Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Or is being installable alongside a 100% free distro acceptable? Or...? My understanding was always that a distro had to be bootable to be listed. "Complete in themselves ...", and "self-hosting" both seem pretty clear to me. But you, or whomever, could always ask rms if you think there's an argument otherwise. I have no particular opinion personally. karl
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Ludovic Courtès said: > I’ve come up with a plan that will allow Guix to behave similarly [0]. Good good. :) I do have another question about how to apply the FSDG guidelines to Guix. Specifically in the Complete Distros section it mentions that "if using it requires further work or presupposes installing other software as well — then it doesn't belong in this list, even if it is free software." Guix is currently not bootable - you install it along with another distribution that is. Does this mean that Guix doesn't meet criteria until it is bootable? Or is being installable alongside a 100% free distro acceptable? Or...? I guess I'm not sure what the intention behind this part is. With Ludovic's change I think Guix would otherwise meet all of the criteria.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Sam Geeraerts skribis: > Op Sat, 14 Sep 2013 15:01:13 +0200 > schreef l...@gnu.org (Ludovic Courtès): > >> My understanding is that Debian-based distros provide the unmodified >> upstream source, with a debian/patches tree containing patches they >> apply. Do I get it right? > > For gNewSense we do as follows. If the software recommends non-free > software then 'apt-get source' will give you the unmodified upstream > source + a debian/patches tree with a fix to remove the reference. If > the upstream source contains blobs or non-free code then 'apt-get > source' will give you the upstream source without the troublesome bits > (+ a debian/patches tree if there are also issues like the former). Thanks for the explanation. I’ve come up with a plan that will allow Guix to behave similarly [0]. Ludo’. [0] https://lists.gnu.org/archive/html/guix-devel/2013-09/msg00137.html
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
"Jason Self" skribis: > Ludovic Courtès said: >> Yes, I understand this, but my question was more about how this occurs >> technically. >> >> My understanding is that Debian-based distros provide the unmodified >> upstream source, with a debian/patches tree containing patches they >> apply. Do I get it right? > > Ah, I see. In the case of, say, the Linux kernel it's not really > possible to provide the unmodified source code because that would mean > Trisquel would be distributing that non-free software. So, their > orig.tar.gz isn't the unmodified upstream source but rather the > deblobbed version. Yes, but we have Linux-Libre, which exists as a project of its own and handles all that for us anyway. Thanks, Ludo’.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
ôòøguix build --sourceôòù should be changed to return the result of applying that ôòøpatchôòù phase to the upstream tarball. WDYT? Sounds right. in that it provides the /complete/ build recipe that led to the binaryôòóôòücompleteôòý means that it includes build scripts, patches, compilers, libraries, etc., recursively. Very nice. Thanks, k
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Ludovic Courtès said: > Yes, I understand this, but my question was more about how this occurs > technically. > > My understanding is that Debian-based distros provide the unmodified > upstream source, with a debian/patches tree containing patches they > apply. Do I get it right? Ah, I see. In the case of, say, the Linux kernel it's not really possible to provide the unmodified source code because that would mean Trisquel would be distributing that non-free software. So, their orig.tar.gz isn't the unmodified upstream source but rather the deblobbed version.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Op Sat, 14 Sep 2013 15:01:13 +0200 schreef l...@gnu.org (Ludovic Courtès): > My understanding is that Debian-based distros provide the unmodified > upstream source, with a debian/patches tree containing patches they > apply. Do I get it right? For gNewSense we do as follows. If the software recommends non-free software then 'apt-get source' will give you the unmodified upstream source + a debian/patches tree with a fix to remove the reference. If the upstream source contains blobs or non-free code then 'apt-get source' will give you the upstream source without the troublesome bits (+ a debian/patches tree if there are also issues like the former).
