I'm surprised at all of the drama surrounding Red Hat's decisions. Red Hat is a for-profit company and not a charity. They (Red Hat) don't make any claims of offering RHEL for free to the whole world. If you want that, Canonical's Ubuntu may be a better option for you. Am I missing something?
I don't think the author is expecting charitable behavior: it's more that Red Hat was deriving extraordinary amounts of value from his work, and was (partially) compensating for that by making his (and others') support for RHEL easier by providing them will access to RHEL.
In other words: Red Hat's behavior here is almost certainly going to make end-level support for their OS worse, not better, all for a tiny slice of their non-paying install base.
The sign-up path isn’t clear: When I signed up, it took a day for all the parts of Red Hat’s infrastructure to become aware of me. That delay wasn’t made clear at the time.
It expires every 12 months, and you have to take action to renew it, again with a not-very-clear path. It’s not possible to renew early (at least, I didn’t see how).
It adds extra friction: You don’t get a custom ISO or the like. Instead, you have to register your system during installation. It’s an extra step you don’t have to take.
There’s a subscriber agreement you must agree to, which not everyone wants to do.
I mean, they’re within their right to pull support, but people are equally within their right to point out how that is shooting themselves and the RHEL communities in the foot.
This. What a good opportunity to compare: the (GitOps!) packaging workflows, build server security, software supply chain integrity controls, issue tracking / triage, wiki, documentation, kernel patching, cloud fuzzing / integration testing, and baseline MAC and DAC policies of the stable kernel patchset OSes within budget for schools, hobbyists, after workers, and corporations who can and for some services maybe should afford an SLA.
On worthwhile investments of time differentiating our offering in InfoSec and Operating Systems,
FWIU (RH) OpenShift (and MicroShift) does k8s containers most correctly in terms of separate SELinux contexts per container, which we should probably have for browser tabs, too. Do (a) browsers, (b) Cloudflare Runners, and (c) Docker WASM runtimes run WASM tasks without container-like process isolation; all as the same user and cgroup and context?
It's pretty sad. Red Hat should be optimizing for "maximum number of dollars over 10 years", not "maximum control over RHEL-compatible distribution". The second goal leads to more support for their competitors, and ultimately less people buying Red Hat subscriptions.
Anecdotally, we'll have to support more Linux varieties instead of comfortably mandating RHEL-compatible.
It would also still go in the other direction as well would it not? Meaning contributions via paid Red Hat devs would still benefit the wider Linux community, even as they close off the free forked versions.
I'm not sure exactly how much Red Hat contributes to Linux though but if I remember correctly it's quite a bit. Maybe Red Hat making more $$ = more devs. Or maybe this is just a net negative for the ecosystem code-wise (as opposed to just hurting the current users of the forked OSes) as it pushes more devs/software away from a very popular 'platform', reducing exposure, free online support on forums, testing, etc.
If they sold for profit and started putting their changes behind a paywall, that would be terrible. But they're just benefiting from Red Hat the same way that Red Hat benefits from upstream Linux. Red Hat is the one misbehaving here.
i've been a long time lurker, non-commentator, oops. i just do most of my work on cent/rhel/rocky/oracle and i felt comfortable enough to join and comment for once
In what way is Red Hat not abiding by the license? My understanding is that Red Hat is making the source code available to their users via their customer portal. I don't think that they have an obligation to make their source code available to non-users.
They have an obligation under the GPL to allow end users to redistribute. Terminating the subscriber agreement for redistribution is punishing the user for exercising his right granted to him by the GPL.
End users are allowed to redistribute the source they received from Red Hat at their hearts content. What Red Hat is terminating, from my understanding, is the future access to new binaries and sources due to the service contract becoming void.
Your server will keep running, you'll have the sources for all the server's binaries, but no more support.
Red Hat is a huge contributor to Linux. They also are responsible for making it a trusted OS for people coming off traditional Unix in the 90s. They aren’t doing anything on the backs of others.
Perhaps the reaction has something to do with a product for which the USP is reliability and stability changing the terms on which the product is available very suddenly and without warning twice in the last few years?
The clones did contribute mind share to RHEL. That will now be lost. We don't know what the consequences of that will be.
PS: I think people should support Debian. A non-profit project with clear charitable status in many jurisdictions and a fully public development process. No sudden shifts if you use stable in production (or even oldstable).
That cuts both ways; RH doesn't owe anyone free (gratis) software, but they're also not entitled to good will or free work/contributions. Or users or customers, for that matter.
They've also been doing shady shit again recently. For instance, adding advertisements for their products to existing cli tools.
I haven't been tracking SUSE for a few years now, but they're they're not doing shady shit? Hopefully there's at least one good option in commercial-linux-land. ;)
The wording was along the lines of "There are security updates for package XYZ. If you join <something> (maybe its Ubuntu Pro like you mention?) you'd have access to them."
That's not really a message that should be showing up on a box running 20.04 LTS, which is years before its EOL date.
Yeah, I saw it too.. we used a precursor to Ubuntu Pro so I'm sure my message was less obnoxious.
I think they're also offering patches for some commonly installed third-party stuff like nodejs via Ubuntu Pro.
I actually quite like Ubuntu Pro for the fact I can send a developer a laptop and know that there's 24/7 support from Canonical. I was a little dubious at how good they'd be, but they were able to diagnose the problem and provide a fix.
