Open Stack

On 2016-11-01 12:29:27 -0500 (-0500), Sean McGinnis wrote:
[...]
> Is importing proprietary libs really a legal issue? If it happens at
> runtime based on how the user configured the system, and they have
> whatever licensing rights _they_ need to use that library/CLI, I
> don't see an issue with that.

As I understand it (not a lawyer!) the legal issue is on our end
distributing a driver that is designed to import and make calls into
some library which has incompatible licensing (even if we don't
redistribute that library), as it becomes a derivative work of that
library and is therefore contaminated by its license.

There are those who disagree with this copyright position (and who
might similarly disagree that an linking a non-GPL-compatible
library in a GPL'd C application is similarly fine to distribute),
but I would be surprised if we as a community could get consensus
that it's a legally safe position to take on the issue. Further, we
are pretty explicit in our technical governance documents as to what
licenses are acceptable for dependencies of OpenStack services, and
to a great extent this is informed by whether it's _legal_ for us or
others to distribute software that imports and calls into libraries
even if we don't "depend" on them in a strict sense.

Command line interfaces are for the most part, I gather, not subject
to the same issues (for reasons that frankly seem a little absurd to
me). I'm going to refrain from citing sources here because we're
already wandering into territory that's better handled on the
legal-discuss@ ML.
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20161101/2e256c2e/attachment.pgp>