Bug 1951560
| Summary: | Clarify license for Python binding | ||
|---|---|---|---|
| Product: | [Community] Virtualization Tools | Reporter: | Philippe Ombredanne <pombredanne> |
| Component: | libguestfs | Assignee: | Richard W.M. Jones <rjones> |
| Status: | NEW --- | QA Contact: | |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | unspecified | CC: | mhicks, ptoscano |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2025-10-17 00:11:03 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Philippe Ombredanne
2021-04-20 13:03:49 UTC
The ignore-value.h and c-ctype.h files are from gnulib which has a weird licensing system (to say the least). The TL;DR is you have to check https://github.com/coreutils/gnulib/tree/master/modules to find the real license of these files, which is LGPLv2+ in both cases. You can ignore what it says in the header file itself. The rest of the libguestfs Python bindings are LGPLv2+. setup.py is GPLv2+ because it's a program run as part of the build and is not combined with the library so does not affect the LGPLv2+ license of the final bindings. Thank you ++ for the details! gnulib has indeed a rather byzantine configuration system. I did a quick test using their tool with the error module; 'gnulib-tool --lgpl=2 --import error' and this creates an error.h with an LGPL-2.1+ header notice rather than a GPL one. It seems to be the case also with the c-ctype module. May be this is something you could use to get the correct notice in your codebase which would remove the ambiguity entirely? Richard W.M. Jones wrote: > setup.py is GPLv2+ because it's a program run as part of the > build and is not combined with the library so does not affect > the LGPLv2+ license of the final bindings. That's fair enough yet license detection tools may get tripped by this: there are both GPL and LGPL notices and references in one file and there is no easy to determine which is which automatically (I happen to maintain such a tool at https://github.com/nexB/scancode-toolkit ). So my 2 cents for your kind consideration are that if the setup.py license could be aligned with the package license this would make things much clearer for everyone in the future and avoid flagging license detection tools to flag inconsistencies between the declared package license and the license notices of the files found in the package. Recently we removed gnulib from libguestfs, and as part of this I copied the few headers we are actually using. I fixed up the copyright notices in those headers to reflect the actual license of the files: https://github.com/libguestfs/libguestfs/blob/master/gnulib/lib/c-ctype.h https://github.com/libguestfs/libguestfs/blob/master/gnulib/lib/ignore-value.h So this should be fixed upstream. (By the way, please build the Python bindings from upstream sources) I will change the license of setup.py as you requested shortly. Richard: You rock! Thank you ++ FYI, for now I spawned guesfish here https://github.com/nexB/extractcode/blob/aa5da29014ce4fbffca53c09689a2623e2b78196/src/extractcode/vmimage.py And I will adapt this to use the Python binding. This product has been discontinued or is no longer tracked in Red Hat Bugzilla. Reopening because Virtualization Tools has not been discontinued. |