 4, v3 § 8)  91 92 + v2 is automatic and permanent.  93 94 + v3 has auto-reinstatement.  95  - 60 day self-correction timeout.  96  - 30 day penalty-less after notice.  97 98 + Usually, you need copyright holder to reinstate.  99 100 # Actual Enforcement  101 102 + [*The Principles of Community-Oriented GPL Enforcement* at sfconservancy.org/linux-compliance/principles.html](https://sfconservancy.org/linux-compliance/principles.html).  103 104 + Send a Letter, carefully finding right person.  105 106 + Communication is key.  107 108 + Ask for CCS candidates.  109 110 111 # The "Rounds"  112 113 + Ideally (it's only happened to me twice) the first source release is  114  perfect.  115  + but we don't live in an ideal world.  116 117 + The worst we've ever experienced is 22 rounds.  118 119 + We send detailed reports.  120 121 # More Info / Talk License  122 123   124 125 + Specific Sections of Copyleft Guide relating to these topics:  126  - [GPLv2 §4: Termination on Violation](https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-510007.1)  127  - [GPLv3 §7: Understanding License Compatibility](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-850009.10)  128  - [GPLv3 §8: A Lighter Termination](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-860009.11)  129  - [A Practical Guide to GPL Compliance](https://copyleft.org/guide/comprehensive-gpl-guidech14.html)  130   131 

 132 

 new file 100644 1 # Makefile for Presentation  2 #  3 # You can change the PRESENTATION_BASE below, or if you like, or set it as  4 # an environment variable before you type make.  5 6 ifndef PRESENTATION_BASE  7 PRESENTATION_BASE=specific-sections  8 endif  9 10 DO_INCREMENTAL_POINTS = -i -s  11 12 13 # This should be the path to your checkout of the repository. Under that  14 # directory, you must have a checkout of /Admin/Forms/TeX.  15 16 PATH := $(PATH):/usr/share/tex4ht  17 18 19 PANDOC=/usr/bin/pandoc  20 TEX4HT=tex4ht  21 T4HT=t4ht  22 PDFLATEX = pdflatex  23 LATEX = /usr/bin/latex  24 BIBTEX = bibtex  25 FIG2DEV = fig2dev  26 DVIPS=/usr/bin/dvips  27 28 PDF_FIGS = ui/conservancy/logo.pdf  29 EPS_FIGS = ui/conservancy/logo.eps  30 31 all: err$(PRESENTATION_BASE).ps $(PRESENTATION_BASE).html  32 all:$(PRESENTATION_BASE).html  33 34 .SUFFIXES: .fig .postscript .eps .pdf .pstex_t .pstex .ps .dvi .tex  35 36 .postscript.pdf:  37  ps2pdf $<$@  38 39 .postscript.eps:  40  ps2epsi $<$@  41 42 .dvi.ps:  43  $(DVIPS)$< -o $@  44 45 .tex.dvi:  46 $(LATEX) $<  47 48 .fig.pdf:  49 $(FIG2DEV) -L pdf -p "portrait" -c $< >$@  50 51 .fig.pstex_t:  52  $(FIG2DEV) -L pstex_t$< > $@  53 54 .fig.pstex:  55 $(FIG2DEV) -L pstex $< >$@  56 57 $(PRESENTATION_BASE).tex:$(PDF_FIGS) $(PRESENTATION_BASE).md  58 $(PANDOC) -S -s -f markdown -t latex $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).tex  59 60 $(PRESENTATION_BASE).pdf:$(PRESENTATION_BASE).tex $(PDF_FIGS)  61 $(PANDOC) -S -s -f markdown -t latex $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).tex  62  $(PDFLATEX)$(PRESENTATION_BASE).tex  63  $(PDFLATEX)$(PRESENTATION_BASE).tex  64 65 $(PRESENTATION_BASE).html:$(PRESENTATION_BASE).md  66  $(PANDOC)$(DO_INCREMENTAL_POINTS) -s -S --template ./ui/conservancy/pandoc-s5-template.html -f markdown -t s5 $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).html  67 68 $(PRESENTATION_BASE).dvi:$(PRESENTATION_BASE).tex $(EPS_FIGS)  69 $(LATEX) $(PRESENTATION_BASE).tex  70 $(LATEX) $(PRESENTATION_BASE).tex  71 72 clean:  73  /bin/rm -f$(PRESENTATION_BASE).ps $(PRESENTATION_BASE).pdf$(PRESENTATION_BASE).log texput.log $(PRESENTATION_BASE).lg$(PRESENTATION_BASE).tmp $(PRESENTATION_BASE).xref *.4ct *.4tc *.aux *.dvi$(PRESENTATION_BASE)*.html *.idv *.lg *.tmp $(PRESENTATION_BASE).css$(PRESENTATION_BASE).log $(PRESENTATION_BASE).out$(PRESENTATION_BASE)-js.* $(PRESENTATION_BASE).tex  74 75 err: ;$(ERR)  76 77 install: all  78  /usr/bin/rsync -HavP --exclude ui ./ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/  79  -ssh copyleft.org 'mkdir -p /var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/'  80  /usr/bin/rsync -HavP ui/conservancy/ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/  81  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -exec chmod gou+r {} \;'  82  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -type d -exec chmod gou+rx {} \;'  83  ./pres-cmd presentations/30min-specific-sections/cc-by-sa-4-0_88x31.png | Added tip  new file 100644 binary diff not shown presentations/30min-specific-sections/pres-cmd | Added tip  new file 100755 1 #!/bin/sh  2 3 talk=half-day-gpl/specific-sections  4 5 rsync -HavP ./ /home/pres/$talk/  6 rm -rf /home/pres/$talk/ui  7 rsync -HavP ~/talks/ui/ /home/pres/$talk/ui/  8 find /home/pres/$talk -exec chmod gou+r {} \;  9 find /home/pres/$talk -type d -exec chmod gou+rx {} \;
 new file 100644 1 % Considering Key Sections of the GPL  2 % Bradley M. Kuhn & Karen M. Sandler  3 % Tuesday 9 May 2017  4 5 6 # Conditional Permissions  7 8 + A copyleft license grants copyright permissions, conditionally.  9 10 + Think of the phrase: “provided that”  11 12 + “provided that”: appears (in some form) only  13 14 + 4 times in GPLv2  15 16 + 9 times in GPLv3.  17 18 # Considering Sections of the GPL  19 20 + GPL interacts extensively with 17 USC§106(2) & 17 USC§106(3)  21 22 + GPL hinges on modification and distribution.  23 24 # Why Permission to Modify?  25 26 + Your new copyrights are your copyrights:  27  + you are fixed it in a tangible medium.  28 29 + Exclusive right of copyright holders:  30  + Control on “preparation of derivative works”  31  + Distribution of the work.  32  + Note the combination of these.  33   34 + Again, see 17 USC§106  35 36 + N.B.: “derivative works” is USA-centric, modify is more international)  37 38 # Modification As a Center Provision  39 40 + GPL's central tenant:  41 42 + You can make a modified version of various types privately as much as you'd like.  43 44 + When you distribute that modified version, you have requirements to meet.  45 46 + Technological considerations dictate necessity of more complex rules for  47 certain types of modifications.  48 49 # GPLv2 § 2(a-b)  50 51   52 

