Ian, thank you for taking the time to give us valuable advice.
We have already been in touch with our lawyer to check the circumstances of our
actual application code, which also makes use of open-source software
components, libraries, servers, etc. By now, I think it makes sense to also
involve them explicitly regarding the Debian distribution. I just want to make
sure that we're asking the right questions.
We understand that you give advice on a good will basis - and we appreciate
that. We also understand that asking educated people on a mailing list is not a
substitute for getting specialized legal counsel.
Thanks, once more.
Mit freundlichen Grüßen / Kind regards
Clemens Renner
System Architect
Dairy Health and Farm Management
BU Dairy Farm Equipment
GEA Farm Technologies GmbH
GEA Farm Technologies
Tel. +49 2383 937-298, Fax +49 2383 938-298
clemens.ren...@gea.com
www.gea.com
-Ursprüngliche Nachricht-
Von: Ian Jackson [mailto:ijack...@chiark.greenend.org.uk]
Gesendet: Montag, 28. Juli 2014 19:17
An: Renner, Clemens
Cc: debian-legal@lists.debian.org; Schiefer, Werner
Betreff: Re: Use of Debian Linux as basis of commercially dsitributed appliance
box
Renner, Clemens writes (Use of Debian Linux as basis of commercially
dsitributed appliance box):
--- 8 ---
We like Debian and want to use it as the underlying OS for building an
appliance box for our customers (one of the keywords seems to be vertical
market).
Do we need to take special care to comply with the Licenses involved in the
standard Debian distribution, i.e. Kernel and main (as in not contrib,
non-free) packages?
--- 8 ---
There are a number of other concerns which might be relevant. Here is a
non-exhaustive list:
You should make sure that you are able to know exactly which source code was
used to make any specific binary, and identify that for the users, so that the
users are able to download the actual corresponding source code for the
binaries in the applicance.
You need to include your image build systems in the source code.
The above two principles mean that your builds should be automated and
reproducible, not some kind of ad-hoc thing thrown together from the command
line by your `build person'.
You should NOT take any measures to stop users from running modified versions
of the software on these applicances. For example, cryptographic signatures
checked by the bootloader which prevent the user from installing their own
version.
You need to permit users to reverse-engineer the system.
If any of the above are problems for you, then you will need to avoid some or
all of the software in Debian; we don't check the licence for suitability for
activities which don't conform to these (and various
other) principles.
Also the exact scope of the applicability of these principles may depend on the
particular licence of the package; some or all of the free software principles
may apply to even some or all non-free parts of your system.
I think you should perhaps consult some laywers. I'm sure the Software Freedom
Law Centre will be able to recommend someone.
Note that contributors to Debian (which includes me, and the others who have
replied) do not intend to take responsibility for your use of the software; we
check the licences for our own purposes and to serve our own principles. If
your business it at stake we won't be held legally responsible for any mistakes
or misunderstandings.
Regards,
Ian.
--
To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/d9980d6adb62bd4e830067ea90803e19aec92...@sv42080oel6022.emea.corp.geaag.com
