On 04/10/12 05:42, Sean Malloy wrote:
>> Is it sufficient to include those config files along with a pointer to
>> crosstool-ng in the platforms/rpi directory?
>
> Possibly, but I consider it shaky ground.
We have a few options, I suppose.
I could build my own toolchain using crosstool-ng and the config files
as posted on github. We'd be assured that we could archive the
packages used by crosstool in making these toolchains, and include the
licenses (which are all probably GPL). We could choose to package
someone else's ARM toolchain that has better licensing information
included. We could include no toolchain at all for RPi, and write up
directions for how to download the official ones from github.
I can see that all of these might have some merit from a
please-don't-sue-us standpoint, but I don't like any of them. The
purist in me says that we should use the exact toolchains supplied by
the RPi Foundation to build the kernel and packages for the RPi.
> I did just notice one problem with binary tar of the toolchain from
> github. It seems to be devoid of any license.
These binaries obtained from github print a copyright/license notice
when executed with --version:
[smalloy@dresden] 1 $ ./arm-bcm2708hardfp-linux-gnueabi-gcc --version
arm-bcm2708hardfp-linux-gnueabi-gcc (crosstool-NG 1.15.2) 4.7.1
20120402 (prerelease)
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
If that is not sufficient to satisfy the terms of the GPL, I could add
a LICENSE.TXT file detailing where and when we obtained these
binaries, and that they must be subject to the GPL, if not directly,
than as derivative works. Pointing the interested user to gnu.org
<http://gnu.org> for source seems reasonable to me. It is the
canonical site for all things GNU, and is unlikely to go anywhere
anytime soon.
I am no lawyer, thank God, but I believe that we have made a
good-faith effort to be very clear where we have obtained these
packages, and to include only free software, and comply with the GPL.
Please let me know if I should write up a LICENSE.TXT file for the
toolchains. If not, please let me know which alternative approach
will be acceptable, and I will make that happen.
Thanks again for the feedback.
-Sean
Hi Sean,
From a legal standpoint, if we host the binaries on the GPP, as the
distributor, we'd then need to make all sources that compose the binary
available.
I agree with your point regarding the official RPi toolchains. It's
better to use them unmodified, as even a seemingly innocent re-build
could change things. A rebuild certainly invalidates anytesting they've
done on the original binary. Another benefit of using the original is
that as the user is downloading directly from another site (not the
GPP), that site has the legal responsibility to supply the sources.
Given this, I think the best thing to do is to add a mechanism to LTIB
so that you can specify a direct download URL for the toolchain. The
main issue I can see for this is whether or not you will be prompted to
click through pages and agree to a license (what happens for the RPi
toolchain)? If there are click throughs, it would mean having to pass
control back to the user "some how".
I'm open to discussion here.
Regards, Stuart
_______________________________________________
LTIB home page: http://ltib.org
Ltib mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/ltib