[GPLv2§]2. You may modify your copy or copies of the Program or any  53 portion of it, thus forming a work based on the Program, and copy and  54 distribute such modifications or work under the terms of Section 1 above,  55 provided that you also meet all of these conditions:  56 
 57 
 58 a) You must cause the modified files to carry prominent notices stating  59 that you changed the files and the date of any change.  60 
 61 
 62 b) You must cause any work that you distribute or publish, that in  63 whole or in part contains or is derived from the Program or any  64 part thereof, to be licensed as a whole at no charge to all third  65 parties under the terms of this License.  66 

 67 
 68 69 # GPLv3§5(a-c)  70 71   72 

 73 You may convey a work based on the Program, or the modifications to  74 produce it from the Program, in the form of source code under the  75 terms of section 4, provided that you also meet all of these conditions:  76 
 77 
 78 a) The work must carry prominent notices stating that you modified it, and  79 giving a relevant date.  80 
 81 
 82 b) The work must carry prominent notices stating that it is released under  83 this License and any conditions added under section 7. This requirement  84 modifies the requirement in section 4 to "keep intact all notices".  85 
 86 
 87 c) You must license the entire work, as a whole, under this License to anyone  88 who comes into possession of a copy. This License will therefore apply,  89 along with any applicable section 7 additional terms, to the whole of the  90 work, and all its parts, regardless of how they are packaged. This License  91 gives no permission to license the work in any other way, but it does not  92 invalidate such permission if you have separately received it.  93 

 94 
 95 96 # GPLv2§2¶ penultimates  97 98   99 

 100 These requirements apply to the modified work as a whole. If  101 identifiable sections of that work are not derived from the Program,  102 and can be reasonably considered independent and separate works in  103 themselves, then this License, and its terms, do not apply to those  104 sections when you distribute them as separate works. But when you  105 distribute the same sections as part of a whole which is a work based  106 on the Program, the distribution of the whole must be on the terms of  107 this License, whose permissions for other licensees extend to the  108 entire whole, and thus to each and every part regardless of who wrote it.  109 
 110 
 111 Thus, it is not the intent of this section to claim rights or contest  112 your rights to work written entirely by you; rather, the intent is to  113 exercise the right to control the distribution of derivative or  114 collective works based on the Program.  115 

