Red Hat License Challenged 391
An anonymous reader writes: "David McNett has noticed an apparent discrepancy between the Red Hat Linux EULA and the GPL. He has written an open letter to the FSF asking for their opinion on the matter. Does Red Hat have the right to "audit your facilities and records" to ensure compliance with their license?" McNett misreads the Red Hat documents. Their contract is for the various services, not the software, and for the services they are entitled to demand whatever concessions they think the market will bear.
FSF = oracle? (Score:5, Interesting)
That's weird... (Score:2, Interesting)
Not so fast... (Score:5, Interesting)
RH is saying that if you signup one of your servers to participate in their support services, that they have a right to audit your site (which may be ok), but they seem to imply that if you have 5 other RH servers (that arent participating in their services), they have a right to backbill you (with penalty) as if those servers were participating.
Now, maybe its legally ok for them to ask you to agree to this - but it does seem at quesition wether its 'ethical', and how they can reconcile that with the GPL.
I would definately be interested to read the FSF's response when they publish it.
Redh Hat's increasing corporatization... (Score:2, Interesting)
I remember a Red Hat that forced TrollTech to GPL QT. I remember a RedHat that preferred PostgreSQL over MySQL, voicing a preference for standards compliance. I remember a RedHat that never buckled to the pressue to include a proprietary YAST, and who made Anaconda open source.
What has happened to Red Hat? Where did my favorite UNIX distribution go? I want it back!
Well- Interesting arguement, but... (Score:5, Interesting)
But I guess the question is, when adding a second server to the system, does this count as violation of the license? When I buy a pickup truck, I can modify it in any way I feel like -- but I will void the warranty on the truck. This means that I can't get free work done should something fail, because that failure could be caused by one of the modifications I made.
The GPL pretty well allows users to modify whatever they want, so long as they share what they did with the public. But if you created an application that can be run in a GPLed environment, but is not actually part of it, I would assume that this application is to be considered your intellectual property and therefore you can place your own licensing on it.
So- Does Red Hat have any proprietary code in there? I guess in such an event, they could demand that you purchase more licenses for the extra servers you want to add. But if not, then I guess all they could do is claim you voided the warranty, and declare you inelligable for any tech support or warrantied upgrades.
But, that's just my opinion. I think I'll leave this for the legally-experienced to hack out.
Regarding audits (Score:2, Interesting)
Re:That's weird... (Score:3, Interesting)
The interesting side effect of all this is that you are free to run as many copies of RHAS as you want until you buy even one copy. Once you 'taint' your company with even one fully licensed and supported copy of RHAS, you have agreed to this per-server licensing, and audits to make sure that you have enough licenses to cover all of your servers.
This may violate the GPL in the part that says "You may not impose any further restrictions on the recipients' exercise of the rights granted herein."
Re:Redhat have defended this before. (Score:3, Interesting)
They want to force redhat to write these things clearly or completely remove them from the OS documentation and only allow them to say such scumbag things in the contract for the services.
I understand redhat's position on this but it was written very poorly and any EULA at all on a linux distro is underhanded and pretty damned scummy.
So I havent bought a RH distro cince 7.1 because of their EULA and words on the CD envelope that states that I agree by the EULA if I open it.
The download site I got 9.0 from didn't have no eula stated and the install doesnt either. so I DO NOT agree to any EULA they have.
simple as that.
They really need to re-think their strategy... small business is one that really need a cheap server product that they can buy a $300-$500 dollar a year minimal support contract on from redhat.. but they do not want that business.
Luckily I found a company that supports slackware in that manner, and they support each release for 5 years before EOL's it in their service packages...
His reading looks ok to me... (Score:5, Interesting)
Pardon? I can't install the product without purchasing additional services from RedHat...?
OK - so Red Hat can come in and check I'm not claiming their services for more installations than they authorised their services for. Entirely reasonable. However, "terms and conditions of this Agreement" include the contentious point above, which is certainly not agreeable to.
Not being a RedHat Enterprise customer, I don't have a copy of the license to hand. To any that do: is the term 'Installed Server' defined anywhere? If so, what is the definition please? If it's just a server with an installation of the code on it, then there would appear to be a problem. If the definition is along the lines of 'a server with an installation for which services are also being claimed', then there would appear to be no problem.
Anyone able to clarify that?
Cheers,
Ian
Re:What's with this obsession with public litigati (Score:3, Interesting)
To me, this is a lot like cyber-squatting: buy up a whole bunch of likely-sounding domain names, and just wait until someone wants to register it and then charge them an arm and a leg for the name. In the meantime, the domain name sits totally useless and unused. (Of course, we all know what happened to that business model!)
