> playing whack-a-mole with rebuilders
Are they playing whack-a-mole?
Or was this one change that people are arguing (and Red Hat's lawyers seem to think) is within their rights under the GPL ?
It will be whack-a-mole if Red Hat tries to stop supporting VPS instances or stop updating UBI, both of a 1% chance of going away.
I am amazed that multiple OSS lawyers gave you the same answer and you still don't believe them.
> (what Fortune 500 company would like to have their Red Hat servers all go dead because some employee downloaded sources and uploaded them somewhere?)
What does this mean? Are you implying that RHEL has some sort of kill switch per customer embedded in it's source code that someone could exploit? I am not following this train of thought at all.
Losing access to Redhat services won't immediately bring down your servers, but if you are unable to install security updates or new software without switching to a different distro they might be as good as dead.
It's the upstream source, not the source used to build RHEL. RHEL is downstream of CentOS stream. Much like linux kernel's source is available, it does not help you much.
According to Red Hat it is. If you don't believe them you can get a Developer subscription to get a RHEL ISO to compare with a CentOS Stream ISO. I imagine a lot of people, myself included, would be interested in the analysis of that.
So you do that analysis. Two downstream distros of RHEL have said that they cannot continue to offer RHEL rebuilds/updates without substantial changes. That means that it is not possible to use CentOS stream alone to build RHEL packages. You are free to do all the analysis in the world.
It may incidentally be in some cases, but isn't guaranteed to be. Things don't necessarily flow back up from RHEL to CentOS stream, and even if they do in a general sense, it may not be sufficient to build the exact same tag that RHEL uses. Someone else mentioned that they were not able to build RHEL packages from CentOS stream.
Pushing things back to CentOS stream is not a requirement of GPL. GPL's role ends once RHEL customers get the source. Do you mean evidence of CentOS stream not being enough ? The post talks about it. Rocky needs to collate sources from several places now to create 1:1 RHEL rebuilds.
> Do you mean evidence of CentOS stream not being enough ?
I think this is what I mean, yes.
The rhel trees are synced from the centos trees. If centos git trees couldnt build, rhel couldnt build. Afaics the only time this seems to be in conflict is for important and critical cve's , which are built on a rhel specific branch. After package release these branches are merged with centos, and the local rhel branches deleted and business continues as normal.
This is an attempt not to break embargo agreements with researchers who ask for it.
So Red Hat is saying that CentOS Stream is how RHEL is built, you are saying it is not. Can you show the difference in packages from CentOS Stream and RHEL? Rocky says they pull packages from CentOS Stream, and with their project goal remaining 1:1 binary compatibility then that must be the case.
Here's a thought, maybe Red Hat was being honest when they said that they were not under an obligation to make it easy for rebuilders, and that's it? Maybe they weren't out to immediately kill the clones because they know that they can't? We have actually heard very little communication from Red Hat most of it has been speculation from people on what they might or could do, but as you point out there are ways around the changes Red Hat made.
Honestly this from this post Rocky conflicts with the "RHEL is closed source/proprietary/paywalled" narrative that people are trying to push. If RHEL was truly any of those things Rocky wouldn't have been able to continue on, but they were able to quickly find a solution, though to me it seems a bit hacky. If Rocky is pulling packages from the supposedly untested, beta of RHEL CentOS Stream, and UBI and some EC2 instance, why would I use that over something that was build cohesively in one place like Stream?
They are actually under exactly that obligation. It's very explicit in the gpl not only what the terms are, but what their intent is, precisely so that no one can ever claim any other possible interpretation.
But according to Red Hat in the interview linked below all of RHEL is built from CentOS Stream, is having the source code available in CentOS Stream Gitlab not adhering to GPL ?
Nope. Centos Steam is merely upstream of RHEL. GPL stipulates that when you give someone else a binary, you also give them the source to that binary, not something similar.
Isn't that the whole issue here? Customers and people with Developer licenses can get the exact RHEL binaries "behind the paywall". And even then if something is upstream does that not mean that the same code flows down stream?
No. CentOS stream is irrelevant here. RHEL customers cannot meaningfully distribute the sources of RHEL. This has been the issue since the beginning, it's just that RH has tightened the knobs progressively over the years.
RHEL source according to Red Hat is CentOS Stream. If the source of RHEL is CentOS Stream then how is it irrelevant? Red Hat cannot deprive you of your right to sources and to redistribute them under the GPL. But Red Hat can also determine who they want to do business with.
Mike McGrath has been very explicit about this in his comments on the Ask Noah Show podcast episode[1] and a number of responses in the r/Linux subreddit.
All I heard in that segment was Red Hat stopped taking extra steps to debrand and push packages from RHEL, and now clones will have to build their software from CentOS Stream. I did not hear anything about additional actions that Red Hat will take or plans to take. Did I miss something?
The users in question don't want a clone of CentOS Stream, though, they want a replacement for classic CentOS.
Just like users who're choose to run Debian Stable want Debian Stable, not the somewhat stabilised rebuild of a snapshot of Debian Testing that underlies Ubuntu.
(I'm not endorsing any specific set of preferences here and my own are sufficiently complicated they don't really fit in a comment about what sets of preferences -do- exist)
There is no extra effort here. The binary comes from the source. You don't have immaculate conception for RHEL. RHEL uses the source, and use to provide a link to the said source. Now they don't. And nobody is even asking RH to post sources publicly. People will happily take that burden off of them. They don't have to post the source, they can let their customers do so, but they forbid their customers. So this argument fails.
RHEL source according to Red Hat is CentOS Stream. CentOS Stream is publicly available. Red Hat cannot deprive you of your right to sources and to redistribute them under the GPL. But Red Hat can also determine who they want to do business with.
That interpretation of GPL is the main reason for this post. You have not stated anything new here. Your argument started with something about effort and fell back to their legal line. All your posts in this thread are of a defensive/shilling nature. It has stopped being productive.
> Rocky Linux is a community enterprise Operating System designed to be 100% bug-for-bug compatible with Enterprise Linux. [1]
[1] https://wiki.rockylinux.org/