Red Hat’s commitment to open source: A response to the git.centos.org changes
redhat.com
Some mix of wrong and right, the exact proportions of which I'll leave as an exercise to the reader.
Some mix of wrong and right, the exact proportions of which I'll leave as an exercise to the reader.
There is a reason some of us chose to support Debian and its model of allowing downstream companies like Ubuntu (Canonical) to give back up to the open source father. And this is it. We dont need to compromise here. We already have a system that works perfectly and provides a choice for what suits you. If you are an enterprise then try Ubuntu instead of RHEL. If you are a home user you dont need enterprise support and can help us log bug reports and create the next version of Trixie. We need more testers and we have fought this long fight and proven we wont give up. What other proof do you need?
I got a feeling that the kind of people that use Rocky or Alma linux would have a heart attack dealing with snap on ubuntu. Maybe they're better off switching to Debian LTS instead.
As an inexperienced user, I can tell you that Debian is way harder to use than most people think. Out of the box, the distro is pretty bare ones. I'm having a blast using an Arch based distro, but on Debian I had to do everything manually. Stable is freaking old and unstable has lots of limitations, Docker for example is a true pain.
Ubuntu, Mint, Zorin, POP OS, are way better than Debian for users like me.
Red hat users would feel right at home, right?
Reading this, I wonder if we talk about the same Debian 😆
"I hate configuring Linux distros which is why I use arch btw"
Arch based, not the same thing. Crystal Linux bundles everything out of the box, so noobs like me don't have to do anything.
I ll give you old but not at all unstable, wonder what instability have you found in LTS.
A lot of people (incorrectly) equate "stable" with "bug-free". So conversely, having bugs would be "unstable".
I think he meant: Stable is freaking old. Unstable has a lot of limitations.
Pretty sure the whole statement is
I don't think they're saying Debian LTS is unstable.
Exactly what my bad wording meant to say. Thank you for your extraordinary reading comprehension.
how???
RHEL costs $600 a year. Its users can cope with debian easily.
It's amazing how some people have to learn the lesson that you can only trust non-profit foundations, not for-profit corporations, over and over again, and then even then it still somehow never seems to stick.
Alright, well, there it is in plain English. They're killing downstream clones like Rocky, Alma, etc.
I have to wonder how this is going to affect software which officially only supports (insert RHEL clone here). I use DaVinci Resolve for work every day, historically they've only supported CentOS, and just recently they started supporting Rocky as well. VFX isn't my wheelhouse, but I know the situation is basically the same for those programs as well.
At least they aren't pretending to be the good guys anymore.
I am actually wondering whether they'll start considering a Flatpak version of Resolve. Seems like Blackmagic is reluctant to support anything other than RHEL and CentOS, and RedHat seems to be moving towards Flatpak anyways, given their recent move to stop shipping LibreOffice.
Resolve Studio has worked well for me on Pop!_OS and many others have success with Ubuntu, Debian, etc. Only hiccups are related to decklink drivers and very recent kernels, but the BMD Linux forum typically has patches posted before I have problems.
I'm just happy if it hurts Oracle. Because fuck Oracle.
Lots of words to say:
headline: IBM STILL DOESN'T UNDERSTAND ITS RESPONSIBILITY WITH OPEN SOURCE
Nothing much more to see here; just, the spots have finally come in on the leopard.
But, as IBM isn't responsible for systemd, ansible and similar trumped-up barely-capable competitors, it's not all IBM's fault. Let it sell crutches as long as it can.
Guess me as an end user for Fedora should stop contributing my time and energy to identify and fix bugs, or get Fedora's name out there, because I FIND NO VALUE in giving Red Hat my FREE work.
One thing while I worked at Red Hat, they will under pay you, they will push you beyond the breaking point, they will under value you, because "we will change the world." And apparently you change the world by all those things I just mentioned.
