Bug 178162
| Summary: | Review Request: libgeotiff | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Shawn McCann <mccann0011> |
| Component: | Package Review | Assignee: | Balint Cristian <cbalint> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Package Reviews List <fedora-package-review> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | cbalint, che666, joost.soeterbroek, lemenkov, mtasaka, pertusus, tcallawa |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-07-23 15:36:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 201449 | ||
|
Description
Shawn McCann
2006-01-18 05:15:49 UTC
Correction to above URL: SPRPM Name or URL: http://www.canasoft.ca/fedora/libgeotiff-1.2.2-2.src.rpm Hmm, I vaguely recall the discussion on this package ;)
Packaging-wise, the package seems fine to me, but I am having concerns on some
details:
1. package's licensing:
1.1 The %description reads:
"... public domain library ...".
libgeotiff definitely is not a "public domain" library: Its sources come under
different "open" licenses. (cf. the file LICENSE inside of the tarball).
1.2 LICENSE contains this:
<citation>
The EPSG Tables (from which the CSV files, and .inc files are derived)
carried this statement on use of the data (from the EPSG web site):
Use of the Data
The user assumes the entire risk as to the accuracy and the use of this
data. The data may be copied and distributed subject to the following
conditions:
...
3.The data may not be distributed for profit by any third party; and
4.The original source [EPSG] must be acknowledged.
</citation>
IANAL, but this (esp. point 3.) seems problematic wrt. inclusion into FE to me.
I read it as: This package contains sources which qualify as for "non-commercial
use" only.
The question, I can't answer is: Does this license affect the library binaries?
2. /usr/include/geotiff/geo_config.h contains defines which typically are used
by autoconf/autoheader and are likely to conflict with autoheaders/autoconf when
trying to use geotiff in packages using autoconf-based configuration.
Thanks Ralf, valid comments. I don't know the answers off the top of my head but I can provide some further background. The purpose of this submission is to support GDAL (which is currently trying to get approved). GDAL includes an internal copy of libgeotiff. The debian folks don't have a separate libgeotiff package, they distribute GDAL with the internal libgeotiff. However, reading the Fedora guidelines, it appears that the preference is not to use "hidden" packages where possible - hence this submission. Note also that the proj package also uses the epsg data and is currently part of Extras. I assume the same issue will affect that package. Some more information. The current EPSG license info can be found at http://www.epsg.org/CurrentDB.html and contains the following additional note to clarify the use of the data in commercial / for profit applications: "With regard to (3) above, the data may be included within proprietary applications distributed on a commercial basis when the commerciality is based on application functionality and not on a value ascribed to the freely-distributed EPSG dataset." Note that the EPSG also acknowledges that this data forms part of the GeoTIFF specification on this page http://www.epsg.org/main.html Hi Shawn, I started to review this package and the first thing I noticed was a mismatch between the upstream libgeotiff-1.2.2.tar.gz file and the one provided by the SRPM. It seems that the actual contents of the two tar files are the same (zero diff on two directores they create) so perhaps one is simply more compressed (gzip -9) than the other? Or maybe the upstream changed? In any case, please produce a new SRPM with an exact match (md5sum) to the upstream "tarball" since most folks consider that to be a review prerequisite. Thanks Ed, good catch. Not sure what happened, but I've updated the source tarball with a fresh copy and rebuilt. SRPM and SPEC now available online (version 3). latest geotiff release is 1.2.3 Seeing the discussions for the gdal issue, its probably time to ping the reviewers and see what the status of this package is. From my point of view, the issues that have been raised have all been answered - the main issue being the licensing of the EPSG data. As noted above, this package, as well as proj, gdal, etc all come from the same upstream author and all contain the EPSG tables. My research showed that there was no intent from the distributors of this data to exclude it from open-source use. These packages are all available in the debian world. Anyways, if someone can rereview this and let me know if there are still outstanding issues, I'd be happy to address them. We can also consider the upgrade to 1.2.3 now or after submission. PS Note that gdal contains an embedded libgeotiff package I sent a mail to the debian gdal maintainers about the licensing issue and put all of you who appear in the report as blind carbon copies The debian maintainer response:
This is relevant. I would move those data into a non-free
package a part. That would involve re-packaging the upstream
tarball, of course.