 116 117 
 118 119 # GPLv3 §0 ¶1-5  120   121 

 122  "Copyright" also means copyright-like laws that apply to other kinds of  123 works, such as semiconductor masks.  124 
 125 
 126  "The Program" refers to any copyrightable work licensed under this  127 License. Each licensee is addressed as "you". "Licensees" and  128 "recipients" may be individuals or organizations.  129 
 130 
 131 To "modify" a work means to copy from or adapt all or part of the work  132 in a fashion requiring copyright permission, other than the making of an  133 exact copy. The resulting work is called a "modified version" of the  134 earlier work or a work "based on" the earlier work.  135 
 136 
 137  A "covered work" means either the unmodified Program or a work based  138 on the Program.  139 

 140 141 # Binaries (Object Code) are Modifications  142 143 + Software that the computer understands is different than software humans  144  read.  145 146 + There is often a process required to modify (and/or translate) the software  147  from human-readable  148  + This process can be done ahead of time.  149 150 + Separation of source and binary create first proprietary software.  151  + GPL uses the fact that binaries are modifications (which are often  152  distribution) to prevent proprietarization.  153 154 # GPLv2 § 3(a-b)  155 156   157 

 158 

[GPLv2§]3. You may copy and distribute the Program (or a work based on it,  159 under Section 2) in object code or executable form under the terms of  160 Sections 1 and 2 above provided that you also do one of the following:  161 
 162 
 163 a) Accompany it with the complete corresponding machine-readable  164 source code, which must be distributed under the terms of Sections  165 1 and 2 above on a medium customarily used for software interchange; or,  166 
 167 
 168 b) Accompany it with a written offer, valid for at least three  169 years, to give any third party, for a charge no more than your  170 cost of physically performing source distribution, a complete  171 machine-readable copy of the corresponding source code, to be  172 distributed under the terms of Sections 1 and 2 above on a medium  173 customarily used for software interchange;  174 

 175 
 176 177 # GPLv3 § 6(a-b)  178 179   180 

 181 [GPLv3 § ] 6. Conveying Non-Source Forms.  182 
 183 
 184 You may convey a covered work in object code form under the terms  185 of sections 4 and 5, provided that you also convey the  186 machine-readable Corresponding Source under the terms of this License,  187 in one of these ways:  188 
 189 
 190 a) Convey the object code in, or embodied in, a physical product  191 (including a physical distribution medium), accompanied by the  192 Corresponding Source fixed on a durable physical medium  193 customarily used for software interchange.  194 
 195 
 196 b) Convey the object code in, or embodied in, a physical product  197 (including a physical distribution medium), accompanied by a  198 written offer, valid for at least three years and valid for as  199 long as you offer spare parts or customer support for that product  200 model, to give anyone who possesses the object code either (1) a  201 copy of the Corresponding Source for all the software in the  202 product that is covered by this License, on a durable physical  203 medium customarily used for software interchange, for a price no  204 more than your reasonable cost of physically performing this  205 conveying of source, or (2) access to copy the  206 Corresponding Source from a network server at no charge.  207 

 208 
 209 210 # GPLv3 § 1 ¶ 1, 4-6  211 212   213 

 214 The "source code" for a work means the preferred form of the work  215 for making modifications to it. "Object code" means any non-source  216 form of a work.  217 
 218 
 219 The "Corresponding Source" for a work in object code form means all the  220 source code needed to generate, install, and (for an executable work) run the  221 object code and to modify the work, including scripts to control those  222 activities. However, it does not include the work's System Libraries, or  223 general-purpose tools or generally available free programs which are used  224 unmodified in performing those activities but which are not part of the work.  225 For example, Corresponding Source includes interface definition files  226 associated with source files for the work, and the source code for shared  227 libraries and dynamically linked subprograms that the work is specifically  228 designed to require, such as by intimate data communication or control flow  229 between those subprograms and other parts of the work.  230 
 231 
 232 The Corresponding Source need not include anything that users  233 can regenerate automatically from other parts of the Corresponding  234 Source.  235 
 236 
 237 The Corresponding Source for a work in source code form is that  238 same work.  239 

 240 
 241 242 # More Info / Talk License  243 244   245 246 + Specific Sections of Copyleft Guide relating to these topics:  247  - [Modified Source and Binary Distribution](https://copyleft.org/guide/comprehensive-gpl-guidech6.html#x9-410005)  248  - [GPLv3 §5: Modified Source](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-780009.8)  249  - [GPLv3 §6: Non-Source and Corresponding Source](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-790009.9)  250 251   252 