I don't think anyone's arguing that Red Hat isn't in the right, legally, to do what they did (anymore). At this point, I think Redhat users are just tired of being jerked around. We're not children, most of us in the industry have been around a while and have seen this same story play out over and over again. We can see the writing on the wall and they've destroyed the trust of their community so, a long winded blog post defending their decision, arguing that they are within their rights to do it is largely irrelevant at this point. They've lost the narrative and the industry (us) will respond by gradually finding ways either away from or around Red Hat and associated projects. Soon, the only people left using it will be the same people who use other irrelevant and dated software, government.
I am. It's there in the GPL text in black and white. Red Hat does not have any right to place restrictions on the distribution of derivative works that they do not own the original copyright for. Threatening to terminate a service agreement is a restriction.
All of the projects that own FOSS code that Red Hat uses in RHEL could legitimately revoke Red Hat's license to use that software on the grounds that they have violated the licensing terms required by the GPL.
From what I understand, these restrictions only apply to if you have been provided the software. Red Hat is under no legal obligation to supply you with their software, nor to continue doing so if you violate their terms.
I agree this makes them total scumbags, but as far as I understand the GPL they are not breaking the law.
Correct.
Correct. I am not a Red Hat customer so they do not have to provide me with anything.
This is also correct, but here is where the problem lies. If they provide a customer with binaries and accompanying GPL-licensed sources, along with a customer agreement which says "if you distribute these sources then we will terminate your customer agreement," then that is in violation of the GPL. RHEL contains code from many projects (the vast majority I would think) that Red Hat does not own the copyright for. Red Hat has a license to use that software under the terms of the GPL. The GPL requires that they make the sources available of any binaries they distribute without further restrictions which limit the freedoms granted by the GPL. One of those freedoms is the freedom to redistribute the source code. Their customers who receive RHEL source packages must be given that freedom for Red Hat to be in compliance with the GPL license.
Whether they are "breaking the law" depends on jurisdiction and laws around copyright infringement, but this would certainly be handled as a civil matter. Projects which provide software to Red Hat under the GPL would be within their rights to ask a civil court to enforce the terms of the license or to mandate that Red Hat cease using their software until they comply. See the recent Stockfish vs. Chessbase case that was settled in Germany: https://stockfishchess.org/blog/2022/chessbase-stockfish-agreement/
In that case, the infringing party was not complying with any terms of the GPL at all, but the same procedure would be relevant in the case of Red Hat vs. any other FOSS project that wants to enforce the terms of the GPL.
That's the first time I've heard someone argue to that point. I agree.
The arguments I'd heard were that they didn't have the right to stop publicly distributing the sources. They do have the right under the GPL stating that the source must only be provided along with the binaries and, if the binaries are only available to subscribers, so too are the sources.
What does this mean for Fedora? Since RHEL wont be Open source anymore, how can Fedora continue. If they publish their code through Fedora everyone will get to see it.
This won’t affect fedora. Fedora is upstream just like centos stream, and nothing they’re currently doing changes those projects. Besides possibly making people more hesitant to bother with rpm packages on GitHub at least
I thought CentOS is actually downstream?
Classic CentOS (which no longer exists) was downstream of RHEL, CentOS Stream is downstream of fedora, but upstream of RHEL.
Standard RHEL server subscription costs 800$/year, a ridiculous price for an individual to pay (yeah I know it's called Enterprise Linux, but still)
Funny considering that AlmaLinux OS Foundation is a non-profit
Until RedHat decides to pull the rug, just like it already did with CentOS
Also:
From: https://developers.redhat.com/articles/renew-your-red-hat-developer-program-subscription
Yeah, I think setting up build and distribution infrastructure is not adding any value
RH basically does not care, and i don't think this is going to be financially significant for them for quite a while (iff they can legally get away with this). the people choosing to pay $600 a year per server do not care about open source, they care that they servers are running linux and have 7 days a week 4 hour support. the people that use RHEL daily and care about open source are not decision makers, and convincing higher-ups to stop paying for RHEL, migrate the entire tech stack to something else with support and pay that is a non-starter.
