Sean’s Obsessions

Sean Walberg’s blog

Random Thoughts on GPL and BSD

I was reading an announcement about PostgreSQL releasing replication under the BSD licence. Someone commented ”Maybe GPL will be a better choice for a licencing :-)”, to which someone else replied, and it got me thinking.

Why?
(Posted Aug 27, 2003 16:37 UTC (Wed) by AnswerGuy) (Post reply)

Why would GPL be better for PostgreSQL Inc. than BSD?

More importantly why would you nitpick on *their* choice?

What factors to you suppose the considered in making their decision?

Perhaps they want to feel free to create proprietary secondary derivatives
from this work (that is to say to create temporarily proprietary derivatives
from the first order derivatives that you or I might develop from these
sources). They are, after all, creating (temporarily) proprietary products.
Perhaps they use the BSD License because that’s what the core PostgreSQL
code is released under; perhaps this is part of a tradition that dates back
to Postgres and Ingres, to Stonebreaker at the University of California at
Berkeley.

Perhaps people should think about the issues before posting knee-jerk
nit-picking drivel.

I’ve always found the rationale behind choosing a licence interesting. To my understanding, the GPL and BSD licences can be boiled down as follows:

GPL: Use this code as you like, but everything it touches becomes GPLed. This is to keep everything in the open and free
BSD: Use this code as you like, but give me credit. This allows for commercial, closed use, but requires that credit be given where credit is due

Theo De Raadt, the leader of the OpenBSD project puts it more clearly:

But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching
machines or atomic bombs to be dropped on Australia.

Personally, as someone who writes code as a hobby, or out of necessity, I prefer a BSD style licence. I’m not worried about people competing against me, and trying to run me out of business. My goal is to allow as many people as possible to use the code, even if it means they’re going to drop it on Australia.

“Free” to me means no restrictions on use, not restrictions in the name of freedom. I believe in Open Source. There’s nothing wrong with GPL (though, given the choice, I prefer LGPL) However, the choice of a licence should be made carefully, after due consideration, and certainly not as a result of being pushed into it.

Sean

Linux, or GNU/Linux?

RMS has long called for Linux to be called “GNU/Linux”. Here, he even goes as far as calling it “the GNU operating system”. Personally, I think he needs an ego check.

Tim O’Reilly made a great post to an author’s list about this very issue. Couldn’t find an archived copy, so I’ve copied it below.

(X’ed out email addresses my doing)

From tim@xxxxxWed Aug 20 07:53:11 2003
Date: Wed, 20 Aug 2003 04:45:43 -0700
From: Tim O’Reilly
Reply-To: cbp@xxxx.studiob.com
To: cbp@lxxxx.studiob.com
Subject: [cbp] Richard Stallman’s role in Linux (was Re: Does Microsoft
Windows have a future?)

On 8/17/03 2:20 AM, Ed Sawicki wrote:

>
> Stallman’s Free Software Foundation has produced an awful
> lot of great code since the mid-1980s. When you install
> a Linux distribution, far more of the code you install
> was contributed by the GNU folks than the Linux folks.
> When Stallman and friends remind us about that by asking
> us to refer to distributions as “GNU Linux”, I’m not
> sure they’re asking something that is unreasonable.
> They started the free software movement years before Linux
> was conceived.

I’ve been off the net, and I know that this debate is now quite a few days
old, but I couldn’t let this misstatement go by.

A few years ago, Rishab Ayer Ghosh wrote a tool to analyze the copyright
statements in the code contained in a typical Linux distribution. I don’t
remember the exact figures, but they are far different from what Ed says
here. The total amount of FSF copyrighted code in the Red Hat of the time
was approximately 5%, if I recall, about on a par with the amount of code
from Digital Equipment Corporation, Silicon Graphics, Sun Microsystems, and
other corporate entities (actually somewhat less than the amount from one or
two of these companies). And that’s even a generous figure, since a great
part of the GNU toolset was a rewrite (with FSF copyright added!) of the
Berkeley 4.4 lite stuff put together by Keith Bostic and his team at UC
Berkeley after the ATT lawsuit. Most of the day to day utilities that you
use at the shell level came out of Berkeley. And what kind of operating
system would we have without the X Window System out of MIT, the toolset on
which all the GUI layers have been built?

Other significant contributors include Larry Wall and team (Perl), Guido
van Rossum (Python) etc. It’s certainly true that the GNU toolset
represents a key part of the foundational development toolchain (gcc, g++,
gdb, emacs), but even that toolset is a reimplementation of an original ATT
toolset (except for emacs). A few years ago, I created a poster called
Anatomy of a Linux System to get this concept across. It tries to show all
the important projects – it’s amazing when you realize how many of them
are, and how far back their roots go. (We may still have copies available
at oreilly.com – I’m off the net now, and can’t check.)

In sort, it’s really self-serving of Richard Stallman to keep laying claim
to so much credit for Linux. It’s a bit like John Adams or Thomas Jefferson
or George Washington trying to take sole credit for the American revolution
and the form of government that follows. We talk of the Founding Fathers,
not the Founding Father, and so it is here. Just as the American form of
government came from many sources, including people who were lifelong
rivals, the free and open source software movement has many founding
fathers.