 253 

 new file 100644 binary diff not shown
 new file 100644 binary diff not shown
 new file 100644 1 # Makefile for Presentation  2 #  3 # You can change the PRESENTATION_BASE below, or if you like, or set it as  4 # an environment variable before you type make.  5 6 ifndef PRESENTATION_BASE  7 PRESENTATION_BASE=ccs-examples  8 endif  9 10 DO_INCREMENTAL_POINTS = -i -s  11 12 13 # This should be the path to your checkout of the repository. Under that  14 # directory, you must have a checkout of /Admin/Forms/TeX.  15 16 PATH := $(PATH):/usr/share/tex4ht  17 18 19 PANDOC=/usr/bin/pandoc  20 TEX4HT=tex4ht  21 T4HT=t4ht  22 PDFLATEX = pdflatex  23 LATEX = /usr/bin/latex  24 BIBTEX = bibtex  25 FIG2DEV = fig2dev  26 DVIPS=/usr/bin/dvips  27 28 PDF_FIGS = ui/conservancy/logo.pdf  29 EPS_FIGS = ui/conservancy/logo.eps  30 31 all: err$(PRESENTATION_BASE).ps $(PRESENTATION_BASE).html  32 all:$(PRESENTATION_BASE).html  33 34 .SUFFIXES: .fig .postscript .eps .pdf .pstex_t .pstex .ps .dvi .tex  35 36 .postscript.pdf:  37  ps2pdf $<$@  38 39 .postscript.eps:  40  ps2epsi $<$@  41 42 .dvi.ps:  43  $(DVIPS)$< -o $@  44 45 .tex.dvi:  46 $(LATEX) $<  47 48 .fig.pdf:  49 $(FIG2DEV) -L pdf -p "portrait" -c $< >$@  50 51 .fig.pstex_t:  52  $(FIG2DEV) -L pstex_t$< > $@  53 54 .fig.pstex:  55 $(FIG2DEV) -L pstex $< >$@  56 57 $(PRESENTATION_BASE).tex:$(PDF_FIGS) $(PRESENTATION_BASE).md  58 $(PANDOC) -S -s -f markdown -t latex $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).tex  59 60 $(PRESENTATION_BASE).pdf:$(PRESENTATION_BASE).tex $(PDF_FIGS)  61 $(PANDOC) -S -s -f markdown -t latex $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).tex  62  $(PDFLATEX)$(PRESENTATION_BASE).tex  63  $(PDFLATEX)$(PRESENTATION_BASE).tex  64 65 $(PRESENTATION_BASE).html:$(PRESENTATION_BASE).md  66  $(PANDOC)$(DO_INCREMENTAL_POINTS) -s -S --template ./ui/conservancy/pandoc-s5-template.html -f markdown -t s5 $(PRESENTATION_BASE).md -o$(PRESENTATION_BASE).html  67 68 $(PRESENTATION_BASE).dvi:$(PRESENTATION_BASE).tex $(EPS_FIGS)  69 $(LATEX) $(PRESENTATION_BASE).tex  70 $(LATEX) $(PRESENTATION_BASE).tex  71 72 clean:  73  /bin/rm -f$(PRESENTATION_BASE).ps $(PRESENTATION_BASE).pdf$(PRESENTATION_BASE).log texput.log $(PRESENTATION_BASE).lg$(PRESENTATION_BASE).tmp $(PRESENTATION_BASE).xref *.4ct *.4tc *.aux *.dvi$(PRESENTATION_BASE)*.html *.idv *.lg *.tmp $(PRESENTATION_BASE).css$(PRESENTATION_BASE).log $(PRESENTATION_BASE).out$(PRESENTATION_BASE)-js.* $(PRESENTATION_BASE).tex  74 75 err: ;$(ERR)  76 77 install: all  78  /usr/bin/rsync -HavP --exclude ui ./ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/  79  -ssh copyleft.org 'mkdir -p /var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/'  80  /usr/bin/rsync -HavP ui/conservancy/ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/  81  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -exec chmod gou+r {} \;'  82  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -type d -exec chmod gou+rx {} \;'  83  ./pres-cmd presentations/ccs-report-examples/cc-by-sa-4-0_88x31.png | Added tip  new file 100644 binary diff not shown presentations/ccs-report-examples/ccs-examples.md | Added tip  new file 100644 1 % Examples of CCS Reports  2 % Bradley M. Kuhn & Karen M. Sandler  3 % Tuesday 9 May 2017  4 5 # CCS "Round" Reports  6 7 + Evaluate each CCS candidate.  8 9 + Someone "skilled in the art" attempts to build.  10 11 + Detailed notes are sent, asking for new CCS candidate "round".  12 13 + Some anonyomized real world examples.  14 15 # No Build Instructions  16 17   18  The primary issues we found were a dearth of build instructions as well  19  as a complete lack of installation instructions. There was no  20  information that mentioned how one might build each package so we had to  21  guess about which Makefile and/or build script to run for each package.  22  And in many cases it was not possible or straight-forward to build - this  23  must be resolved in the next source candidate.  24 25 # Making General Recommendations  26 27   28  We generally recommend that the source release be a single file (ie. one  29  tarball containing all packages required for the build) that includes a  30  README or similar in the main directory explaining exactly how to build  31  and install all of the packages. See section 21.2 of  32  http://compliance.guide/pristine-example for an excellent example.  33 34 # Suspicious, But Not Captious.  35 36   37  Also, we noticed that some packages mentioned in the "OPEN SOURCE  38  SOFTWARE NOTICE" included with the device (and also downloaded as part of  39  the source release; see  40  Open_Source_Software_Notice_and_Privacy_Policy.pdf ) could not be found  41  in the source release. For example, we found "Software: Samba 3.0.XX" in  42  the notice, but could not find any trace of Samba in the source release.  43  Please ensure that all the software included in the notice is included in  44  the source release as well.  45 46 # Nesting Doll Packages  47 48   49 50  Once extracted, the 3 .rar files above produce the following output  51  files:  52  * busybox-1.21.1.rar  53  * AB_A0101.123.tar.gz  54  * source.rar  55  * a small text file that gives two-word descriptions of the above files  56 57 58 # Actual(ly Trying to) Build  59 60   61 62  This file included no instructions for how one might build it so we  63  tried to run "make" but received the following error:  64 65 $ make  66  .../busybox-1.21.1/scripts/gcc-version.sh: line 11:  67  arm-none-linux-gnueabi-gcc: command not found  68 69 # Toolchain?  70 71 + The toolchain is rarely considered mandatory as part of “the  72  scripts”.  73 74 + Admittedly, it doesn't *control* compilation, it *is* compilation.  75 76 + The script here is explaining precisely what type of toolchain is needed.  77 78 + Something like: “GCC vX built with the following ./configure  79  line” is usually adequate.  80 81 + But including the toolchain is a nice step to make it easy for your users.  82 83 
 84 > the scripts used to **control compilation** and installation of the executable.  85 86 