In a few years, the quality of the service will probably be significantly worse, and at that point servers currently on RHEL will have to be mostly replaced. at that point only will RH see a downside to doing this, and by that time the execs will have gotten their package for making Good Decisions and will have ran out of there, leaving the comunity to pick up the pieces.
From experience, renewing once the subscription has expired isn't simple, mine never kicked back in properly. I also don't have access to the KB that explain even simple bugs on install.
RedHat needs to be profitable, and it's getting harder and harder for them. RHEL is not their main product anymore. Everything is about Openshift and it's Ecosystem. But Openshift is expensive.
Additionally are the European sub divions not happy how the last round of layoffs went.
RedHat losing the plot is their own mistake to correct. I've been telling my OS TAM as much for a decade.
And oVirt competes well.
But when your entire business is based around massively hyped bags stapled to the side of a badly-managed central product you don't mention or promote, what's the expectation?
RedHat was solid for the very thing that made centos a popular option. But then it had to have more; more, more more.
On the one hand they do have a point, and as a Fedora volunteer it saddens me to see that it is affecting the wrong crowd, RH workers, who are receiving directly and indirectly the backlash, mostly snowballed by clickbait and plain disinformation.
On the other hand saying that redistributing the code you provide under the GPL "doesn't provide any value" sounds just as dystopian as it seems.
At this ratez they are just digging themselves deeper at this PR nightmare.
I know many former SCO employees now working for RedHat. Ironically, now they're facing some misdirected backlash after IBM was overly grabby about source code that wasn't proprietary.
There are a few completely fair points in there calling out what they are legally allowed to do (e.g. they are not directly violating GPL) and are doing (contributing changes back upstream, they claim "always"), that's about the only "right" this reader found.
Have some quotes that demonstrate the "wrong":
This quote is particularly damning to me. It's right in the preamble of the GPL "Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it." Emphasis mine. It's a legal right, that I can redistribute it, whether or not I modify it in anyway. Stomping on my legal rights is not a threat.
Whole-heartedly agree on the quote and it stuck out to me even before coming to the comments here. Redhat might not like that people are repacking "their" software, but the spirit of GPL software is that you can charge for it but folks can also go through the trouble of building it themselves should they not want to go that route and are able to support/debug/maintain the software themselves on their own hardware.
If they don't think the clauses of GPL are fair, then they should probably stop distributing Linux entirely because their entire business model is founded off of profiting off the work of other open source contributions.
One could argue Redhat already does this on packages they have not improved or submitted contributions for.
I actually agree with Red Hat's decision to not make their sources publicly available to non-customers, and I think this is a good example to set for free software companies. However, this quote shows a fundamental lack of understanding of what free software is. It's not a "threat to open source companies everywhere"; it's a feature. It's the horse you rode in on.
The SFC has suggested this, and Alma Linux wrote about their understanding of Red Hat's terms, but it seems that Red Hat may terminate contracts with customers who redistribute their sources. I think that's quite nasty and very much disagree with it. Grsecurity already does this, and my opinions about that company are the same. I thought it was interesting that Red Hat didn't address this at all in their post...
There is a very big difference between RH and grsec here though, and I hate that people just brush over it. And that is that true, you might not be able build the exact compatible operating system with just names and logos exchanged easily anymore. But no part of their stack is closed source or only available to subscribers, is it? Who pays the pipewire dev and in which distribution did it appear in first? Who paid the systemd developer and is currently the main company behind it? What about NetworkManager? GNOME?
I only know second-hand details. I've skimmed the webpage. If you know more, please let me know!
I never said it was, and I would support Red Hat if they only made their free software offerings available to paying customers. I think this is how a free software company should work. Most free software is not sustainable today, and it would be nice if Red Hat could be a good example of how to build a successful free software company.
