Feeds

Red Hat flags OSI offenders on partner site

Users force enlightenment

7 Elements of Radically Simple OS Migration

OSCON Sometimes being the open source software leader means distancing yourself from open source claims.

Red Hat has bowed to pressure and improved the way it describes partner software licenses on the Red Hat Exchange (RHX). The licenses of companies such as SugarCRM, Zimbra and Alfresco used to be buried on the RHX site, requiring interested customers to spend considerable time finding the documentation. This hide-the-license policy angered some open source advocates who argued that Red Hat gave the misleading impression that all RHX vendors had Open Source Initiative (OSI)-approved licenses. Now, Red Hat is working to banish broad "open source software" claims from the RHX marketplace.

Earlier this month, we uncovered the RHX issues, and Red Hat took notice. According to sources, Red Hat contacted RHX partners over the past week, asking for clear licensing details for their respective products, noting that RHX had started to receive negative press on the licensing matter.

Red Hat began displaying the new information this weekend. In addition, Red Hat removed a number of "open source software" descriptions from the RHX site, replacing the language on most occasions by characterizing the products as "business solutions."

The RHX controversy bubbled up out of comments made by Red Hat executive and OSI board member Michael Tiemann, who complained that a number of companies were abusing the "open source" label. Some software makers have adopted so-called attribution licenses, which require those who take their code to display the given software maker's logo.

This is a reaction to the growing trend of service providers such as Google and Yahoo! taking open source code, running it on their servers and then failing to release any changes to the code back to the "community." The service providers are able to do this because of an archaic notion of distribution tied to many open source license where running code on a server and delivering a service does not count as distribution, while shipping software on CDs or via downloads does.

The OSI has yet to approve an attribution-style license, which puts companies such as SugarCRM and Centric CRM, who have their own licenses, in the non open source/badgeware camp, according to Tiemann and others.

Despite its self-proclaimed position as the shepherd of open source software, Red Hat did the OSI camp few favors when it launched RHX in May. Red Hat grouped all of the software partners under the open source software umbrella and hid companies' licensing information. (RHX is billed as a one-stop-shop for small- to medium-sized businesses to pick up popular applications and Red Hat-led support.)

Red Hat's stance put Tiemann, also with OSI, in an awkward position. To the executive's credit, he asked that Red Hat do more with the RHX site.

The company responded to the request in short order.

You'll now find SugarCRM's licensing policy, for example, described in simple terms. "This license is not Open Source Initiative Approved," the RHX page says. "The license allows redistribution, but only if certain attribution requirements are met."

Most of the licensing language is remarkably clear.

"We're being a lot more forthcoming with disclosing and actually educating our customers about what exactly the license is," Donald Fischer, VP of online services at Red Hat, told us today during an interview at the OSCON conference. "We are working on creating human readable license summaries similar to what the Creative Commons has done.

"We did not get it all right and have responded to feedback we got from the community."

Does any of this really matter? Well, that's a fair question.

Plenty of people will argue that the OSI is not their lord and master. Companies can ship software and call it open source on their own, especially when they're clearly allowing modification and broad use of their code.

Tiemann, however, counters that clarity is needed in this area to prevent abuse of the open source term, particularly as larger companies such as Oracle begin butting into the open source market with aggressive tactics.

If Red Hat takes its position as the self-proclaimed open source leader seriously, it should be on top of these issues and be consistent. The company appears to have moved toward this goal with the RHX updates. ®

Best practices for enterprise data

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
VMware builds product executables on 50 Mac Minis
And goes to the Genius Bar for support
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Microsoft says 'weird things' can happen during Windows Server 2003 migrations
Fix coming for bug that makes Kerberos croak when you run two domain controllers
Cisco says network virtualisation won't pay off everywhere
Another sign of strain in the Borg/VMware relationship?
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?