Red Hat flags OSI offenders on partner site
Users force enlightenment
SaaS data loss: The problem you didn’t know you had
OSCON Sometimes being the open source software leader means distancing yourself from open source claims.
Red Hat has bowed to pressure and improved the way it describes partner software licenses on the Red Hat Exchange (RHX). The licenses of companies such as SugarCRM, Zimbra and Alfresco used to be buried on the RHX site, requiring interested customers to spend considerable time finding the documentation. This hide-the-license policy angered some open source advocates who argued that Red Hat gave the misleading impression that all RHX vendors had Open Source Initiative (OSI)-approved licenses. Now, Red Hat is working to banish broad "open source software" claims from the RHX marketplace.
Earlier this month, we uncovered the RHX issues, and Red Hat took notice. According to sources, Red Hat contacted RHX partners over the past week, asking for clear licensing details for their respective products, noting that RHX had started to receive negative press on the licensing matter.
Red Hat began displaying the new information this weekend. In addition, Red Hat removed a number of "open source software" descriptions from the RHX site, replacing the language on most occasions by characterizing the products as "business solutions."
The RHX controversy bubbled up out of comments made by Red Hat executive and OSI board member Michael Tiemann, who complained that a number of companies were abusing the "open source" label. Some software makers have adopted so-called attribution licenses, which require those who take their code to display the given software maker's logo.
This is a reaction to the growing trend of service providers such as Google and Yahoo! taking open source code, running it on their servers and then failing to release any changes to the code back to the "community." The service providers are able to do this because of an archaic notion of distribution tied to many open source license where running code on a server and delivering a service does not count as distribution, while shipping software on CDs or via downloads does.
The OSI has yet to approve an attribution-style license, which puts companies such as SugarCRM and Centric CRM, who have their own licenses, in the non open source/badgeware camp, according to Tiemann and others.
Despite its self-proclaimed position as the shepherd of open source software, Red Hat did the OSI camp few favors when it launched RHX in May. Red Hat grouped all of the software partners under the open source software umbrella and hid companies' licensing information. (RHX is billed as a one-stop-shop for small- to medium-sized businesses to pick up popular applications and Red Hat-led support.)
Red Hat's stance put Tiemann, also with OSI, in an awkward position. To the executive's credit, he asked that Red Hat do more with the RHX site.
The company responded to the request in short order.
You'll now find SugarCRM's licensing policy, for example, described in simple terms. "This license is not Open Source Initiative Approved," the RHX page says. "The license allows redistribution, but only if certain attribution requirements are met."
Most of the licensing language is remarkably clear.
"We're being a lot more forthcoming with disclosing and actually educating our customers about what exactly the license is," Donald Fischer, VP of online services at Red Hat, told us today during an interview at the OSCON conference. "We are working on creating human readable license summaries similar to what the Creative Commons has done.
"We did not get it all right and have responded to feedback we got from the community."
Does any of this really matter? Well, that's a fair question.
Plenty of people will argue that the OSI is not their lord and master. Companies can ship software and call it open source on their own, especially when they're clearly allowing modification and broad use of their code.
Tiemann, however, counters that clarity is needed in this area to prevent abuse of the open source term, particularly as larger companies such as Oracle begin butting into the open source market with aggressive tactics.
If Red Hat takes its position as the self-proclaimed open source leader seriously, it should be on top of these issues and be consistent. The company appears to have moved toward this goal with the RHX updates. ®
COMMENTS
Disentangling source packages vs. binary packages vs. support contracts
Greg's original post had claimed that RHEL "requires a subscription to the closed source Red Hat Network update system". Nope. For reasons cited, this is not true: You can get the full distribution at any time in source RPM format (including the two slightly proprietary non-software packages), without any subscription at all. It's on the public ftp site. You can also get the distribution in built binary format (but with substitutes for RH's trademarked logos and artwork) from CentOS and others.
As to one's ability to "get support without RHN": That's something different. Red Hat ties its support contracts to RHN -- but (avoidable) support contracts have nothing to do with whether software is open source or not.
One might ask: Is it lawful to get a copy of the RHEL binary packages as built by Red Hat, Inc. (e.g., copies of the RHEL binary ISOs)? As mentioned, the source packages from which those get build include two trademark-encumbered non-software packages. The process of compiling the binary RPMs puts some of the trademark-encumbered logos and images into sundry binary RPMs thus built. So, some subsets of the full binary RPMs set would be subject to trademark-based restriction, e.g., against _commercial_ redistribution that arguably could create brand confusion. This is probably the biggest reason why, in practice, it's very rare to find RHEL binary ISOs, along with the fact that the publisher would be underwriting huge bandwidth bills without the legal right to charge for access -- and the fact that it make more sense for people wanting RHEL without a support contract to just fetch CentOS.
That aside, to the best of my knowledge, it would be lawful. But nothing requires that anyone offer it to you, just as nothing requires that support be offered a la carte on term to your liking
Rick Moen
rick@linuxmafia.com
Integrity in business
What I'm seeing here is a situation where Red Hat is getting whaled upon by the OS community and is responding by listing the licenses, but not putting any pressure on the vendors to change their own designation of the software as Open Source. That's not really integrity.
shubin, thanks! We're about ready to remodel our master bath. You've really made me feel good about the whole situation. We're tossing between a turn key and doing the general ourselves. At least some of the people are ones we've used in the past.
RE: Bosh.Humbug.
I didn't say you couldn't distribute it - I said you couldn't get support without RHN.
I'd bet my right arm I'm right about that. If I'm not, ok, fine I stand corrected.
Greg
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