It is certainly true that Richard was the first person to fully articulate
the political vision of a completely free operating system, and that the GNU
manifesto created a great deal of momentum around the idea. But there’s no
way that the FSF created “the free software movement” (unless you mean the
very specific political movement by that name centered on the FSF). For
example, both Larry Wall and Keith Bostic have told me that they did their
first major free software releases before they had even heard of Richard
Stallman. Bill Joy points out that CSRG (the Computer Science Research
Group at Berkeley) was giving out its software from the beginning, because
that’s what computer science research was about – sharing the code. No,
the license wasn’t completely “free” by today’s definition, but it was close
enough for many of us to get a license and the source.

What’s more, I’d say that the fundamental possibility for Linux to exist
came from the original software tools approach of Unix, small pieces loosely
joined. For that architecture we need to credit Dennis Ritchie and Ken
Thompson, as well as other Unix pioneers like Brian Kernighan, Rob Pike, PJ
Plaugher, and many others. Without that architecture and philosophy, so
different from the centralized, tightly coupled designs that characterize so
many other operating systems. Early Unix was just like Linux – made of of
the work of hundreds of independent developers. What RMS added to the
picture was the conviction that this cooperative tradition ought to
continue, even after its corporate parent (ATT) decided otherwise. His
declaration of independence was critical, as was his decision to choose Unix
as the system to emulate.

Even further, but for the ATT lawsuit, it’s likely that Linux would never
have existed. The adoption of BSD was held back by the uncertainty over the
lawsuit, which created the opportunity for Linux to come together. But even
telling that story ought to make clear how BSD had a long heritage before
Linux even entered the scene.

Linux as we know it today is an idea whose time has come. It has many
parents. We would do well to remember all the ancestors, and not listen so
much to the one who keeps saying “me, me, me.” Richard diminishes his own
stature because he aggrandizes his contribution while ignoring all others.
The Berkeley and MIT guys keep their heads down because they aren’t that
fond of political arguments. But their vision – far more open and free
than the FSF’s, in my opinion – is to me the real heart of the free and
open source software movement. Their idea is that our goal is not to build
an all-free operating system, but to share code that people can build more
code with (whether free or non-free), increasing the total functionality of
the computer for all its users.

As it turns out, the political thread started by RMS is an important one. I
don’t want to diminish it either. But Linux is a great system because it
contains the work of thousands. Let’s honor all the founding fathers, and
those who follow them.


Tim O’Reilly @ O’Reilly & Associates, Inc.

Google With a Sense of Humour?

I was reading a funny article called SCO Group to Shoot Babies, when I glanced at the “Ads from Google” off to the right. According to the Google AdSense information page, the ads are based on keywords in the page on which they’re being displayed. Unfortunately, in this case, I think the code needs some refinement. Take a look for yourself, the red circle is my doing.

Worms, Worms, Everywhere

It looks like W32/Blaster is making its rounds. For interests sakes, I’ve started collecting connection attempts to port 135 and 445:

Not sure if the flatline last night was because I lost data when I changed the collection program, or if there was just no attempts (doubtful)

Also updated the extended entry to show a pie chart comparing the sources of infections…

This graph shows the source of the attack, based on the /8 the host comes from. Note a lot of 24/8 hosts, mostly cable modems.

RSS Aggregation

I’ve finally got into aggregating RSS feeds of my favourite news sites into one page. Rnews is what I’m using, it’s a PHP based system that puts all the rss feeds onto one page: .

Small problem with RootPrompt.org, but other than that, it’s pretty good. Trivial setup, just untar, create a database, edit a config file, and hit the web page. Why it needs an SQL database is beyond me, but hey, I’ve got one anyway.

RSS will hopefully save me some time. Would have been handy to have when I was writing the newsletter :(

Sean

Shell Scripting Article

I’ve posted an article on Uptime about automating routine tasks with some shell scripting. Take a few minutes to read it here.

Sean

RPM Ever Hang?

Sometimes, if an RPM operation is interrupted, the RPM database gets corrupted, and any subsequent RPM operation hangs the process. You can’t even ^C it. If you strace the process you’ll see the same system call getting invoked in an infinite loop.

How to fix?

1
2
3
4
5
6
7
8
[root@bob root]# cd /var/lib/rpm/
[root@bob rpm]# ls
Basenames     __db.003  Installtid   Provideversion  Sha1header
Conflictname  Dirnames  Name         Pubkeys         Sigmd5
__db.001      Filemd5s  Packages     Requirename     Triggername
__db.002      Group     Providename  Requireversion
[root@bob rpm]# \rm __db*
[root@bob rpm]# rpm --rebuilddb

Voila.

Some Security Links

A couple of links over at Linux Security caught my eye:

A paper on how to attack LDAP based web forms. SQL injection attacks are old school now, but I’d never thought to apply it to LDAP queries.

A cool use of Net::Pcap – write a daemon that promiscuously listens for a door knock, and then perform an action based on it. I’ve read other papers using iptables for such tasks, but I find this more elegant.

Read, share, enjoy.