 87 — GPLv2§3  88 

 89   90 91 # We Guess at Compiler Anyway  92 93 
 94  So we searched for an arm-none-linux-gnueabi- cross-compiler in the  95  other files but could not find one. We then tried to use our own (be  96  editing the PATH appropriately), which did get us past this error. Note  97  that this is not acceptable in a source release - the cross-compiler  98  that a user must use needs to be clearly indicated (name, version, etc.)  99  and/or included with the source release.  100 101 # Feedback on Small Problems  102 103 
 104 105  Once we had the custom cross-compiler configured, we then ran into these  106  errors:  107   108  $make  109  .../busybox-1.21.1/scripts/gen_build_files.sh: Permission denied  110  make: *** [gen_build_files] Error 127  111   112 $ make  113  .../busybox-1.21.1/scripts/mkconfigs: Permission denied  114  make: *** [include/config/MARKER] Error 126  115   116  $make  117  /bin/sh: applets/usage_compressed: Permission denied  118  make[1]: *** [include/usage_compressed.h] Error 126  119  make: *** [applets_dir] Error 2  120   121 $ make  122  .../busybox-1.21.1/scripts/trylink: Permission denied  123  make: *** [busybox_unstripped] Error 126  124   125  In each case, we found the mentioned file and then added executable  126  permissions to it (ie. "chmod u+x scripts/gen_build_files.sh"). This  127  must be fixed in the next source release - please set the executable  128  bits on the above files appropriately in the archive file you  129  distribute.  130 131 # Install Instructions missing  132 133 
 134  After fixing the above, a "busybox" binary was generated. However,  135  there were no instructions to indicate how one might install this binary  136  on the device. Such instructions are required by GPLv2, under which  137  BusyBox is licensed. Please include the instructions in your next  138  source release.  139 140 # Build "Only Seems" To build  141 142 
 143  For the AAB_A0101.123.tar.gz package, we ran "./build.sh", the build  144  took about 140 seconds, which is less than one would expect for building  145  all of the programs listed in the "OPEN SOURCE SOFTWARE NOTICE". The  146  only files we could immediately find that were clearly the result of  147  this "./build.sh" invocation were some kernel image binaries, found in  148  path/path/path/path/path/KERNEL_OBJ . This path was not mentioned at  149  all and we had to guess at where they might be.  150 151 # Maybe Proprietary Kernel Modules?  152 153 
 154  Furthermore, there were no .ko files generated, which is abnormal for a  155  build of the kernel, Linux. Please ensure that all .ko files which are  156  used on the system are generated with "./build.sh" or a similar script.  157 158 # Weird versioning  159 160 
 161 162  * The following libraries have different versions in the firmware than  163  is built from the candidate CCS. Specifically, your candidate CCS  164  contains version "1800", and the firmware has version "2400". Since  165  most of these libraries are licensed under the LGPL, you are required  166  to have the complete, corresponding source present for the correct  167  version as distributed in the firmware. You also must include the  168  "scripts to control compilation and installation of the executable".  169   170  * lib/libgio-2.0.so.0.2400.2  171  * lib/libglib-2.0.so.0.2400.2  172  * lib/libgmodule-2.0.so.0.2400.2  173  * lib/libgobject-2.0.so.0.2400.2  174  * lib/libgthread-2.0.so.0.2400.2  175  * lib/libz.so.1.2.5 (version 1.2.2 is provided in the sources)  176   177 # Weird Build Issues Over Many Candidates  178 179 
 180  You mentioned in your Round 6 commentary that you have corrected the  181  thatlib issues. However, we are unable to see what you mean. There are  182  now two copies of thatlib, one in 2624.7_524/uclinux-rootfs/lib/thatlib/,  183  as well as the one in yourlibs. We aren't sure which one you intend to  184  be built to generate the binaries on the firmware. When we try to build  185  the yourlibs one from scratch, by cleaning the whole area, we get the  186  following build issues. Here's what we did:  187 188 # Getting Really build-technical  189 190 
 191 192  We ran:  193 194  make -C libsrc/thatlib install  195 196  which did not work because of a missing Makefile error. We read the  197  build source and discovered that the Makefile, etc, for that directory  198  is generated by running:  199 200  cd libsrc/thatlib/thatlib-0.9.22_mipsel-uclibc; sh configure_thatlib_mipsel-uclibc  201 202  Once we did that  203 204  make -C libsrc/thatlib install  205 206  worked correctly. The only remaining binaries were in build source and  207  discovered that the Makefile, etc, for that directory is generated by  208  running:  209 210  cd libsrc/thatlib/thatlib-0.9.22_mipsel-uclibc; sh configure_thatlib_mipsel-uclibc  211 212 # Getting Really build-technical  213 214 