Even if Red Hat terminates the contracts of customers who share the sources, this wouldn't be against the GPL, but I think it would be nasty to scare your customers into not exercising their granted freedoms under the GPL. This is the only point of contention I have. After spending about an hour digging through the Red Hat site for the terms of service which supposedly say this, I found some very vague terms. We'll have to see how this shakes out in reality.
I'm well aware of how important Red Hat is to the free software ecosystem :)
Most recently, they sponsored and organized a hackfest for getting HDR on Wayland compositors.
I'm unaware of any piece of software in RHEL that's GPL that you can't run in any other distro down to their specific version. It's true that it's hard to get the "complete and bug-for-bug-compatible operating system", but all the components are there, be it in CentOS Stream or fedora, and a lot of stuff is theirs, not just added changes, but a big part of the codebase.
A grsecurity enabled kernel is "just" their patchset and any version is only available to their customers, no developer program or anything, there's no open upstream they provide with their patches or anything.
If you have software that you want to work on RPM-based distributions, test against fedora, or CentOS Stream; or, if you have clients insisting on RHEL, use a developer account, the options are there. Or don't and refer bug reports from RHEL users to their distribution's support, they're paying for it and it should be their first PoC anyways.
My post wasn't only to go against yours, but against a general attitude; that Red Hat just takes upstream code, makes an enterprise distro out of it and then charges big bucks, terminating anyone's contract who wishes to exercise their rights under GPL. The question is rather what's the reason to actually redistribute recompiled code when most of it is available in their own funded upstream? People pretend Red Hat is squeezing a community that made them possible in the first place. But the truth is rather the reverse in my opinion. Without Red Hat, the community most likely wouldn't exist. Their first release of Red Hat Linux was in 1994, when the kernel was about three years old and I guess by most people considered a toy rather than an alternative to UNIX. I'd wager that without them, the Linux ecosystem today would look much different, if more than a niche at all.
I don't think the same can be said for grsecurity.
I can't find a lot in here to disagree with. Of course I appreciate Red Hat for all the free software they've developed, funded, and profited from over the past few decades. I use GNOME on Wayland, Systemd, Pipewire, libvirt, virt-manager, and plenty of other software, I'm sure.
Red Hat is doing something positive for the community they don't need to do, which is nice. Personally, I would prefer fewer people wrote this off as a requirement or something "expected" without understanding how the GPL works.
You should be able to share software you find useful with your neighbor; preventing people from doing so is enforcing antisocial behavior. Redistribution is what makes free software work. Whether most of it is available somewhere else or not, that's something customers have the right to do.
While it would be nice, in this scenario, if Red Hat could say, "you can't redistribute this; you need to make significant changes," it just wouldn't be free software if they could say that. For the same reason, I don't think the Anti-Capitalist Software License is good (think how much worse things would be if the kernel was licensed under that!). If the Linux kernel was licensed under a non-copyleft license, I'm sure Red Hat would have adopted an "open core" model. Or they would do what Codeweavers does with CrossOver.
Profiting from free software is hard. Sourcehut isn't profitable yet, but they're close to breaking even (and they don't even require you to pay!). But if we remove any of the freedoms the GPL provides, we end up in a situation where the software controls the user, and the developer controls the software, so the developer controls the user. Every freedom is necessary, because without them, it will become proprietary software the user can't control.
More than likely, FreeBSD would have taken GNU/Linux's place, assuming the GNU/HURD people couldn't manage to organize themselves by that time. The legal problems with FreeBSD would be resolved around that time. Novell was another commercial free software contributor at the time, though, so perhaps they would have been responsible for more programs if not Red Hat. I still use Evolution today. But yes, it's impossible to deny the positive impact Red Hat had in its formative years and over time. I think it's disingenuous or ignorant to pretend otherwise.
At the same time, it's thanks to Linus that Red Hat was able to be significant. If it was released under the original anti-commercial license, things would be far different again.