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
"Jason Self" skribis: > Ludovic Courtès asked: >> But, what does "source code" mean here? Does it mean the source that's >> made available using the distro tools, such as 'apt-get source'? > > That's my understanding of it. OK. Again, I’d like to stress that Guix goes way further than this: any user can check the whole dependency chain, build scripts, and patches used to build a package. They can run build recipes locally, and assert that the binary they obtain matches the one distributed by hydra.gnu.org–as opposed to having to trust hydra.gnu.org. >> What kind of changes are these, typically? Are these changes to debian/ >> files (such as adding new patches), or are these changes outside of the >> debian/ directory? > > They run the gamut: [...] Yes, I understand this, but my question was more about how this occurs technically. My understanding is that Debian-based distros provide the unmodified upstream source, with a debian/patches tree containing patches they apply. Do I get it right? Thanks! Ludo’.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
k...@freefriends.org (Karl Berry) skribis: > So, do we want ‘guix build --source’ to return the already-patched, > FSDG-compliant source? > > It should return exactly the sources which actually got built -- which I > gather, though I'm not sure, is not necessarily the same as "unmodified > upstream"? Or rather, the most natural way for people to get sources > (e.g., using the same "channel" as the binaries they got) should result > in them getting the sources that got built to make those binaries. I agree that the current behavior of ‘guix build --source’ is unsatisfying. That it currently returns the unmodified upstream tarball is more a consequence of how things are implemented: during the build process, after the tarball is unpacked, a ‘patch’ phase is run (this is where distro-specific, fixes, and freedom-related changes are made.) ‘guix build --source’ should be changed to return the result of applying that ‘patch’ phase to the upstream tarball. WDYT? > That's the whole requirement of distributing the binaries under the GPL, > after all. Not related to FSDG specifically. I know you know this, so > I'm rather puzzled by what's going on. As I explained during my GHM talk, Guix furthers the spirit of the GPL in that it provides the /complete/ build recipe that led to the binary–“complete” means that it includes build scripts, patches, compilers, libraries, etc., recursively. When users do ‘guix package --list-available’, they are given the file name of the recipe, which allows them to check precisely how things are patched and built. So I think the issue is really about how things are presented to the user. Part of the issue probably comes from the fact that Guix works differently than binary-only distros. Thanks for your feedback! Ludo’.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
So, do we want ôòøguix build --sourceôòù to return the already-patched, FSDG-compliant source? It should return exactly the sources which actually got built -- which I gather, though I'm not sure, is not necessarily the same as "unmodified upstream"? Or rather, the most natural way for people to get sources (e.g., using the same "channel" as the binaries they got) should result in them getting the sources that got built to make those binaries. That's the whole requirement of distributing the binaries under the GPL, after all. Not related to FSDG specifically. I know you know this, so I'm rather puzzled by what's going on. karl
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Ludovic Courtès asked: > But, what does "source code" mean here? Does it mean the source that's > made available using the distro tools, such as 'apt-get source'? That's my understanding of it. > What kind of changes are these, typically? Are these changes to debian/ > files (such as adding new patches), or are these changes outside of the > debian/ directory? They run the gamut: Some are branding, some are freedom-related, some are privacy-related. So, whenever the Trisquel developers want to modify a package coming from Ubuntu (for any reason), a Helper is usually made so that the work can be automated and only needs touching if the Helper fails for some reason. Even that can be limited to modifying the Helper and then re-running the package import process. Some examples are changing the default settings in their browser (a modified version of Firefox called A Browser to get around Mozilla's trademark problems) so that it sends the Do Not Track header by default, or ripping out the non-free software out of the kernel (Ubuntu adds more non-free stuff to what already comes from kernel.org so the kernel helper makes use of a modified version of the Linux-libre deblob script to handle the Ubuntu-specific additions), to removing a menu option in VirtualBox that's used to install non-free drivers etc. The debian directory also needs modifying sometimes, like when renaming packages (Firefox to A Browser for example) or when changes might be needed in other cases. > 'guix build --source' [0], which is really a developer's tool Although could be used by anyone. > So, do we want ‘guix build --source’ to return the already-patched, > FSDG-compliant source? Hopefully others will weigh in but that is my understanding. Exactly how that happens can be a distro-specific decision, I think.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
