[openstack-dev] rtslib dependency for cinder is AGPL - thoughts?

Chuck Short chuck.short at canonical.com
Tue Mar 19 20:01:21 UTC 2013 

On 13-03-19 03:06 PM, Russell Bryant wrote:
> On 03/19/2013 02:56 PM, Sean Dague wrote:
>> On 03/19/2013 02:16 PM, Russell Bryant wrote:
>>> On 03/19/2013 01:54 PM, Russell Bryant wrote:
>>>> On 03/19/2013 01:31 PM, Mark McLoughlin wrote:
>> <snip>
>>>>> To be clear, I'm really not sure whether this is our policy either. I
>>>>> guess I always assumed it was, but that's based on nothing substantive.
>>>> So Sean, if you were doing a license review, was this the only (A)GPL
>>>> dependency you found (are there any GPL deps) ?
>>> For the record, I was speaking to Sean and neither of us know of any
>>> problematic Python dependencies in the Folsom release.  This would only
>>> apply to new dependencies introduced in the Grizzly timeframe.
>> The list of new dependencies for Grizzly that got are the following:
>>
>> jsonpointer                BSD-like    0.5
>> python-alembic            MIT    0.4.2
>> python-jsonpatch            BSD-like    0.10
>> python-openssl (pyOpenSSL)     Apache V2    0.13
>> python-rtslib                AGPL V3    2.1.fb27
>> python-stevedore            Apache V2    0.8
>>
>> All the others are fine and license compatible besides python-rtslib.
> Great, thanks.  So how about we do this:
>
> 1) Move cinder-rtstool to its own separate repo (rtstool).  This could
> be on stackforge for convenience, but it would not be an official
> OpenStack project.

Sure why dont we ask the cinder people how they want to handle this.

>
> 2) Remove rtslib from the requirements list of Cinder.  Don't list
> rtstool as a requirement.
How about we email the author of rtslib to re-license it to a more 
friendlier license and bump the version required by cinder?
> 3) Make sure Cinder can gracefully handle whether or not rtstool is
> present on the system.
Afaik rtstool is not enabled by default so this shouldnt be a problem.

> 4) The TC needs to work on clarifying license policy and ensuring that
> we have a process in place to make sure the policy is reviewed for each
> new dependency.
>
> 5) Cinder folks may want to consider targetd support in Havana.  It
> would be HTTP access to something (A)GPL licensed as opposed to having
> to execute something.  Executing something should still be fine though
> AFIAK, but IANAL.  :-)
>
chuck

More information about the OpenStack-dev mailing list