Personally, I would still sooner deal with Red Hat than Oracle, Microsoft, Apple, Google, or any other conglomerate...
This is a bit of a strawman in my opinion. I'm sure Red Hat won't care if you, as a customer, use their sources, rebuild them and "share it with your neighbor". They won't terminate an account over that, at least I'd be very surprised if they did. I don't consider "downloading all sources, removing any branding, rebuilding, offering for free and selling commercial support" the same though, but there's no mechanism in the GPL to differentiate between those.
Agreed, and nobody is denying them this right. However, at the same time, Red Hat has the right to terminate the accounts with customers if they decide that the business relationship costs them more money than it makes them. The right to choose who to have business with is not stronger or weaker than the GPL.
Yes, I did not want to imply that it was all Red Hat that mattered. I just wanted to go against what some people imply, that Red Hat is just freeloading on Open Source and now want to restrict this right to others. E.g. in a video in another thread, Jeff Geerling says something along the lines "Red Hat didn't build the Linux kernel, nor do they own it" which I think is disingenuous: they never claimed they own the Linux kernel, and they're the second largest contributor to it after Intel, and relevant portion of Intel's contributions are drivers specific to their own hardware and as such, only usable in their ecosystem. Plus the kernel is still available in CentOS Stream, which goes above and beyond GPL requirements.
I can see people being upset losing free enterprise-grade distributions (though personally in my limited experience could find nothing to like about it), but at the same time, most of the complainers weren't actually covered by the GPL at all because Red Hat did not supply them with the binaries anyways.
The GPL doesn't differentiate because they'd be getting into the same messy territory as the Anti-Capitalism license. If Red Hat stops selling RHEL, does that mean no one can offer it for free and sell commercial support for it? Does Red Hat only get to tell them to stop if they're competing? How big does the competing company need to be before it's not allowed? Is it okay if they're a non-profit, or a capped-profit, or a government organization?
Keep in mind these are just some issues I thought of in thirty seconds. I'm sure there are plenty more.
Branding is removed because it would be trademark infringement to keep it; if Red Hat wanted it intact, they could give permission to use their trademarks in this scenario, but I doubt they do.
The ability to sell free software is a fundamental right under the GPL. As Drew Devault says, Open source means surrendering your monopoly over commerical exploitation.
That's why profiting off free software is hard; because you don't have a monopoly anymore. I think that's an important feature.
My position is that I don't think this is how a free software company should behave, but I'll refrain from voicing any further opinions until Red Hat actually terminates a customer's contract for redistribution.
Yes, I agree. They're one of the biggest contributors to the kernel alone, but the kernel isn't even the most important part of GNU/Linux. The userland software matters a lot too, and they're responsible for funding/developing a lot of that, as well. There's some stuff in that video I disagree with but overall it's not too bad.
I'm pretty sure that, regardless of who you obtain the software from, you have rights under the GPL. I could be wrong.
I probably could have linked to another answer on the GNU website, but I found the context of this one amusing: https://www.gnu.org/licenses/gpl-faq.html#StolenCopy
I agree that it's particularly damning, but for a whole different reason. Anybody who considers "a hobbyist- and hackers-only activity" a "threat" to "open source" fundamentally no longer Gets It and is themselves an enemy of Free Software!
I understand "we do not find value in RHEL rebuild." At least, I understand that it means "we do not find the value [to Red Hat] outweighs the cost [to Red Hat]." I don't understand how "simply rebuilding code... represents a real threat to open source companies." It makes it sound like the rebuilders are doing something wrong.
Sure, you can say that it hurts your profits if others are providing an equivalent to your service for free, but if that isn't acceptable, why allow it? Moreso, why allow it for years and then suddenly claim the communities built around that decision are a "threat"?
Maybe I'm misreading, but I think I would respect this position a lot more if it was simply "we can no longer afford the competitive disadvantage," rather than implying various open source communities are actually exploiting and damaging open source.
