Bug 508449 - genisoimage -root option inserts unwanted directory into ISO directory structure
Summary: genisoimage -root option inserts unwanted directory into ISO directory structure
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: cdrkit
Version: 11
Hardware: x86_64
OS: Linux
low
high
Target Milestone: ---
Assignee: Nikola Pajkovsky
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-06-27 10:45 UTC by Joel Uckelman
Modified: 2014-02-02 22:13 UTC (History)
4 users (show)

Fixed In Version: 1.1.9-6.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-08-11 13:49:46 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
the resulting (bad) ISO (354.00 KB, application/x-cd-image)
2009-06-27 10:45 UTC, Joel Uckelman
no flags Details

Description Joel Uckelman 2009-06-27 10:45:59 UTC
Created attachment 349646 [details]
the resulting (bad) ISO

Description of problem:

When I try to create an ISO image with all of the contents in a directory specified with the -root flag, I end up with an image where all of the contents are in a new subdirectory of the one specified with the flag. 

Version-Release number of selected component (if applicable):

genisoimage-1.1.9-4.fc11.x86_64

How reproducible:

Always

Steps to Reproduce:
1. mkdir foo
2. genisoimage -r -root foo -o foo.iso foo
  
Actual results:

The image contains /foo/ and /foo/soimage/.

Expected results:

The image should contain /foo/ and nothing else.

Additional info:

This worked correctly using the version of genisoimage in Fedora 10.

Comment 1 Joel Uckelman 2009-06-27 10:50:53 UTC
If I do this:

mkdir -p bar/foo
cd bar
genisoimage -r -o foo.iso .

I get the expected output, which is an ISO containing /foo/ only.

So, it looks like the -root flag is the culprit. My guess is that the string "soimage" is being read off the end of a buffer or something like that...

Comment 2 Jörg Schilling 2009-07-31 16:20:08 UTC
I recommend you to use the official program "mkisofs"
from cdrtools:

ftp://ftp.berlios.de/pub/cdrecord/alpha/
http://cdrecord.berlios.de

the fork you are using is known to be full of bugs.

Comment 3 Joel Uckelman 2009-07-31 17:56:22 UTC
(In reply to comment #2)
> I recommend you to use the official program "mkisofs"
> from cdrtools:
> 
> ftp://ftp.berlios.de/pub/cdrecord/alpha/
> http://cdrecord.berlios.de
> 
> the fork you are using is known to be full of bugs.  

It would be great if Fedora would distribute a version of mkisofs which contains fewer bugs. Maybe you should change the license to something GPL-compatible so  they can.

Comment 4 Jörg Schilling 2009-07-31 18:12:15 UTC
I am not sure whether you understand the problem correctly.

Redhat is currently distributing software that is in conflict
with the copytright law and thus cannot be legally distributed.
The software in addition is buggy.

The original software is properly maintained implements a lot
more features and is fully legal. This has been verified by several
lawyers (including the Sun legal department).


Maybe it helps to read this:

http://cdrecord.berlios.de/private/linux-dist.html

There is no need to change anything in the original software
as the original software is fully compliant with all
related licenses.

Comment 5 Joel Uckelman 2009-07-31 18:51:19 UTC
(In reply to comment #4)
> I am not sure whether you understand the problem correctly.

What I understand is that you and RedHat's legal counsel do not agree on the interpretation of the CDDL and the GPL, and it is unlikely that you or they will change their minds about this. I will not offer an opinion on who is right in this situation.

But it isn't even necessary to determine who is right to resolve the situation. You could dual-license cdrecord under both the CDDL and GPL, and that would satisfy everyone involved.

Presumably that would also fix the bug I've reported here.

Comment 6 Jörg Schilling 2009-07-31 19:52:50 UTC
What I see is that Redhats legal department was not 
yet involved at all. It seems that some laymen prevent
the case from being seen by the redhat lawyers.

Redhat is currently in an unlawful situation as redhat
publishes a fork that is in conflict with the copyright law.

Why do you beleve that redhat does not try to fix the current
unlawful situation that results from the fact that redhat
publishes a fork that cannot be legally distributed?

On the other side, nobody from redhat did make a claim
_why_ there should be a problem with distributing the legal
original source.

As mentioned before: Sun is the most careful company in the
OSS area and Sun does of course ship the legal original software.

Comment 7 Joel Uckelman 2009-07-31 20:20:11 UTC
(In reply to comment #6)
> What I see is that Redhats legal department was not 
> yet involved at all. It seems that some laymen prevent
> the case from being seen by the redhat lawyers.

A reply from Fedora's legal counsel is right here, at the end of a thread you started on the fedora-legal-list in June:

http://www.mail-archive.com/fedora-legal-list@redhat.com/msg00506.html

Did you not see this?