> I think they're also offering patches for some commonly installed third-party stuff like nodejs via Ubuntu Pro.
Yeah. That rubs me the wrong way. Like, they're clearly entitled to pay developers money for whatever they want.
However, they're paying developers to develop patches they're not sharing back with their upstream in a timely fashion:
1. Without those patches going through the upstream channel(s), there's no real mechanism to push back on patches and aren't good enough (for whatever reason)
2. It feels like they're taking advantage of the rest of the OSS ecosystem that is writing software / developing fixes and providing them in a timely fashion
The point is that this is a stupid decision. It will turn people off Red Hat, and at the same time it’s incredibly annoying and inconvenient for a large number of Rocky/Alma/etc users.
Most likely yes. Can't speak for other organizations but the one I work for licenses RHEL on our critical servers and uses CentOS/Alma on all non-critical infrastructure. Obviously the reason that is done is because it's easy to support what's essentially a single OS. With this new change, if Alma/Rocky go away we'll be looking at either Suse or Ubuntu most likely and RHEL will go away completely to be replaced with the licensed equivalents of Suse or Ubuntu so that we only need to support a single OS.
OpenSuse LEAP is 100% binary compatible with SLES. You can build an entire dev environment with LEAP, clone it and run a script to make it SLES.
Ubuntu is pushing snaps to hard IMHO. Suse is moving towards immutable OS with flatpacks, but doing so in a much more responsible manner that is not trying to lock down the ecosystem.
Not directly but it might cause some upstream vendors and projects to rethink weather they want to recommend Red Hat as preferred platform and if the hosting vendors turn off the Red Hat clones that's going to ripple back to Red Hat, as a lot of corporate linux users will gravitate to the distro that's recommended by the application vendors.
Part of how canonical challenged Red Hat is that they deliberately made it really easy for a developer to run Ubuntu on their workstation and test environments.
No, it won't unless the customer is also using upstream stuff elsewhere. But it will close an avenue of new customer acquisition. Can't say how often, but it happened that someone needed support for an upstream software (which is a big no-no) and ended up buying a downstream license.
The issue here is the GPL and what does it provide, freedom wise , for a system that is built of other contributors who also released their work under the GPL. It is a bit funny to me that red hat wants to kill off clones of their os and plenty of people think this is ok and seeing it as freeloading because red hat gives back which I would say they may be required based on the GPL and their business model. Could the Linux foundation move to subscription base and charge red hat based on they also give back and suddenly require subscriptions? This though isn’t the first time I have seen the same story so I am less worried. I remember red hat initially moving to their enterprise release and there was quite a few months of unknown what people would do after rh9 - I suspect this will also work itself out. If red hat wants to be more closed source they should build off of FreeBSD or something that can be less opened.
Genuine question (I'm not intimately familiar with all the terms of the GPL) -- does the GPL require you to release the source code to anyone and everyone (even non-customers)?
No but it gives every customer the right to redistribute the sourcecode to software they bought if that code is covered by the GPL under the same terms as RedHat got from their upstream.
It looks like RedHat might be trying to avoid that clause by threatening to stop selling any software to people who might use that part of the GPL.
] if you are redistributing copies of free software, you might as well charge a substantial fee and make some money. Redistributing free software is a good and legitimate activity; if you do it, you might as well make a profit from it. ...
] Except for one special situation, the GNU General Public License (GNU GPL) has no requirements about how much you can charge for distributing a copy of free software. You can charge nothing, a penny, a dollar, or a billion dollars. It's up to you, and the marketplace, ...
That's why the linked-to essays says "Technically, the GPL allows [a paywall]" from the text.
No they only have to offer source code to users of their software. In order to use their software you have to buy a license. They have been giving it away for years but are not obligated to. When GNU first came out they sold their source code for thousands of dollars and this is the format GPL was written to enforce.
No, anyone can definitely email them and ask for the code. If they refuse then thats a GPL violation and the copyright owner can sue them. The Software Freedom Conservancy are also working on a case using the legal theory that downstream recipients of GPLed code are third-party beneficiaries of the GPL agreement between the copyright holder and the redistributor, and as such, they are entitled to the source code and can sue for it. Hopefully they win, send them some donations towards legal costs if you want to help out.
> No, anyone can definitely email them and ask for the code. If they refuse then thats a GPL violation and the copyright owner can sue them.
Curious; I was quite sure that only recipients of binaries (basically, users of the program) were entitled to get source code, but the relevant part of the GPLv2 (https://www.gnu.org/licenses/old-licenses/gpl-2.0.html) at least looks like:
3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)
which does indeed seem to suggest that if you're not preemptively shipping source to customers along with the binaries then "any third party" can ask for the code. Which is interesting context here; it would be interesting to hear an actual lawyer's reading of the situation, because that feels like such a big difference that it should have come up already.
You could run the things on CentOS just fine, but when you had need 'a supported solution' you just bought RHEL and did all the same things, just against 'a supportrd solution' and RH got their money.
I'm asking this non-facetiously: Is there a wikipedia page or a written record of all the people/corps who've been taken to task in court over a GPL violation, or a large company such as IBM? If yes, was the penalty commensurate?
It is incomplete however. For example, there was a long-running lawsuit against VMware that was never resolved. [1] Was sort of an odd case and pretty much no one else in the industry wanted to go near it.