I'm not entirely sure there are a ton of people/companies that are considering rhel licences vs rocky. All the companies I've worked for are considering debian vs rocky at this point. Not huge but 1000-5000 system type companies. I'd guess that's a huge bulk of the market that's using rocky, and also up steaming patches and big reports.
Cannot wait for vanilla OS 2
@baseless_discourse @uncapybarable with Debian Sid? I can’t wait!
IBM is working hard to kill RedHat. They are probably having a party at Canonical right now.
Canonical has their own problems right now... Not a lot of snap fans out there. Canonical seems determined to skate to somewhere their users don't live and create a world they don't want.
I'm supposed to complete a higher level Red Hat cert this year, but I think I'll pass, despite it counting against my KPI. These exams are hard, expensive, take a lot of time to prepare for, and the ROI is increasingly questionable. I'll rather do some vendor-agnostic k8s or Ansible cert instead. This RHEL decision definitely helped to make up my mind.
I also wonder what IBM will do to ceph. Not really buying their spiel.
That's a whole lot of "Woah is me, I'm so hard done by, praise me for everything I do and most importantly pay me scrubs."
It's actually woe is me
He's taliking like RHEL is the product to be monetized. I always thought the model was: the software is free - pay us for professional, enterprise-level support.
that used to be the motto, but the business masters now demand profits from the puppets or they're coming for their jobs.
The problem is: The larger the usage of RHEL inside a company the more likely they do not need the support anymore, because they can have your own department do it instead. So those companies don't pay for bug fixes or general Linux development, which is a problem. If you want a healthy Linux ecosystem large companies need to pay the maintainers! I don't care if they do it through Redhat or directly.
The new model is "fuck you, pay me"
Red Hat died the day IBM bought them. All that garbage about "leaving Red Hat alone" was of course total nonsense. IBM is doing what it does best -- squeeze its existing customer base for short term gains. This won't be the last thing Red Hat does that makes people annoyed.
Still not nearly as evil as Orkcackle tho.
Totally, but at least Oracle doesn't pretend they are some kind of beacon of open source. Red Hat is trying to party like it's 1999 while it's just a boring division of IBM now.
Friends don't let friends use Red Shat.
It sounds as though their motivation is mostly aimed at Oracle Linux from this post. Huh, I assumed it was Rocky and Alma.
I'm genuinely scared they'll be coming for ansible next.
Nothing a fork or two won't solve.
On the one hand they do have a point, and as a Fedora volunteer it saddens me to see that it is affecting the wrong crowd, RH workers, who are receiving directly and indirectly the backlash, mostly snowballed by clickbait and plain disinformation.
On the other hand saying that redistributing the code you provide under the GPL "doesn't provide any value" sounds just as dystopian as it seems.
At this ratez they are just digging themselves deeper at this PR nightmare.
Be nice if they at least gave Mike a picture for his blog posts.
The problem I see with this attitude is there are plenty of developers that are trying to develop for RHEL instances that need a specific environment for whatever reason. Originally you could use CentOS for this and then you could use Rocky Linux or one of the other distributions that sprung up after stream became a thing. They've taken away that opportunity and they may suffer for it since Enterprise application developers like Jeff will not eat this cost since they do it out of the goodness of their own heart and not for monetary compensation. Unfortunately this could end up stifling a lot of the tools that we use in a cloud setting with Red hat distributions. My company has a requirement that we need the OS to look exactly the same and be extremely stable and stream I don't think has that capability since it's a rolling distro and could get hit with a bad package update. It would be quickly patched but that still means down time that I now have to explain to my customers. Instead we might switch to Debian which will stay exactly the distribution it should be until I decide to update it. It can be configured in a rolling distribution but it doesn't have to be and enterprise admins are not going to use something that rolls that that could possibly expose us to more risk with wild package updates. There's a reason that while we like Arch Linux, we don't typically use it in an enterprise setup.
Hacker hoodies activate.
I asked ChatGPT to do that exercise for me: