this post was submitted on 30 Jun 2023
76 points (88.0% liked)

Linux

48372 readers
1897 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I want to be clear on my bias here: I firmly believe that open source would not be a 'thing' if it weren't for Red Hat. Linus Torvalds himself once said (albeit 10 years ago) that the shares he received from Red Hat before their IPO was 'his only big Linux payout'. I don't think anyone would disagree with the statement that Red Hat has had a major significant positive impact on Open Source across the world.

This morning I listened to an excellent podcast called "Ask Noah" where he interviewed Red Hat's Mike McGrath who has been active on the linux subreddit and other social media. It seems that Mike has been involved in the decision to restrict Red Hat's sources on git.centos.org:

    https://podcast.asknoahshow.com/343 (listen at ~20 mins)

It's really worth a listen. Mike clearly lays out the work that Red Hat (I was surprised to find out that it is NOT the Rebuilders) does to debrand the Red Hat sources, why they're pulling that back on those unbranded sources, and that they understand the ramifications of doing so. It's also interesting that Mike is of the opinion that there is nothing wrong with doing a Rebuild, and he defends them by stating "that's the cost of doing business". Noah and Mike go into many of the nuances of the decision and again, it's really worth listening to. Mike also talks about "bad faith" when dealing with the Rebuilders at 40:30, which I think explains Red Hat's decision. I got the distinct feeling he's bound by some ethical code so he won't/can't say too much though.

There's also this discussion about Rocky Linux securing a contract with NASA:

    https://news.ycombinator.com/item?id=36417968

that had a lot of internal discussion at my company this week, which given what's just happened may shed some more light on Red Hat's decision.


There are always two sides to every story but in this case there are three sides to this story.

On one side, you have Red Hat, a long time champion of open source software, that has poured billions of dollars into open source development, and which has 1000s of employees who not only on 'company' time but in their own time manage, develop, contribute, and create open source code. They have funded countless successful and unsuccessful projects that we all use.

Against Red Hat are two largely distinct groups. The first is the Rebuilders themselves, who Red Hat has claimed 'don't offer anything of value back to the community'. This is not meant to be a statement on the usefulness of the rebuilds (Rocky, Alma, Oracle, etc.) but rather a very directed statement on whether or not the rebuilders are providing bug report, feedback, and contributions to the packages that Red Hat has included in RHEL.

The second group, which stands somewhat behind the Rebuilders, are the Rebuild users. One could argue that the users are caught in the middle of Red Hat and the Rebuilders, however, I think it is better to look at them as being an equal 'side' in this discussion.

The Rebuild users are in a very unfortunate position: they're about to lose access to a free product that they've come to depend on. They are, as expected, unhappy about Red Hat's decision to stop providing access to RHEL sources. My next statement is callous, and I expect it to be read as such: You get what you paid for. That is not meant to indicate anyone is cheap, it's just that you shouldn't have expectations when you are using something for free.

Here's the interesting part for me. As far as I can see, none of the users are jumping to the Rebuilder's defence of Red Hat's accusation that the Rebuilders provide nothing back to the community. And, as far as I can tell across various social media and news platforms' comments sections, largely the user community AGREES with Red Hat's position. Informed users -- not all users -- are using a RHEL Rebuild knowing that there is no benefit in doing so for the community.

I have yet to read a reply from the Rebuilders where they categorically deny that this is the case. And to me, that's glaring and damning of the Rebuilders' position. Even the 'defenders' (for lack of a better word) of the Rebuilders have yet to provide a response.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 25 points 1 year ago* (last edited 1 year ago) (2 children)

I have one major quibble with your analysis. It is this: Redhat no longer exists as an organization. Redhat is merely a trademark of IBM. You can't defend IBM's actions based on Redhat's history. That was a different company

[–] binkbankbonk 5 points 1 year ago

Bingo. M&As change everything, including this.

[–] [email protected] 2 points 1 year ago

Seeing so many "Linux users" bootlicking for IBM around this has been incredibly disappointing.

[–] [email protected] 24 points 1 year ago* (last edited 1 year ago) (5 children)

On one side, you have Red Hat, a long time champion of open source software, that has poured billions of dollars into open source development, and which has 1000s of employees who not only on ‘company’ time but in their own time manage, develop, contribute, and create open source code. They have funded countless successful and unsuccessful projects that we all use.

As far as I'm concerned, this is simply not relevant to the issue at hand. Yes, Red Hat has made many, many contributions to open source over the years. That is beyond question, and I thank them for it. It does nothing to excuse their current behavior though. All of those contributions were freely made under the GPL. Red Hat cannot retroactively say "well, we've made enough contributions that we think these shouldn't be free any more, please pay us money." Under the GPL there is literally no threshold where that is allowed.

Red Hat knows this of course, so instead they're putting the source behind a click-through license agreement. In order to access their source trees you now have to agree to their license, which states that you're not allowed to redistribute what you've been given. Of course the GPL also has language specifically designed to prevent such attempts. There's a "further restrictions" clause that allows those receiving GPL source code to remove any further restrictions that weren't in the GPL originally. That would allow Red Hat's customer to legally redistribute that source code, as was always intended under the GPL.

But Red Hat lawyers know this too! They know that their customers have the legal right to strip off the extra restrictions imposed by that click-through license wrapper. So how then do they enforce this restriction? With threats and coercion. "Forgo your GPL rights, or we'll stop supporting the software we sold you / deny you any further access." What amount of past open source contributions make it OK for Red Hat to threaten their customers in an effort to prevent them from exercising their rights under the GPL? I say there is no amount of past contribution that makes Red Hat's current behavior acceptable, just like there's no amount of past contribution that would make it OK for them to close the source entirely.

Here’s the interesting part for me. As far as I can see, none of the users are jumping to the Rebuilder’s defence of Red Hat’s accusation that the Rebuilders provide nothing back to the community.

I'll be happy to do so. At least some of the users of downstream distros are using them so they can validate the compatibility of their code with RHEL, without having to subject themselves to Red Hat's licensing terms. Jeff Geerling is one such example. They are (or in some case were) providing direct value to Red Hat's customer, and thus indirect value to Red Hat themselves, by validating that their own contributions would work in RHEL. Red Hat's choices make their efforts harder, and call into question whether FOSS contributors should continue to make efforts that indirectly benefit Red Hat.

Personally, the company I work for has been using CentOS for many years because Red Hat wanted to place onerous licensing restrictions on any use of RHEL in the cloud, which is where most of our testing is done. To be clear, my company doesn't use RHEL internally on its own production systems, nor do we redistribute it in the products we sell. The only reason we care about testing against RHEL is because many of our customers use RHEL on their production systems. Our only motivation is to make sure that our products work correctly when they interoperate with RHEL systems at our customer sites. Are we "taking" from Red Hat by doing this? I say the opposite. Our customers benefit directly, and Red Hat benefits indirectly when such mutual customers can do more and better things with their RHEL systems.

And let me tell you, Red Hat has not been fun to work with. We're a member of their partner network, we're doing this testing so we can help our mutual customers do the things they want to do, and Red Hat has been a pain in our ass at many turns. Their awful account management makes it harder to onboard new employees and get them set up for testing on RHEL. Red Hat threw licensing curveballs at us like "oh btw cloud usage is no longer covered under the partner license, move all your testing on-prem in 30 days or pay us $texas, kthxbye!" (We scrambled and switched to CentOS in the cloud in record time instead.) They subject us to annoying, time-consuming audits. CentOS for testing is a breeze by comparison, with no need to worry about accounts or audits or subscriptions or entitlement usage.

load more comments (5 replies)
[–] [email protected] 12 points 1 year ago* (last edited 1 year ago)

Accusation that the Rebuilders provide nothing back to the community.

Actually, what Redhat are saying about rebuilders is that they "don't add value" - and that's for Redhat, NOT to the community which they patently do. That's quite a badly twisted misquote there, friend.

Also, Redhat didn't create open source software. They're a big player, sure, but I remember writing and releasing my code back in the 80s and 90s when it was called Freeware and Public Domain and distributed on cassette tape.

[–] sudneo 11 points 1 year ago

I don't want to enter in the debate, I don't have a horse in this race and I am not particularly informed. This said:

On one side, you have Red Hat, a long time champion of open source software, that has poured billions of dollars into open source development, and which has 1000s of employees who not only on ‘company’ time but in their own time manage, develop, contribute, and create open source code.

This sounds really weird to me. They are a profitable company, "pouring billions" makes it sound like they sacrificed or donated money, while they invested money. They are not a charity, and what they do they do it for financial gains. Growing an ecosystem that eventually will lead to more customers is still in the company's interests.

The fact then that their employees do stuff in their free time seem completely irrelevant to the point, as people are not owned by the company they work for, and none of their merits should transfer to the company they work for during the day.