"Jason Self" skribis: > Ludovic Courtès said: >> I'm reluctant because of the technical and administrative burden it >> entails > > I suppose another option is to leave out problematic packages > entirely. Otherwise, welcome to the world of being an FSF-endorsed > distro. :) Well the FSDG don’t go this far, or least not at this level of detail. >> Besides, our package meta-data would probably still refer to the >> "real" home page of the package, from which it's trivial to get the >> unmodified tarball. > > I think the question isn't whether or not the users of a distro can > leave their distro's infrastructure and install non-free or other > programs on their own. Rather, it seems more a question of if the > programs that the users finds through the distro are themselves > FSDG-compliant [0]. The user interface for Guix is the ‘guix package’ command. That command will only ever give you FSDG-compliant packages. What we’re really talking about it here is *how* it gives those packages. > I agree with what Sam said regarding Parabola back in 2011 [1] that: > >> Consider that the software is really the source code and that the >> binaries are just the usable machine-readable form of it. Both >> source code and binaries should be free (the latter follows from the >> former if all is well). Of course, I can only agree with that. But, what does “source code” mean here? Does it mean the source that’s made available using the distro tools, such as ‘apt-get source’? [...] > Ludovic Courtès said: > >> we'd need an out-of-band mechanism to maintain patches/scripts, said >> patches/scripts would have to be reviewed separately, contributors >> would need to have the necessary credentials to upload patched >> tarballs, etc. > > I think some of this can be automated and minimized. Trisquel, for > example, uses what they call Helpers [2]. As new versions are pulled > in from Ubuntu the corresponding package helper is run, if one exists > for that package. That helper is responsible for making any changes > that are needed to the source code and repackaging it before it is > moved into the Trisquel repositories to be compiled. In this way the > users of the distro always have access to FSDG-compliant source code > packages. OK, interesting. What kind of changes are these, typically? Are these changes to debian/ files (such as adding new patches), or are these changes outside of the debian/ directory? > Is there some automated method in which Guix checks for new versions > from upstream? Yes, but limited to GNU packages ATM: http://www.gnu.org/software/guix/manual/guix.html#Invoking-guix-refresh > Perhaps this could be extended such that, for certain programs, > they're run through some script to clean them up in a similiar > automated fashion to Trisquel? The gnupload script [3] could then be > used to upload them to, say, the GNU FTP server? (Perhaps in the > non-gnu area?) In this way the process that checks for new versions > handles the actual work. People contributing to Guix only need access > to the version control system to maintain the "helper" for that > program. Right, possibly. Food for thought... I think what should be clarified is what we want to achieve exactly. Currently, users can only install FSDG-compliant software. However, ‘guix build --source’ [0], which is really a developer’s tool, returns the unmodified upstream version. So, do we want ‘guix build --source’ to return the already-patched, FSDG-compliant source? Or do we want to go further, and where? Thanks for your input! Ludo’. [0] http://www.gnu.org/software/guix/manual/guix.html#Invoking-guix-build
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Ludovic Courtès said: > I'm reluctant because of the technical and administrative burden it > entails I suppose another option is to leave out problematic packages entirely. Otherwise, welcome to the world of being an FSF-endorsed distro. :) > Besides, our package meta-data would probably still refer to the > "real" home page of the package, from which it's trivial to get the > unmodified tarball. I think the question isn't whether or not the users of a distro can leave their distro's infrastructure and install non-free or other programs on their own. Rather, it seems more a question of if the programs that the users finds through the distro are themselves FSDG-compliant [0]. I agree with what Sam said regarding Parabola back in 2011 [1] that: > Consider that the software is really the source code and that the > binaries are just the usable machine-readable form of it. Both > source code and binaries should be free (the latter follows from the > former if all is well). ... > providing non-free software + user executable freedom patch is not > what a free distro should be doing, IMO. Ludovic Courtès said: > we'd need an out-of-band mechanism to maintain patches/scripts, said > patches/scripts would have to be reviewed separately, contributors > would need to have the necessary credentials to upload patched > tarballs, etc. I think some of this can be automated and minimized. Trisquel, for example, uses what they call Helpers [2]. As new versions are pulled in from Ubuntu the corresponding package helper is run, if one exists for that package. That helper is responsible for making any changes that are needed to the source code and repackaging it before it is moved into the Trisquel repositories to be compiled. In this way the users of the distro always have access to FSDG-compliant source code packages. Is there some automated method in which Guix checks for new versions from upstream? Perhaps this could be extended such that, for certain programs, they're run through some script to clean them up in a similiar automated fashion to Trisquel? The gnupload script [3] could then be used to upload them to, say, the GNU FTP server? (Perhaps in the non-gnu area?) In this way the process that checks for new versions handles the actual work. People contributing to Guix only need access to the version control system to maintain the "helper" for that program. [0] http://www.gnu.org/distros/free-system-distribution-guidelines.html [1] http://lists.nongnu.org/archive/html/gnu-linux-libre/2011-01/msg00045.html [2] https://trisquel.info/en/wiki/package-helpers\ [3] http://git.savannah.gnu.org/cgit/gnulib.git/tree/build-aux/gnupload
