When it's plainly outlined like that it seems that the freedom problems in Docker are the same ones encountered with GNU/Linux distributions that have proprietary packages in their package repositories and have those available by default.
Docker itself and additional software are licensed under the Apache 2.0 license. The Docker Hub which stores both proprietary and free/libre packages is not free software but the underlying repository hosting/storage software is licensed under the Apache 2.0. That means we can do what F-Droid and what free/libre repos for Ubuntu/Debian are doing and provide an alternative repository that only hosts free/libre application containers. The biggest issue is that the default repository is set to Docker Hub which contains both free and non-free application containers (which can be seen here: https://github.com/docker/docker/blob/master/registry/config.go#L54) They do provide some instructions on using alternative repositories: https://docs.docker.com/engine/reference/commandline/pull/#pulling-from-a-different-registry Docker Inc. pushes their own trusted registry which has to be paid for with their instructions here: https://docs.docker.com/docker-trusted-registry/overview/ But they do state that their trusted registry and Docker Hub are both built on the Apache 2.0-licensed "distribution" code base: https://github.com/docker/distribution The system that does the packaging is Apache 2.0 licensed; GNU Guix is a better approach though but that's neither here nor there. -rudolf On Sun, Apr 24, 2016 at 5:24 AM Richard Stallman <r...@gnu.org> wrote: > > this is the repository > > https://hub.docker.com/ > > When you want to run container > > > you must type docker run The container in you want to run > > docker will Download the container from the repository and run it > > That means there are three different ethical issues: > > * The system that does the packaging. > > * What it puts into a container (aside from the program > you want to package). Of course, if you package a nonfree > program, the container will not be free. But suppose > you package a free program: is the container free? > > * The repository where it stores containers. > You've just said it contains nonfree containers. > > Also how are these related? > > 1. Do they distribute a program with which you can do > packaging on your own computer? If so, is it free? > (I expect it probably is, but I don't actually know.) > > Or does packaging work as SaaSS ? See > http://gnu.org/philosophy/who-does-that-server-really-serve.html. > > 2. To run a container, are you compelled to run it from > their repository? Or is their repository merely one way > that containers can be distributed? > > Thus, I wonder exactly what this means: > > > you must type docker run The container in you want to run > > docker will Download the container from the repository and run it > > When you say "must", is this the ONLY way to run a container, > downloaded straight from the repository? That method of distributing > them and running them is bad, because (1) if the repository contains > nonfree containers, we don't want to link to it, and (2) when users > run any program straight off someone else's server without the step of > deciding which package to install, that suppresses development and > release of other versions, and modification by the user. > > -- > Dr Richard Stallman > President, Free Software Foundation (gnu.org, fsf.org) > Internet Hall-of-Famer (internethalloffame.org) > Skype: No way! See stallman.org/skype.html. > > >