There are other companies who try to figure out what their competition is doing, and then file frivolous patents to block their competitor's development projects from seeing the light of day. Of course, we all lose when this happens. And then there are the true leaches, those who have no knowledge or resources to develop a given technology, but purchase the IP and then sue the s**t out of everyone for using it, even though the original patent holders allowed that use. Yet they still have no intention of putting those resources into furthering the technology for the future.
All this anti-patent work does nothing more than stifle innovation and development. And we all know the wonderful things that environment does for the economy and jobs. Putting these legal battles into the press essentially allows the leach to put the "fear of God" into the little people so it makes it easier to cause them to cave in when presented with an "infringement" lawsuit.
Of course, there could be a benefit to all this. If SCO should lose this case, it could create a devastatingly powerful legal precedent showing that just buying IP doesn't necessarily give you free license to bully others with it. But in case the opposite should happen, the only way we're going to change things back to the way they should be is to band together and get our respective legislatures to change the laws.
Then it's a stupid contract (Score:3, Interesting)
It was good to post this article! (Score:5, Interesting)
Not to say that Slashdot is necessarily good journalism, but a good journalist cares about presenting the truth to the reader. (I guess there aren't many good journalists in the world.) In this case, we have someone with an open letter who is passing misinformation. Slashdot editors take this opportunity to publically point out the error in the article in an equally (if not moreso) open manner. This helps everyone.
Slashdot did a good thing.
Re:Well... (Score:1, Interesting)
Red Hat = Debian as far as rights go, so long as you aren't asking Red Hat for support. The difference is that Debian doesn't provide an entity which is contractually obligated to answer support questions. All Red Hat is saying is that if you want support, you must pay for every box running our product.
Re:His reading looks ok to me... (Score:2, Interesting)
In this context, it seems that there may be a problem. IANAL (unlike our slashdot editors aparently), but to me this seems contradictory.
You might also notice that their "Subscription Agreement" contains the following text:
If you read that the way I do, then it says that you must agree to the subscription in order to "use" RHEL. If it only said "purchaser" it might be ok, or if it said "user of Support Services and RHEN" that would probably also cover it. But the license clearly states that it applies to all users of RHEL, no matter what.
Re:Regarding audits (Score:3, Interesting)
Hostile audits (BSA tactics) are or ought be illegal, but contractually-stipulated audits are the same thing as me saying to you "I give you permission to come into my house and look around at some future date of your choosing." There is nothing inherently legal about that.
Now, if you show up at the door without me agreeing and demand to search the place, THAT'S illegal.
Re:His reading looks ok to me... (Score:2, Interesting)
Secondly, unless the /. Editors were making anonymous postings to the article their apparent comments about it being a 'service contract' were made by posters to the article.
Thirdly, most posters aren't consulting the GPL:
I noticed that a response from 'anonymous' explains "McNett misreads the Red Hat documents. Their contract is for the various services, not the software, and for the services they are entitled to demand whatever concessions they think the market will bear. "
I believe 'anonymous' is a RH employee and his explanation flies in the face of the plain English of RH's EULA supplement. I don't buy that explanation because RHs demands aren't for service alone: "If Customer wishes to increase the number of Installed Servers, then Customer will purchase from Red Hat additional Services for each additional Installed Server." That clearly states that if the customer wants to run additional copies of RH Server 2.1 he must purchase 'service' for them from RH. IOW, it says using RHS 2.1 on more than one PC is conditional on buying a 'service' contract for additional installations. That is a DIRECT violation of the GPL under which RHS2.1 is released.
It gets WORSE...
"During the term of this Agreement and for one (1) year thereafter, Customer expressly grants to Red Hat the right to audit Customer's facilities and records from time to time in order to verify Customer's compliance with the terms and conditions of this Agreement" This ONEROUS requirement is totally foreign to the GPL license and is indistinguishable from Microsoft's tactics. The only 'compliance' they could check was if the number of RH 2.1 servers running at a site equaled the total count on the sales invoices for the app. The BSA, MS's strong arm thugs, makes exactly the same compliance check.
The GPL text contradicts RH's demands: http://www.gnu.org/licenses/gpl.txt
"1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium,....
The act of running the Program is not estricted,...
2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above,...
b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License...
4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such
parties remain in full compliance...
6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License....
You must make sure that they, too, receive or can get the source code."