> Redhat is currently in an unlawful situation as redhat
> publishes a fork that is in conflict with the copyright law.
> 
> Why do you beleve that redhat does not try to fix the current
> unlawful situation that results from the fact that redhat
> publishes a fork that cannot be legally distributed?

Fedora doesn't do anything about the situation which you claim is unlawful because their lawyer is telling them that no such situation exists. You cannot expect them to disregard the advice of their lawyer. 

But there is no need to resolve whether the fork is legal. If you were to dual-license cdrtools, this issue would go away, as there would be no reason for anyone to distribute this fork any longer. Everyone wins.

> On the other side, nobody from redhat did make a claim
> _why_ there should be a problem with distributing the legal
> original source.

Yes, they have. See claim III in the message linked above.

Comment 8 Jörg Schilling 2009-07-31 21:25:21 UTC
Sorry, but you seem to be missinformed. The person you
are  qouting is not part of the Redhat legal department
but an uninformed laymen.

If you carefully read his claims, you will see that he
did never talk to the rehat legal department and that he
is missing legal basics. 

The mail you are quoting does not contain a single valid legal
argument. I am in hope that some time the redhat legal department 
will pop up and correctly deal with the problems redhat currently
has from distributing software that is in conflict with the 
copyright law.

This person called "tom" does not do redhat a favor by tring to hide
the problem from the legal department.

Comment 9 Joel Uckelman 2009-07-31 21:49:24 UTC
(In reply to comment #8)
> Sorry, but you seem to be missinformed. The person you
> are  qouting is not part of the Redhat legal department
> but an uninformed laymen.

I see that I misread. Mr. Callaway is the head of the the Fedora legal team, but so far as I can tell, he isn't a lawyer himself. Nonetheless, I see no evidence there to imply that he's hiding anything from anyone.

> The mail you are quoting does not contain a single valid legal
> argument. I am in hope that some time the redhat legal department 
> will pop up and correctly deal with the problems redhat currently
> has from distributing software that is in conflict with the 
> copyright law.

It is wholly irrelevant whether the email I was quoting contains any valid arguments at all. That was not my point. My point was that the people associated with Fedora who make these decisions believe that the these arguments are valid, and that's what matters. They believe that what you are asking them to do is illegal, and you believe that what they are already doing is illegal. Would you do something that you believe to be illegal just because someone is asking you to?

But the whole situation can be resolved without anyone changing their minds about what is legal, simply by dual-licensing. You say yourself on the cdrecord site that you switched to CDDL because it gives more freedom than the GPL. If you dual-license CDDL/GPL, doesn't that give even more freedom than the CDDL alone?

Comment 10 Jörg Schilling 2009-07-31 22:07:16 UTC
Even if he might be the head, it is obvious that he did never
ask any lawyer about the supposed problem. If he did, he would
have been able to give a useful and legally valid reply.

Lawyers tell me that there is no problem with my software.
If a laymen still believes that there is a problem, we seem
to have a problem with this laymen.

Let me conclude: Redhat currently publishes software
that is in conflict with the copyright. When will redhat 
fix this situation?

Comment 11 Joel Uckelman 2009-07-31 22:22:17 UTC
(In reply to comment #10)
> Even if he might be the head, it is obvious that he did never
> ask any lawyer about the supposed problem. If he did, he would
> have been able to give a useful and legally valid reply.
>
> Lawyers tell me that there is no problem with my software.
> If a laymen still believes that there is a problem, we seem
> to have a problem with this laymen.

It makes no difference if they are laymen, lawyers, or the pope. They believe you are asking them to do something illegal.
 
> Let me conclude: Redhat currently publishes software
> that is in conflict with the copyright. When will redhat 
> fix this situation?  

1. Dual-license, so that Fedora will be able to distribute cdrecord under terms which they believe to be legal, or

2. Sue Fedora and win, to make them stop distributing the fork you think is illegal.

If you don't do one of these things, I see no way for this ever to be resolved.
And if you are unwilling to do #1, then you should explain why not.

Comment 12 Jörg Schilling 2009-07-31 22:31:57 UTC
There is no legal problem with the original software,
so there is absolutely no problem for redhat to distribute
the original software as is. This has been proven by many 
lawyers. I am not going to be  a target of blackmailing by
hostile people.

If Redhat continues to distribute illegal software,
redhat needs to be prepared for being sued.

Comment 13 Joel Uckelman 2009-07-31 22:56:50 UTC
(In reply to comment #12)
> There is no legal problem with the original software,
> so there is absolutely no problem for redhat to distribute
> the original software as is. This has been proven by many 
> lawyers. I am not going to be  a target of blackmailing by
> hostile people.