 215 216  Once we did that  217 218  make -C libsrc/thatlib install  219 220  worked correctly. The only remaining binaries were in  221  ./libsrc/thatlib/\{YOURLIB_ROOT_DIR\}/ which looks like a build with a  222  misconfigured environment somehow, so we simply removed that  223  directory.  224 225  Then, after running make clean, thatlib failed with the following  226  errors. Random .o/.so files laying around in the thatlib source  227  directory, and then it failing to build correctly after they are  228  removed. If there some set of .so files you claim are not required  229  as part of the C&CS since thatlib is LGPL'd, we understand that, but  230  the rest of the sources must build and install those other .so's.  231  Here's the build error we get in the bdvdlibs version:  232 233 # Getting Really build-technical  234 235 
 236 237  mkdir .libs/libthatlibwm_default.a.tmp  238  (cd .libs/libthatlibwm_default.a.tmp && ar x ../../.libs/libthatlibwm_default.a)  239  mkdir .libs/libthatlibwm_default.a.tmp  240  (cd .libs/libthatlibwm_default.a.tmp && ar x ../../.libs/libthatlibwm_default.a)  241  /opt/toolchains/crosstools_sf-linux-2.6.18.0_gcc-4.2-9ts_uclibc-nptl-0.9.29-20070423_20080702/bin//mipsel-uclibc-  242  ld -o libthatlibwm_default.o -r .libs/libthatlibwm_default.a.tmp/*.o  243  /opt/toolchains/crosstools_sf-linux-2.6.18.0_gcc-4.2-9ts_uclibc-nptl-0.9.29-20070423_20080702/bin//mipsel-uclibc-  244  ld: .libs/libthatlibwm_default.a.tmp/default.o: Relocations in generic ELF (EM: 3)  245  /opt/toolchains/crosstools_sf-linux-2.6.18.0_gcc-4.2-9ts_uclibc-nptl-0.9.29-20070423_20080702/bin//mipsel-uclibc-  246  ld: .libs/libthatlibwm_default.a.tmp/default.o: Relocations in generic ELF (EM: 3)  247  /opt/toolchains/crosstools_sf-linux-2.6.18.0_gcc-4.2-9ts_uclibc-nptl-0.9.29-20070423_20080702/bin//mipsel-uclibc-  248  ld: .libs/libthatlibwm_default.a.tmp/default.o: Relocations in generic ELF (EM: 3)  249  /opt/toolchains/crosstools_sf-linux-2.6.18.0_gcc-4.2-9ts_uclibc-nptl-0.9.29-20070423_20080702/bin//mipsel-uclibc-  250  ld: .libs/libthatlibwm_default.a.tmp/default.o: Relocations in generic ELF (EM: 3)  251  .libs/libthatlibwm_default.a.tmp/default.o: could not read symbols: File in wrong format  252  make[4]: *** [libthatlibwm_default.o] Error 1  253 254 # Proprietary Linux Modules Are Everywhere  255 256 
 257  We did find one .ko file that was already included in the package, but  258  wasn't built when we ran "./build.sh". This is  259  path/path/android_X.X/device/device-type/mydevice.ko , which notes that  260  its license is "GPL v2" in the modinfo, but for which we could find no  261  source code in the source release. Please ensure that the source code  262  for mydevice.ko is included in the next source candidate.  263 264 # Proprietary Linux Modules Are Everywhere  265 266 
 267 268  * The following files are derivative of the kernel named Linux and  269  therefore covered by the GPL. However, no source code, scripts to  270  control compilation nor installation are included in your CCS  271  candidate:  272  lib/modules/myfilesystem.ko  273  lib/modules/mydevicecontroller.ko  274  lib/modules/myblockdevice.ko  275  lib/modules/mypcicard.ko  276 277 # Non-Technical GPL Compliance Issues  278 279 
 280  Regarding over the air updates: we'd like to see a screenshot or other  281  details documenting what has now been implemented by BestBuy to make  282  sure the offer for source appears to users appropriately after  283  upgrade. There was a consensus reached on the last conference call  284  how this would be done, so we only need follow up and implementation  285  on that.  286 287 288 # Binary Comparison.  289 290 
 291 292  Note that we did not receive a firmware image to compare this with  293  (though we do have the device). Company's website did not appear to  294  have any firmware images available for download. It would be helpful to  295  have such an image for the next CCS check.  296 297  The above source candidate was downloaded from  298  http:///sourcez.company.com/en/search/index.htm?keywords=X1234Y, which  299  was alluded to in Company's 2017-01-18 email to us that said:  300 301  "You can check this website  302  http://sourcez.company.com/en/search/index.htm "  303 304  The email did not mention how to use that website, but we found that by  305  entering "X1234Y" into the top right search box that we could find the  306  source file list.  307 308  Note that the offer for source included in the web UI of the device said  309  to email NAME@COMPANY.com , which is how the above instructions for  310  downloading the source were received.  311 312 # More Info / Talk License  313 314   315 316 + Specific Sections of Copyleft Guide relating to these topics:  317  - [The Pristine Example](https://copyleft.org/guide/comprehensive-gpl-guidech22.html#x29-15900021)  318  - [Details of a Compliant Distribution](https://copyleft.org/guide/comprehensive-gpl-guidech16.html#x21-12700015)  319 320   321 