[–] [email protected] 8 points 1 year ago (2 children)

One other thing I want to add: I've read a bunch of comments about how the Rebuilds were used in educational and scientific settings, and that there is a prohibitive cost for RHEL in those environments. After reading so many comments about it, I have to believe that Red Hat is going to make some modification to their Developer License program to allow more than 16 'seats' for those use cases.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Yes, from what I've heard they are raising to just over 200 (iirc there was already an agreement for this but the caveat being the type of services the systems ran) which still doesn't cover many educational and academic research scenarios. We'd only be covered about 30% and we operate a comparatively small environment.

load more comments (1 replies)
[–] [email protected] 2 points 1 year ago

I don't have any expectations of them doing this (but I also have no expectations to the contrary), but I think it would be a good move from Red Hat to make the official RHEL more available, as you suggest.

In another thread I compared the RHEL rebuilds to piracy, and in that vein one could quote Gabe Newell and say that piracy is a service problem -- part of the reason Alma/Rocky/etc. exist is because there is a group of users who want to use RHEL but cannot afford it. Red Hat seems to believe that these users should be satisfied with CentOS Stream, and maybe most of them would be, if they only gave it a try. But making RHEL more widely accessible, both to paying users and developers, would probably be good too.

[–] [email protected] 7 points 1 year ago

First off your argument that red hat deserves to see returns on their investment. But restricting redistribution of "their" software is a direct violation of the GPL license that they agreed to by working with GPL software.

Not to mention that the reason rocky Linux exist is because red hat killed centos.

Ree Hat has stabbed the community in the twice with the help of IBM and greed. My only hope is Oracle sues them over this express GPL violation, or that IBM's lawyers realize there will be trouble. In my opinion anyone at red hat that tries to justify this should be ignored.

[–] virr 7 points 1 year ago (1 children)

I have not listened to the podcast unfortunately.

Rebuilders are fine, and RedHat is fine to not spend the effort to debrand their source rpms. The problem is one of value. The value RedHat provides for some people is probably worth more than RedHat charges. The value RedHat provides to others is less than the effort it takes to renew a developer license once a year for 16 installs. The problem is that there are several who are ending support for RHEL because they fall into the latter group (notably Jeff Geerling for ansible roles). RHEL losing out on that support might be huge, might not, only time will tell.

[–] [email protected] 4 points 1 year ago (2 children)

My company runs thousands of centos VMs. We cannot exist if we have to license rhel. We've been working on switching to Alma. We may have to look elsewhere for a free distro that has robust SeLinux support.

[–] [email protected] 1 points 1 year ago

Can't you keep using CentOS stream? Isn't it still a very stable distribution? Just slightly upstream of RHEL instead of downstream.

load more comments (1 replies)
[–] [email protected] 5 points 1 year ago

Nice post, and a good overview over why RedHat is doing what it’s doing.

Before reading this I wasn’t really feeling good about redhat and the stuff happening rn but now i’m able to understand the decision making and there’s still hope for me that redhat won’t turn into a shitshow in a couple years haha

Also working with RedHat in the past has been quite nice so it’s good that i don’t feel a slight hate against the company anymore.

Quite hard to solve the problem when everyone is so emotional

Thanks again for the very informative post!

[–] [email protected] 5 points 1 year ago (2 children)

What's the harm in doing a rebuild? Serious question. I simply don't understand where the harm comes from. I would appreciate any insight. Thanks.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

I don't think there is anyone arguing that a Rebuild by itself is a problem. Given Mike's comments in the podcast linked above, the problem is when one of those (or many of those) Rebuilders competed directly against Red Hat for a contract.

From the general feeling I get from reading many threads on this issue, the general consensus is that the community agrees that, specifically, this behavior by the Rebuilders is wrong.

[–] [email protected] 8 points 1 year ago* (last edited 1 year ago) (1 children)

Oh, I see. But what do you think of this translation:

"Company Foo makes TVs and is always working to make them better. They give them out for free with the hopes of making money installing them and providing guidance on how to use them, but someone starts Company Bar and installs them for cheaper and starts taking on installation jobs."

Is this wrong? Isn't this just the definition of an open market? Please let me know if I'm missing some kind of context. I hope that we can continue to discuss this respectfully.

I should say that I want any open source project with the motivation to write good software to have all of the funding they need to make that happen. I just don't see how it can be justified in this instance when compared to any other market.

[–] [email protected] 1 points 1 year ago (1 children)

There is no problem with your scenario, and it's spot on to the issue that Red Hat has raised.

However, the piece you're missing is that the TVs come from Foo. They don't have to give company Bar TVs to install. If company Bar doesn't have TVs then what should they do? They have some choices: work with Foo or develop their own TV.