I do not see how resolving the problem by dual-licensing would amount to blackmail. From your point of view, there should be no difference between dual-licensing and licensing only under the CDDL; from Fedora's point of view, this is a major improvement of the situation. I do not see how anyone loses by doing this.

Please explain what it is that you think you gain by licensing under the CDDL only.

Comment 14 Jörg Schilling 2009-08-01 08:39:28 UTC
I am not sure what your interests yre....

You did never verify that there is a problem but 
you claim that there is a need to introduce dual licansing
to "solve it", this sounds absurd.

What you are doing is called FUD. In terms of lawyers this
is called slander.

From looking at your mail address, you seem to be an uninvolved
thrid party, so what are your interests?

Comment 15 Joel Uckelman 2009-08-01 10:09:18 UTC
(In reply to comment #14)
> I am not sure what your interests yre....

My interest is in getting the bug I reported solved. One way to do that is to get cdrecord distributed with Fedora, as presumably cdrecord does not have this bug.

> You did never verify that there is a problem but 
> you claim that there is a need to introduce dual licansing
> to "solve it", this sounds absurd.

I'm sorry it sounds absurd to you. It sounds like a reasonable solution to me.

Here is the problem:

1. The decision makers at Fedora believe that they cannot legally distribute cdrecord.

2. The only way that Fedora will distribute cdrecord is if the decision makers there believe they can distribute it legally.

3. The decision makers at Fedora believe they could distribute cdrecord legally if it were dual-licensed CDDL/GPL.

4. You could dual-license cdrecord as CDDL/GPL.

Which one of these three claims do you dispute?

Comment 16 Jörg Schilling 2009-08-01 13:14:50 UTC
You are correct, cdrecord has no known bugs and if a bug is reported,
this bug is typically fixed within a few hours.

If the decicion makers at fedora believe that
they cannot distribute cdrecord, then they are 
incorrectly informed and would need to ask a lawyer.

What these people currently do is called slander as they
claim that there is a problem but do not even tell what
kind of problem this might be.

Nonexistent problems cannot be solved! 


Where do you see a problem?

Comment 17 Joel Uckelman 2009-08-01 13:55:27 UTC
(In reply to comment #16)
> 
> Where do you see a problem?  
>

Please address the two questions I've asked you. 

* Which of the four numbered claims I presented in comment #15 do you dispute?

* What do you see as the advantage of CDDL-only licensing?

Comment 18 Jörg Schilling 2009-08-01 14:28:21 UTC
I am sorry, you would first need to explain me what 
"license problems" you see in the original software.

How would you reply if I asked you: "Do you still club your wife?"

Comment 19 Joel Uckelman 2009-08-01 14:40:29 UTC
(In reply to comment #18)
> I am sorry, you would first need to explain me what 
> "license problems" you see in the original software.
> 
> How would you reply if I asked you: "Do you still club your wife?"  

This presupposes that I have clubbed my wife at some point in the past. The claims I am asking you to evaluate are not analogous to this question.

To be clear, I am *not* presupposing that there are licensing problems. Whether there are actually licensing problems is irrelevant. Claims 1, 2, and 3 are about the *beliefs* of decision makers at Fedora, not about whether there are licensing problems. Claim 4 is about your capability to dual-license. None of these claims presuppose that there are licensing problems. I will not explain whether I personally see any license problems, because it is wholly irrelevant to the matter at hand.

Furthermore, the second question I posed, namely---what do you see as the advantage of CCDL-only licensing---only presupposes that you do see some advantage to it. It would help me to understand your position if you would explain what you think that advantage is.

Comment 20 Jörg Schilling 2009-08-01 16:20:50 UTC
If you don't believe that there is a license problem, why
do you ask me to do things that only make sense if there
actually was a license problem?

Redhat distributes star, so it is obvious that redhat has
no problem with the CDDL.

Distributors like redhat should accept the license decision
that has been made by the author.

The license of cdrtools has been changes in order to defend
it against some agressors. The main agressor was a non-cooperative
downstream package maintainer from Debian.

Comment 21 Joel Uckelman 2009-08-01 16:38:51 UTC
(In reply to comment #20)
> If you don't believe that there is a license problem, why
> do you ask me to do things that only make sense if there
> actually was a license problem?

Please don't presume that you know my views about whether there is a license problem. I have not said either way.

Anyway, I am not asking you to do things which only make sense if there actually were a license problem. Dual-licensing may make no difference from your point of view, but it makes a huge difference for many other people.

If X is some statement, then there is a difference between "X is true" and "Bob believes X is true". If Bob believes that there is cheese in his sandwich, then what matters for how he acts is his belief, not whether there is in fact cheese in his sandwich. If Bob still believes that there is cheese on his sandwich after you've tried to convince him otherwise, then you should not be surprised when Bob acts like he has a cheese sandwich. Furthermore, if it costs you nothing to humor Bob and it makes him happier, shouldn't you do it? Is it really worth fighting with Bob over whether his sandwich has cheese on it?