 322 

 new file 100755 1 #!/bin/sh  2 3 talk=half-day-gpl/ccs-examples  4 5 rsync -HavP ./ /home/pres/$talk/  6 rm -rf /home/pres/$talk/ui  7 rsync -HavP ~/talks/ui/ /home/pres/$talk/ui/  8 find /home/pres/$talk -exec chmod gou+r {} \;  9 find /home/pres/$talk -type d -exec chmod gou+rx {} \; presentations/non-copyright-systems/Makefile | Added tip  new file 100644 1 # Makefile for Presentation  2 #  3 # You can change the PRESENTATION_BASE below, or if you like, or set it as  4 # an environment variable before you type make.  5 6 ifndef PRESENTATION_BASE  7 PRESENTATION_BASE=ccs-examples  8 endif  9 10 DO_INCREMENTAL_POINTS = -i -s  11 12 13 # This should be the path to your checkout of the repository. Under that  14 # directory, you must have a checkout of /Admin/Forms/TeX.  15 16 PATH :=$(PATH):/usr/share/tex4ht  17 18 19 PANDOC=/usr/bin/pandoc  20 TEX4HT=tex4ht  21 T4HT=t4ht  22 PDFLATEX = pdflatex  23 LATEX = /usr/bin/latex  24 BIBTEX = bibtex  25 FIG2DEV = fig2dev  26 DVIPS=/usr/bin/dvips  27 28 PDF_FIGS = ui/conservancy/logo.pdf  29 EPS_FIGS = ui/conservancy/logo.eps  30 31 all: err $(PRESENTATION_BASE).ps$(PRESENTATION_BASE).html  32 all: $(PRESENTATION_BASE).html  33 34 .SUFFIXES: .fig .postscript .eps .pdf .pstex_t .pstex .ps .dvi .tex  35 36 .postscript.pdf:  37  ps2pdf$< $@  38 39 .postscript.eps:  40  ps2epsi$< $@  41 42 .dvi.ps:  43 $(DVIPS) $< -o$@  44 45 .tex.dvi:  46  $(LATEX)$<  47 48 .fig.pdf:  49  $(FIG2DEV) -L pdf -p "portrait" -c$< > $@  50 51 .fig.pstex_t:  52 $(FIG2DEV) -L pstex_t $< >$@  53 54 .fig.pstex:  55  $(FIG2DEV) -L pstex$< > $@  56 57 $(PRESENTATION_BASE).tex: $(PDF_FIGS)$(PRESENTATION_BASE).md  58  $(PANDOC) -S -s -f markdown -t latex$(PRESENTATION_BASE).md -o $(PRESENTATION_BASE).tex  59 60 $(PRESENTATION_BASE).pdf: $(PRESENTATION_BASE).tex$(PDF_FIGS)  61  $(PANDOC) -S -s -f markdown -t latex$(PRESENTATION_BASE).md -o $(PRESENTATION_BASE).tex  62 $(PDFLATEX) $(PRESENTATION_BASE).tex  63 $(PDFLATEX) $(PRESENTATION_BASE).tex  64 65 $(PRESENTATION_BASE).html: $(PRESENTATION_BASE).md  66 $(PANDOC) $(DO_INCREMENTAL_POINTS) -s -S --template ./ui/conservancy/pandoc-s5-template.html -f markdown -t s5$(PRESENTATION_BASE).md -o $(PRESENTATION_BASE).html  67 68 $(PRESENTATION_BASE).dvi: $(PRESENTATION_BASE).tex$(EPS_FIGS)  69  $(LATEX)$(PRESENTATION_BASE).tex  70  $(LATEX)$(PRESENTATION_BASE).tex  71 72 clean:  73  /bin/rm -f $(PRESENTATION_BASE).ps$(PRESENTATION_BASE).pdf $(PRESENTATION_BASE).log texput.log$(PRESENTATION_BASE).lg $(PRESENTATION_BASE).tmp$(PRESENTATION_BASE).xref *.4ct *.4tc *.aux *.dvi $(PRESENTATION_BASE)*.html *.idv *.lg *.tmp$(PRESENTATION_BASE).css $(PRESENTATION_BASE).log$(PRESENTATION_BASE).out $(PRESENTATION_BASE)-js.*$(PRESENTATION_BASE).tex  74 75 err: ; $(ERR)  76 77 install: all  78  /usr/bin/rsync -HavP --exclude ui ./ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/  79  -ssh copyleft.org 'mkdir -p /var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/'  80  /usr/bin/rsync -HavP ui/conservancy/ copyleft.org:/var/www/presentations/$(PRESENTATION_BASE)/ui/conservancy/  81  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -exec chmod gou+r {} \;'  82  -ssh copyleft.org 'find /var/www/presentations/$(PRESENTATION_BASE) -type d -exec chmod gou+rx {} \;'  83  ./pres-cmd