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Sam Geeraerts skribis: > Op Wed, 11 Sep 2013 14:05:35 +0200 > schreef l...@gnu.org (Ludovic Courtès): [...] >> The distro obviously contains only free software, and it follows the >> FSF free system distribution guidelines [2]; it is not based on any >> existing distribution. Package contributors perform a license and >> copyright check on the packages they add. Package meta-data records >> the license of each package [3]; we do not keep track of copyright >> notices on a per-file basis like Debian’s copyright files do. > > Note that some packages may contain non-free files (e.g. [a]), > regardless of the license of the whole. There are also freedom issues > that are unrelated to the license of the code, e.g. encouraging the use > of non-free software [b]. I see that your packaging guidelines mention > these issues, but I thought I'd mention it anyway. Sure. Our build recipes remove problematic files, and would likewise patch non-free software recommendations (though the latter hasn’t occurred yet.) Guix has one specificity, which is that by default users get pre-built binaries from hydra.gnu.org, but they can also choose to build things locally. In the latter case, as Jason mentions, Guix downloads the source tarball from upstream, and the actual patching occurs as an early stage of the build process. Jason suggests hosting pre-patched source tarballs of problematic packages, and referring to those rather than to upstream’s. I’m reluctant because of the technical and administrative burden it entails: we’d need an out-of-band mechanism to maintain patches/scripts, said patches/scripts would have to be reviewed separately, contributors would need to have the necessary credentials to upload patched tarballs, etc. (Besides, our package meta-data would probably still refer to the “real” home page of the package, from which it’s trivial to get the unmodified tarball.) What do people think? Thanks, Ludo’.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Sam Geeraerts said: > Note that some packages may contain non-free files (e.g. [a]), > regardless of the license of the whole. There are also freedom issues > that are unrelated to the license of the code, e.g. encouraging the use > of non-free software [b]. I see that your packaging guidelines mention > these issues, but I thought I'd mention it anyway. My understanding is that package source code is obtained directly from the developers, whether that's ftp.gnu.org or Sourceforge or whatever. In the cases Sam mentions it seems that there will need to be a way to host modified versions of such problematic programs somewhere with the necessary changes already made. In this way people that use the Guix package manager to compile & install from source don't end up downloading the problematic source code. hydra.gnu.org could even use that location to build those program from if needed.
Re: [GNU-linux-libre] Recognizing the GNU system as a free distro
Op Wed, 11 Sep 2013 14:05:35 +0200 schreef l...@gnu.org (Ludovic Courtès): > The GNU Guix project [0] is about producing (1) a package manager for > the GNU system, and (2) a distribution of the GNU system (currently on > top of Linux-Libre). We would like the distribution to be officially > recognized as an offspring of the fully free distro family. ;-) Looks pretty cool. > The distro obviously contains only free software, and it follows the > FSF free system distribution guidelines [2]; it is not based on any > existing distribution. Package contributors perform a license and > copyright check on the packages they add. Package meta-data records > the license of each package [3]; we do not keep track of copyright > notices on a per-file basis like Debian’s copyright files do. Note that some packages may contain non-free files (e.g. [a]), regardless of the license of the whole. There are also freedom issues that are unrelated to the license of the code, e.g. encouraging the use of non-free software [b]. I see that your packaging guidelines mention these issues, but I thought I'd mention it anyway. [a] http://libreplanet.org/wiki/NONFSDG#sharand [b] http://libreplanet.org/wiki/NONFSDG#XChat
[GNU-linux-libre] Recognizing the GNU system as a free distro
Hello, The GNU Guix project [0] is about producing (1) a package manager for the GNU system, and (2) a distribution of the GNU system (currently on top of Linux-Libre). We would like the distribution to be officially recognized as an offspring of the fully free distro family. ;-) Part (1) is essentially done. Part (2) is on its way: the distro contains only ~500 packages currently. It is self-contained, in that it doesn’t depend on external tools or binaries to build its packages [1]. However, it is not bootable yet, so it can only be used atop a running GNU/Linux system. (There’s on-going work to reach the point where we can boot directly into it.) The distro obviously contains only free software, and it follows the FSF free system distribution guidelines [2]; it is not based on any existing distribution. Package contributors perform a license and copyright check on the packages they add. Package meta-data records the license of each package [3]; we do not keep track of copyright notices on a per-file basis like Debian’s copyright files do. So that’s it. We are interested in feedback on freedom-related issues, so please let us know what you think, as ask us any questions you may have, preferably via guix-de...@gnu.org. Thanks, Ludo’. [0] http://www.gnu.org/software/guix/ [1] http://www.gnu.org/software/guix/manual/guix.html#Bootstrapping [2] http://www.gnu.org/software/guix/manual/guix.html#Packaging-Guidelines [3] http://www.gnu.org/software/guix/manual/guix.html#Defining-Packages pgpHhCzgXbAXp.pgp Description: PGP signature