[–] [email protected] 2 points 1 year ago (6 children)

I don't see how Company Foo can dictate that all other entities (customers, for example) can receive a free TV on their doorstep (since the code is open source) except for Company Bar. To make it map better to the situation, Company Bar would receive a shipment of free TVs, rebrand them, ship them out to customers, and install them.

"They don't have to give Company Bar TVs to install." So the GPL doesn't require that Company Foo permit free access to the TVs? They could decide to not give out their TVs to anyone?

Also, what if I wanted to get my cousin a free TV but charge him a few bucks to install it? Is this only a problem at scale?

load more comments (6 replies)
[–] [email protected] 1 points 1 year ago (4 children)

It seems that he is bother by they rebuild it and then do not add contribute any code and then sell support to the customer on REHL work which in my opinion its not okay and I will agree with RedHat.

load more comments (4 replies)
[–] eugenia 4 points 1 year ago

Go to GNU.org's "philosophy" page and read it from the wildebeest's mouth. It clearly says that you must have the right to redistribute without having to do changes (i.e. develop it further, as RH seems to imply that their problem is with the clones). So what RH is doing is against Gnu's philosophy, and against the GPL. Yes, RH has contributed massively, but their ISO is 9 GB. They didn't write all that 9 GB of code. And most of that code is GPL. So they need to allow SRPMs to be downloaded and redistributed freely to their subscribers without repercussions for redistributing. If they want to protect their bottomline, they should close the source of some of the apps they have developed themselves, and aren't under the GPL.

[–] Mayoman68 4 points 1 year ago

I think that people who download rebuilds are by and large not going to pay for licenses. The hobbyists running a rebuild for their home lab will move to another distro. Massive legacy enterprises will use unsupported distros until it becomes untenable, and are very likely to move to another distro. Hyperscalers like oracle and Amazon will either figure out loopholes and/or eventually move new products to be based on another distro. Red hat's contributions to FOSS and being both technically and politically stable led to many technologies being built around red hat. But the only reason that this ecosystem exists is because of Red Hat's reputation of stability and openness, which they have slowly destroyed over the past few years. And I do think that this will eventually lead to lost revenue.

[–] SquiffSquiff 3 points 1 year ago

I think the way this question is framed (i.e. by RedHat) is poisoned- it comes across as 'Linux is a collection of distributions produced by different organisations. Some of these are 'worthy' but some of them are 'only rebuilders''. Whilst I do get the whole 'rebuild from RHEL package sources' thing, it's worth pointing out that all Linux distros are 'rebuilds' to some extent, e.g. in RedHat's case:

  • YUM came from Yellowdog Linux
  • Gnome from the Gnome organisation
  • SystemD from Lennart Poettering & co
  • the Kernel from Kernel.org
  • OpenSSH from Open BSD
  • X from xorg/Wayland
  • GCC etc From Gnu org

etc.

Consider that we don't have this sort of conversation about Debian/Ubuntu/Mint/Kali etc. In many cases, e.g. Jeff Geerling, the 'rebuilders' are arguably driving support and sales for RHEL far more than any 'freeloading', just like RedHat themselves. It's a community and RedHat trying to turn their distro into a closed-source offering doesn't change that or reframe the argument.

[–] [email protected] 2 points 1 year ago (2 children)

Was Almalinux and Alpine charging customers for support in their builds?

[–] [email protected] 5 points 1 year ago

Alpine is completely separate by RHEL by a country mile (hell, it doesn't even use glibc). You're probably thinking of Rocky

[–] [email protected] 2 points 1 year ago (1 children)

I don't think Mike McGrath called out any specific company but if you look at that ycombinator link it looks like the 'offender' was Rocky Linux. That is purely speculation on my part.

[–] [email protected] 1 points 1 year ago

Well if thats the case thats really bad in my opinion , I might side with Redhat on this one.

[–] woelkchen 2 points 1 year ago (2 children)

I might be wrong but AFAIK the only other big company that's contributing to Fedora is Facebook/Meta. If Oracle etc. were also contributing to Fedora, my gut feeling is that Red Hat would not be so pissed about rebuilding RHEL because RHEL would also be benefiting from Oracle's Fedora contributions.

load more comments (2 replies)
[–] [email protected] 1 points 1 year ago (3 children)

The free as in freedom principle isn't violated. GPL stands. So why all the rage? People call RedHat IBMified, what the hell does it even mean? Has IBM done anything to the community?

Really there is no principle being defended. People's workflow isn't even impacted as it stands, they just have to figure out new paths going forward.

[–] [email protected] 8 points 1 year ago

Interesting points, but I'm not sure I agree with your last sentence. Clearly, users of the Rebuilds are going to be impacted and part of that impact is their workflow. They may have to switch distros or do some other juggling to continue forward.