This is precisely analogous to the dual-licensing situation with cdrtools.

> The license of cdrtools has been changes in order to defend
> it against some agressors. The main agressor was a non-cooperative
> downstream package maintainer from Debian.

In what way, exactly, does the license change help you defend cdrtools?

Comment 22 Jörg Schilling 2009-08-01 17:39:34 UTC
Dual licensing is a big problem and could seriously harm a project.
There are well-known examplesfor problems thar result from dual
licensing. Everything I did with cdrtools was to defend the code 
against malicious people and to ensure that the code will stay free
as long as possible.

The GPL is intentionally missinterpreted by well-known people
and unfortunately, there are too many people that do not
realize that the missinterpretation would cause all known 
Linux distributions illegal in case that the claims would be
orthogonally applied to all related cases.

The GPL contains many claims that cannot be claimed in court.
See: http://www.rosenlaw.com/Rosen_Ch06.pdf
Why not using a license that only contains demands that would
stand in court? I can verify that the explanations from Lawrence
Rosen about the GPL are true as I am the first person who tried 
to defend cdrtools against GPL abusage (long before Harald Welte
did start his campaign). For this reason, I know exactly what 
cannot be claimed in court.

The license change helped to verify that the non-cooperative
downstream package maintainers from Debian were intentionally
spreading FUD as they did not change their claims after the 
license change even though the license change did make
all their claims _obviously_ void.

Comment 23 Joel Uckelman 2009-08-02 13:32:42 UTC
(In reply to comment #22)
> Dual licensing is a big problem and could seriously harm a project.
> There are well-known examplesfor problems thar result from dual
> licensing. Everything I did with cdrtools was to defend the code 
> against malicious people and to ensure that the code will stay free
> as long as possible.

Could you describe in particular what problems might arise with dual licensing cdrutils CDDL/GPL?

Comment 24 Jörg Schilling 2009-08-02 14:32:17 UTC
One problem is that people could create enhancements under
only one of the licenses. But I did give aou already other
reasons why it is apropriate to avoid the GPL. I don't like
to use the GPL for my own software after I have been attacked
using an incorrect interpretation of the GPL. Avoiding the GPL
means avoinding the related bigots.

Anyway: I already pointed out why the is no need to introduce dual licensing.

Comment 25 Joel Uckelman 2009-08-02 14:48:10 UTC
(In reply to comment #24)
> One problem is that people could create enhancements under
> only one of the licenses. But I did give aou already other
> reasons why it is apropriate to avoid the GPL. I don't like
> to use the GPL for my own software after I have been attacked
> using an incorrect interpretation of the GPL. Avoiding the GPL
> means avoinding the related bigots.
> 
> Anyway: I already pointed out why the is no need to introduce dual licensing.  

Ok, I can see now that this is hopeless. Thanks for your time. I'll devote my efforts to getting the bug fixed in cdrkit instead.

Comment 26 Jörg Schilling 2009-08-02 15:33:08 UTC
My impression is that you did never try do do anything that could help.
Did you ask redhat to stop their stubborness? Did you try to get 
redhat into a legal way that is based on distributing the original
cdrtools instead of the illegal fork?

Why do you believe that it makes sense for you to put effort
into illegal software? You cannot distribute cdrkit as cdrkit
is in conflict with the copyright law. Your intention seems
to be useless for me....

Comment 27 Nikola Pajkovsky 2009-08-11 13:49:46 UTC
build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1597935

Comment 28 Jörg Schilling 2009-08-11 14:04:38 UTC
You did take code from the original sources without
mentioning this!

Are you interested in making the fork even m ore illegal than it already is?

Comment 29 Joel Uckelman 2009-08-11 14:07:22 UTC
(In reply to comment #27)
> build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1597935  

Thanks for the fix. Will this be backported to Fedora 11?

Comment 30 Fedora Update System 2009-08-12 08:36:20 UTC
cdrkit-1.1.9-6.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/cdrkit-1.1.9-6.fc11

Comment 31 Nikola Pajkovsky 2009-08-12 08:44:26 UTC
(In reply to comment #29)
> (In reply to comment #27)
> > build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1597935  
> 
> Thanks for the fix. Will this be backported to Fedora 11?  

Pushed to f11. Now just wait. enjoy ;)

Comment 32 Fedora Update System 2009-08-12 20:56:48 UTC
cdrkit-1.1.9-6.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 33 Joel Uckelman 2009-08-13 20:32:54 UTC
I can confirm that the fix pushed out to F11 works. Thanks very much for your help!


Note You need to log in before you can comment on or make changes to this bug.