Governance with FOSSology and FOSSBazaar: Rights and Licensing
At CeBIT Open Source 2009 Martin Michlmayr, past Debian project lead, presented his current projects FOSSology and FOSSBazaar, and spoke about the role his employer Hewlett-Packard is giving him in the governance project and how the FOSSBazaar work group is organized within the Linux Foundation.
Britta Wülfing of Linux Magazine Online interviewed Michlmayr after his talk to find out more about his work at the Open Source Initiative (OSI) and the European Union Public License (EUPL). Here are the results of that conversation.
LMO: To whom is FOSSBazaar targeted?
Michlmayr: FOSSBazaar is clearly enterprise-oriented, not necessarily directed at technologists, but more to managers, lawmakers, procurement officers. With this project we want to cover thematically the entire bandwidth of Linux and Open Source.
LMO: What interest does HP have in it?
Michlmayr: HP has to do this work anyway with all its products and programs. It has to be clear for each software what licenses and rights are attached to it, how they are to be maintained and supported. We have to do it, everyone has to do it. Why not together then?
LMO: There are already several projects concerned with this topic, for example the Freedom Task Force of the Free Software Foundation or Harald Welte with gpl-violoations.org . Are there differences or do you work together?
Michlmayr: Yes, we're working together on certain levels. We have intensive discussions on mailing lists, and we're providing seminars together with the French INRIA [National Institute for Research in Computer Science and Control] research institute.
LMO: How is the project adopted by enterprises?
Michlmayr: We're working with a platform that everyone can access. Truthfully many enterprises apparently have a problem in openly talking or writing about licensing and rights. That requires some convincing on our part.
LMO: The term "governance" might be considered a body of rules and standards, which seems somewhat unwieldy. Isn't it a bit daunting for smaller and middle sized enterprises?
Michlmayr: That's a hard one. We don't want to instill any FUD on anyone, but simply clarify. Of course some examples present some problems, such as when a single software includes dozens of Open Source licenses. We'd rather like to collect examples of how many projects actually include only one license.
LMO: The plethora of licenses is always a hot topic in the OSI, where you're also active. There's been a suggestion to limit things to three licenses. What's your take on this?
Michlmayr: Whether to limit things realistically to three licenses is a good question. But I feel that everyone involved in this is agreed certainly on limiting them. That's why careful thought is given to new licenses and if they should be distributed. There are obviously vanity factors involved when a license happens to bear the name of its issuer. But one new license is bound to be of true value in the near future: the EUPL [European Union Public License]. For the first time we'd have a license available in all European languages and valid everywhere, that is, all translations have been legally scrutinized. Also of practical value is that EUPL code can be converted to GPL code.
LMO: When can we expect to see OSI approval of the EUPL?
Michlmayr: We can't give an exact date, but it's bound to happen soon.
The bug was introduced back in 2009 and has been lurking around all this time.
The new release deprecates the sshd_config UsePrivilegeSeparation option.
Lives on as a community project
Five new systems join Dell XPS 13 Developer Edition that come with Ubuntu pre-installed.
The Skype Linux client now has almost the same capabilities that it enjoys on other platforms.
At CeBIT 2017, OpenStack Day will offer a wide range of lectures and discussions.
A major setback for the Linux desktop.
Improved support for GPU in virtualization.
News site for the openSUSE community falls victim to a Wordpress exploit.
The source code is available online.