[–] virr 5 points 1 year ago (2 children)

GPL explicitly states you can't have additional restrictions on redistributing the source. Arguably having a support contract that explicitly says you can redistribute the sources to GPL software seems problematic and a likely GPL violation. That is the problem.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

I'm not an expert on the GPL and I'll go out on a limb and assume you're not either. But it certainly seems like experts have weighed in and have said what Red Hat is doing is valid under the license: https://sfconservancy.org/blog/2023/jun/23/rhel-gpl-analysis/

[Edit: valid. Although I admit, like many others, I am uncomfortable from a 'spirit' of the license point of view.]

[–] virr 4 points 1 year ago

I read that same link and took it to mean maybe RedHat is violating the GPL. Only way to know for sure is to go to court, which involves risks to both sides. The more I've thought about it the more unsure I am.

I am uncomfortable with the direction they've taken and fear this will start up another round of open source license proliferation, but hope not. That has never been helpful for open source and only served to make business hesitant to use it.

[–] [email protected] 2 points 1 year ago (2 children)

Did RedHat add that restriction? GPL requires source to be distributed along with binary, but the distributor can still decide who to distribute things to. If the only way to access binary is through being a paying customer, I don't see why RedHat can't say only paying customers can get access to source.

What's the GPL violation in that, or did I misunderstand RedHat's new policy?

[–] [email protected] 2 points 1 year ago (2 children)

So the issue comes as if you redistribute then you are effectively removed as a customer. Not directly a GPL violation but in kind of bad taste.

[–] [email protected] 2 points 1 year ago (1 children)

Did RedHat say that? This is a pretty problematic statement so I would really love to see the exact text in which they set their position.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Red Hat’s user interface agreements indicate that re-publishing sources acquired through the customer portal would be a violation of those agreements.

https://almalinux.org/blog/impact-of-rhel-changes/

[–] cybersandwich 1 points 1 year ago

Bad taste in the same way "rebuilders" copy and undercut the original. It's allowed with the GPL but its seriously bad taste.

[–] virr 2 points 1 year ago (1 children)

From GPL 2.0: https://www.gnu.org/licenses/old-licenses/lgpl-2.0.html

  1. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.

It has been reported that the support contract from RedHat says you can't redistribute the source you receive as part of being a paid customer and they reserve the right to cancel your support contract. The above says you can restrict someone's rights granted by the GPL. I'm not a lawyer, but lawyers who deal with open source say this might violate the GPL. I'll defer to them, but wish I had saved some of the links I've been reading.

[–] [email protected] 2 points 1 year ago (1 children)

It has been reported that the support contract from RedHat says you can’t redistribute the source you receive as part of being a paid customer and they reserve the right to cancel your support contract.

Where is the report? I mean yeh if that's what RedHat said then they have chosen the path of getting sued to oblivion, but that's not what the initial argument is about, and that's also not what Rocky's new path forward indicates. (https://www.phoronix.com/news/Rocky-Linux-RHEL-Source-Access)

[–] virr 2 points 1 year ago

I responded to only one part:

GPL stands

GPL might be violated with what they are doing, so people are pissed about it all and calling RedHat names. When IBM bought RedHat some people predicted doom, the end of open source, that RedHat is now destroyed, etc., etc. Probably some of is those same people coming back out and yelling "TOLD YOU SO!". They are just stirring the pot to make themselves feel better. The sky is not falling for open source, things are just changing. If the GPL is being violated it will be figured out and fixed, just might take awhile.

Unfortunately I didn't save the links, like I really wish I had. Alma, Rocky, and Lemmy posts have linked to them. I've been reading up on this since last week as it could affect my job and I'll need to provide my profession recommendations at some point. Right now my advice is to wait and see, but be prepared.

load more comments (1 replies)
[–] cybersandwich 1 points 1 year ago

This is really well said, and I think I agree with almost all of it.

I would love to hear your thoughts on how CentOS and that whole debacle play into this. I'm not super familiar with the details of how that went down, but iirc Redhat basically owned and operated that almost as a "farm-team" or proving grounds. Rocky and Alma only sprung up after Redhat unceremoniously killed CentOS (after CentOS offered a bomb ass distro with 10 years of support). The rebuilders were trying to fill a void that Redhat created. Part of me feels like Redhat created this problem in the first place but like I said I dont know a ton about it.

Maybe they felt the same way about CentOS, but since they owed it...why couldn't they have forced CentOS to participate in the bug reporting, feedback loop?

load more comments
view more: next ›