Maybe the best thing to do at that point would be to contact
the upstream and ask them to precise their licence. Otherwise
some split should be needed.
(isn't there a bug to block in such cases, like FE-LEGAL?)
Found it, it isn't FE-LEGAL but FE-Legal.... Well gdal (bug 205955) has the copies of libgeotiff code in it, and it seems that it is not possible to remove libgeotiff code from gdal. And libgeotiff code in gdal package surely uses .inc files of which the legal issue is questionable. I mark gdal (bug 205955) depending on this bug. Reported upstream. http://bugzilla.remotesensing.org/show_bug.cgi?id=1294 This is a clear-cut blocker. If it has a end-user restriction (cannot sell data files) and we are forced to include the data files, then the EPSG Tables are clearly non-free. Either we remove the EPSG Tables under that bad license, or we get the Tables relicensed without the restrictions (terms 1 and 3 are the bad ones), or this is not going in. This shouldn't block FE-Legal now; please save that for things that the lawyers actually need to look at. Unless there's objection to spot's opinion above and someone honestly thinks that Red Hat's lawyers will see the situation differently. (In reply to comment #15) > This shouldn't block FE-Legal now; please save that for things that the lawyers > actually need to look at. Unless there's objection to spot's opinion above and > someone honestly thinks that Red Hat's lawyers will see the situation differently. > Ah. "FE-Legal" meant "the bug should FE-legal until someone familiar with license issue investigates the bug precisely"? My recognition was "the bug should block FE-Legal until license issue is really resolved". Sorry. So what's going to happen? If there's no effort from the submitter to carry out any of the possible actions as detailed in comment #14, this submission should be closed. Well, I am reviewing gdal (bug 205955) , gdal uses libgeotiff code and it has the same license problem as libgeotiff. I asked for libgeotiff upstream to fix license problem as I commented in comment #13 and currently I recieved no response from upstream. I remember once I saw that upsteam is working with this issue, however I forgot where...... I have no plans to do further work on this. The EPSG data is required for libgeotiff to function and we either need to include the files in the distribution or use the embedded data in the source. As noted, this has been raised upstream and as yet there has been no response. I take it that Fedora has no plans for different types of repositories - including one that would support a package such as libgeotiff? This will be unfortunate as most of the open source GIS packages depend on libgeotiff and gdal and therefore these packages will be unavailable to Fedora users. There are already Fedora repositories that would permit such software. Of course, nothing in Extras can depend on them. It is indeed unfortunate, but it is not the fault of Fedora that the upstream data is not licensed in a sufficiently free manner. Closing and adjusting blockers as appropriate. OK, I'll keep an eye on the upstream situation and, if it changes favourably, I'll try submitting this package again The whole thread is about getting grass in fedora extras ? Indeed i guess the dep tree libgeotiff->gdal->grass. (In reply to comment #22) > The whole thread is about getting grass in fedora extras ? > Indeed i guess the dep tree libgeotiff->gdal->grass. Yes. If you are interested, please comment on bug 222042 and bug 222039 I would like to continue review of this package once now epsg updated the license terms, and Frank Warmerdar will do this week a respin of libgeotiff including new EPSG dataset. I reasigned to myself the bug, i come up with a new spin of package as Frank spinn upstream libgeotiff (should happen today or tomorrow) and Thomas ACk from FSF the license of geodetic dataset. Hello Balint: This review request is old and initial reporter differs. Would you close this bug once , ask Frank to open a new review request and mark this bug a duplicate of the new review request to avoid confusion? *** This bug has been marked as a duplicate of 249296 *** |