IMO, because RH has done what is expressly forbidden, as marked in the bold print above, they have forfeited their right to use or distribute or sell the RHS 2.1, or even their RH desktop distro.
Well, there are ways to look at it. (Score:2, Interesting)
My point is, they need to reword their EULA and then everyone can move on.
This is why we're moving to FreeBSD... (Score:3, Interesting)
I don't see how they can justify this pricing under the GPL but the next question is, "who is going to sue Red Hat?" The most likely outcome if RH doesn't change their licensing is that they will try to sue a customer and the court will then decide if they have the grounds under the GPL to do that.
Maybe the EFF should buy one license and then install it on a dozen machines and let RH know what they've done. That should be interesting.
It also seems to me that both RH and SuSE have been making their inexpensive distros less and less suitable for use in a server environment (focusing on the desktop). We do a lot of server installs and with the advent of the workstation focus in Linux last year I began changing to FreeBSD where I'll stay until the SCO thing is over and/or I need to do something that only Linux will do.
Re:That's weird... (Score:2, Interesting)
If it helps you, lets think of a scenario. Lets say I work at a small application hosting and development company. We have a server with RHEL AS on it, and our customers fully expect the server to be supported. Fine, we've paid our $2500 so there is no problem. We also have a machine we do development on, and we'd like it to be the same OS version, though we don't care about supporting that machine. Too bad. We have to pay for it anyway or lose our support contract, and if we do it anyway and they audit us, we also agree to pay $3000 instead of just $2500.
To put it another way, you can not install on another machine without either A) giving up support on the first machine or B) giving up $2500. The point of the Gnu GPL is that they can't force you to give up anything to use/copy the software once you have it. The agreement does force you to give up either A or B, which is an additional restriction beyond the Gnu GPL. By agreeing to release their software under the Gnu GPL, they also agreed not to place any further restrictions on it.
Sounds like the GPL is violated (Score:3, Interesting)
It really seems that RHAT is violating the GPL here. This is a serious issue, one that RHAT should clarify and correct immediately.
The GPL ensures soruce and thats about it. (Score:3, Interesting)
For example, DMCA may restrict your ability to reverse engineer a GPLed program. Its an odd situation since you have source but if the license says you can't reverse engineer it, then you can't and you can get fined (via being sued DMCA style) if you do.
There are other rights as well that may or may not exist. For example, if you send in a patch to a common program. Do you own the copyright on that or does someone else? If you find your code got used illegally, can you do anything about it or must you go back to the main copyright holder to file an action?
GPL gives you additional rights but only in the context of copyright law as it was a decade ago. The license does have conflicts with the DMCA and other newer laws that have not been tested in a court.
GNU is working on a new version of the license but the work will take a long time and be quite expensive.
Re:"What the market will bear." (Score:3, Interesting)
Whether Red Hat's is a good/moral/healthy business practice or not is a separate question from whether it is forbidden. It has often been stated that the "proper" business model to use with Open Source/Free Software is providing services alongside it; that's what RH is doing.
Re:Redh Hat's increasing corporatization... (Score:3, Interesting)
Let's say I touch up openoffice and combine it with a replacement for MS Access. All of the software I've used is GPL, so I'll have to leave my product under the GPL license. Let's say I put up a click-though license on my download server that requires a $100 credit card payment and states that by downloading this software you are agreeing to a $100 support contract. The terms of that contract state that any additional installations must be covered by their own $100 support contract and that distributing the software to anyone who is not covered by a support contract is a violation of the terms of the contract. Violating the terms of the contract will carry a nice $1 million US penalty.
Is this software still GPL in anything other than name? Of course not.
The saddest part of this story is that so many people feel they need to be apologists for RedHat. This is a terrible scheme that, if allowed to stand, will simply encourage other companies to release more proprietary software masquerading as GPL software. If you want to use proprietary software, that's your own business...just don't muddy the waters about what the GPL does and doesn't allow.
Re:Then it's a stupid contract (Score:3, Interesting)
I don't know whether they implement this or not, but when your computer calls them for service, they could download a registration key. The service agreement is for the computer with the registration key installed. No key, no active service agreement.
Now I can't say whether this is a good thing, or a bad thing, but if I understand properly, all it's saying is that you can't get service on more machines than you have service contracts for. And that *sounds* fair.
That said, I'm currently running Debian (well, LibraNet Linux) on my computer at work. But this is more because Red Hat has moved all releases to be x.0 releases than for any other reason. But LibraNet (i.e., Debian) seems just as good as Red Hat did.