Enterprises, licensing, and belgium-holes



  • At our company, whenever we wish to introduce some kind of new software, it must go through a process where our legal department reviews it. They review the EULA and any licenses or contracts associated with buying/using it, which I am sure is not unlike most other large companies out there.

    Recently, there have been rumbles about using more Linux-based OSes in our company. Since A) I like Linux and B) I think "man, it would be easy to do this on Linux" to myself sometimes, I began the process to introduce CentOS to our department (which would, naturally, be the first group to get at any new software or hardware). At that moment, I didn't feel that buying a RHEL license was necessary since that involves (only a little) money which makes the whole process far more arduous, and CentOS is effectively the same thing.

    CentOS derives its name from Community ENTerprise Operating System, which makes sense as it is really the same as Red Hat Enterprise Linux. The EULA for CentOS is short, but contains one particularly pernicious line:

    Individual packages in the distribution come with their own licences.

    Wonderful. I ran a command to filter through the output of rpm on a CentOS 7 install on my home server and came up with 71 DIFFERENT LICENSES in a STOCK INSTALL of CentOS. Many of them are basically "BSD with more BS" and "GPLv2+ with restrictions". Regardless, this will not fly with our legal department and is a :barrier: to getting this introduced.

    Incredulous, I took to the #centos official IRC channel in search of some FOSS master who could guide me in the right direction on this. I politely asked my question (several times, as I expected) and finally stirred up some discussion. It ended on "you can't take no for an answer and I am your stereotypical arrogant power user asshat that needs to be a dick to everyone". It's not that I can't take "no" for an answer, it's that I don't understand why a community with users so overly concerned about licenses that is developing an "Enterprise" OS has none of the following:

    • Official list of licenses used by the default packages
    • Licensing standard (i.e. "Your software must be released under the GPL or a compatible license")
    • One True License(tm) under which all RPMs are released.

    Some "enterprise" OS.
    :facepalm:



  • WTF. I thought the whole point of enterprise friendly CentOS and its limited package repository is to figure that shit out.



  • Me too! That's what upstream (RHEL) has, but I can't base my job security on "well this thing that's pretty closely related does it this way so I guess CentOS does too..." As there is NO official documentation of CentOS' licensing standards or requirements!



  • I guess if you're big enough to worry about licenses, they expect you're big enough to fork out $$$ for the RedHat proper.



  • If you're big enough to require the "Entrerpriseyness" of CentOS then you probably can fork over the cash for RHEL, which (I think) is a bizarre assumption for an entire project to make.



  • @rc4 said:

    Regardless, this will not fly with our legal department and is a :barrier: to getting this introduced.

    Isn't that what the lawyers get paid big bucks for? Make them go through all 71 and see if they're ok.



  • They also have the option to say "no" ;)

    Plus, I don't know if it's a comprehensive list. It's also unofficial; I really don't want to risk my job for it.



  • I was half kidding. But seriously, think about it -- if your company bought some kind of software package that had 71 components to it, wouldn't they expect you to learn them all to be able to support it? Wouldn't that be part of your job? :-)



  • Bug report: words aren't censored in notifications:

    Should I meta.derp?



  • @rc4 said:

    They also have the option to say "no" ;)

    Plus, I don't know if it's a comprehensive list. It's also unofficial; I really don't want to risk my job for it.

    Have you tried lying.

    Oooooooooooooooohhhhh you could create a fork and patch the license!



  • @DogsB said:

    Oooooooooooooooohhhhh you could create a fork and patch the license!

    Pfft. I barely have time to breathe, let alone compile OSS!



  • I noticed that. Doesn't do it in the URL either...


  • I survived the hour long Uno hand

    Huuuuuh. Didn't it used to completely remove Belgium from the URL as part of the censoring? Or is my mind just being misremberered by people who put the boxes into the titles by hand?



  • I don't know, although that is the behavior I'd expect from it.



  • @izzion said:

    Huuuuuh. Didn't it used to completely remove Belgium from the URL as part of the censoring? Or is my mind just being misremberered by people who put the boxes into the titles by hand?
    It was berenstein bears all along!



  • @rc4 said:

    I noticed that. Doesn't do it in the URL either...

    Great, now SonicWall is going to trip on belgium in the url. =(



  • Wait, so "B e l g i u m" is a dirty word for Dischorse?



  • It was a test done by (iirc) @PJH of Discourse's word filter, and it stuck. We don't take too kindly to Be<!-- -->lgium 'round these parts.



  • @rc4 said:

    We don't take too kindly to Be<just about anything here will do, really>lgium 'round these parts.

    But as you can see it's not exactly hard to bypass the filter :laughing:.



  • Yes, there are several ways of doing it ;) but they only work on our "special" install (or any other that is configured to allow all these additional formatting syntaxes, at least...)



  • @rc4 said:

    If you're big enough to require the "Entrerpriseyness" of CentOS then you probably can fork over the cash for RHEL, which (I think) is a bizarre assumption for an entire project to make.

    But a profitable one for Red Hat Software... maybe they somehow managed that?



  • @rc4 said:

    but they only work on our "special" install (or any other that is configured to allow all these additional formatting syntaxes, at least...)

    I thought that was the standard Discourse syntax...



  • Seeing as CentOS was independent for a decade before getting Red Hat's stamp of approval I doubt that's the case.



  • I don't think HTML comments worked on meta.d, but I could be wrong...


  • sockdevs

    @rc4 said:

    If you're big enough to require the "Entrerpriseyness" of CentOS then you probably can fork over the cash for RHEL,

    just because you can doesn't mean that the beancounters will let you, or that if the beancutters let you your boss will leave your budget alone and not, for example, quietly spend your budget on some pet project and tell you that the money isn' t there for maintenance this year for rasins.



  • It's easy enough to type Bel­gium without any HTML comments. It's (slightly) harder to write B­elgiu­m, though.



  • @rc4 said:

    I don't think HTML comments worked on meta.d, but I could be wrong...

    You should post a bug about that on meta.d...



  • Don't forget e­lgiu!


  • :belt_onion:

    Not that forking out the cash for RHEL would particularly help. The individual packages still have their own licenses.

    This issue is the same for pretty much any medium to large software product. Software contains components sourced from third parties and the licenses of such components are cumulative--you are generally restricted to the intersection of behavior permitted by each license, modulo lawyer mumble mumble.

    So it's apparently too much to expect lawyers practicing in license review to understand this?



  • @Greybeard said:

    So it's apparently too much to expect lawyers practicing in license review to understand this?

    Yes.

    I mean, you're preaching to the choir. But for me, at least, Red Hat has officially documented which licenses are included in the default packages and most of them (90%+) are GPL or MIT.

    Plus HP, our hardware vendor, offers official support for RHEL.


  • Discourse touched me in a no-no place

    @slavdude said:

    Wait, so "B e l g i u m" is a dirty word for Dischorse?

    https://what.thedailywtf.com/t/enlisted/50860/33?u=pjh




Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.