 new file 100644 binary diff not shown
 new file 100644 1 % GPL's Handling of Non-Copyright Systems  2 % Bradley M. Kuhn & Karen M. Sandler  3 % Tuesday 9 May 2017  4 5 # Non-Copyright Systems  6 7 + Patents, NDAs, & other agreements often impact software.  8 9 + GPL is essentially a copyright license.  10  - so, how does GPL handle these systems?  11 12 + As always, GPL has **conditional** permissions.  13  - some such conditions relate to these other legal regimes.  14 15 + Compliance for these is much more legalistic than technical.  16 17 18 # GPLv2§7  19 20   21 
[GPLv2§]7. If, as a consequence of a court judgment or allegation of patent  22 infringement or for any other reason (not limited to patent issues),  23 conditions are imposed on you (whether by court order, agreement or  24 otherwise) that contradict the conditions of this License, they do not  25 excuse you from the conditions of this License. If you cannot  26 distribute so as to satisfy simultaneously your obligations under this  27 License and any other pertinent obligations, then as a consequence you  28 may not distribute the Program at all. For example, if a patent  29 license would not permit royalty-free redistribution of the Program by  30 all those who receive copies directly or indirectly through you, then  31 the only way you could satisfy both it and this License would be to  32 refrain entirely from distribution of the Program.  33 
 34 
 35 36 # GPLv3 Improvements  37 38 + GPLv3 expands GPLv2§7 into multiple sections.  39 40 + Creates detailed rules.  41  - an improvement  42  - legal compliance analysis is less complicated.  43 44 # Staffing Question  45 46 + In complex environments, both lawyers & developers should analyze  47  compliance obligations.  48 49 + Simple environments (i.e., no actual proprietary components in product),  50  less expertise & cross-disciplinary staff time needed.  51 52 # More Info / Talk License  53 54   55 56 + Specific Sections of Copyleft Guide relating to these topics:  57  - [GPLv2 §7: “Give Software Liberty or Give It Death!”](https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-540007.4)  58  - [GPLv3 §10: Explicit Downstream License](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-880009.13)  59  - [GPLv3 §11: Explicit Patent Licensing](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-890009.14)  60  - [GPLv3 §12: Familiar as GPLv2 §7](https://copyleft.org/guide/comprehensive-gpl-guidech10.html#x13-920009.15)  61 62   63 
 64 
 new file 100755 1 #!/bin/sh  2 3 talk=half-day-gpl/ccs-examples  4 5 rsync -HavP ./ /home/pres/$talk/  6 rm -rf /home/pres/$talk/ui  7 rsync -HavP ~/talks/ui/ /home/pres/$talk/ui/  8 find /home/pres/$talk -exec chmod gou+r {} \;  9 find /home/pres/\$talk -type d -exec chmod gou+rx {} \;