Red Hat just erected a paywall in front of the source code to their Linux distribution.Are they burning bridges to the wider open source ecosystem?Referenced...
An exceptionally well explained rant that I find myself in total agreement with.
This argument that open source somehow needs to exploit users and blatantly skirt the intent of the GPL because profit must be taken from it is absurd.
Why is it assumed that they weren’t perfectly sustainable before and why is it the end users responsibility to bear the burden of making their business model viable if they weren’t? Being unprofitable doesn’t excuse you from following the terms of your software license.
Red Hat weren’t ever unprofitable under the old model. This is just the classic killing of the goose that lays the golden eggs. They’ll get a short term boost in profit until customers start moving to competitors.
Except they’re aren’t violating the GPL at all. Their source code is still available to subscribers (and it isn’t behind a paywall because you can get a free license) and available to the public via CentOS Stream. Their code also goes into upstream projects as well.
The GPL exists so that companies can’t just take the code and contribute nothing back. But that isn’t what Redhat is doing here so I find your accusations that Redhat is exploiting users to be very hyperbolic.
My understanding is that if you redistribute the source they provide (whether Paywalled or free dev account) that they can and plan to 1) revoke your payed support access or 2) revoke your free dev account.
That means that people are inevitably going to share out RH source from free dev accounts right off the bat, and just cycle through new dev accounts. That’s an escalating war where they watermark/fingerprint their source so they know who’s redistributing, and any model or distro built on this won’t last or carry considerable risk. Enterprise customers are unlikely to take this risk, though. So this sets up a pretty stupid game and generally goes against the spirit of FOSS if not the letter.
I’d like to address one statement you made above: CentOS Stream is NOT RHEL source. It’s effectively the beta branch. Which means it’s not bug-for-bug which is quite frankly critical to any dev, enterprise or otherwise, and the key reason they moved it upstream of RHEL - because it screws over what they consider to be freeloaders on purpose. They may be targeting other distros, but it affects all developers who just want to test their applications. Now that dev has to explore options for a dev account, be careful not to redistribute or lose that access, etc.
Jeff does an excellent job of explaining it and whether or not RHEL contributes to the kernel or other source, stating it the way you do is akin to giving them an excuse. Oracle contributes. Users contribute (by testing, submitting bugs, providing guidance and configuration templates or advice), Countless Devs contribute. All of that should not excuse IBM Red Hat’s behavior because they want to squeeze more profit out of a model that’s not setup well. The fact that their SNAP is essentially “trust me bro” now and with this move, I’m done with anything dependent upon RH. That may not mean much in my home lab setup with maybe a dozen boxes, but at work, I am in a position to influence thousands upon thousands of instances and I’m just one person paying attention to this. RH is focusing on short term profits over long term health and without disclosing anything, I’m confident will swiftly bite them in the ass. And it will be their own doing.
Edit: I should also note that making CentOS Stream the beta sets them up for potentially new customers who do not want to be on that bleeding edge - which is a risk most established enterprise is unlikely to undertake over the more stable RHEL, which will fill their coffers for the support model.
Which means it’s not bug-for-bug which is quite frankly critical to any dev, enterprise or otherwise…They may be targeting other distros, but it affects all developers who just want to test their applications.
With the free RHEL licenses, I don’t think developers targetting RHEL are going to be affected at all by this, short of having to signup for an extra account. I also don’t think that there’s going to be many situations where a dev would accidentally redistribute in a way that’s so detrimental to RedHat’s business that it gets their license suspended.
You’re right that its mainly targeted at downstream distros and that’s where I think RedHat has a point. I think that it’s entirely fair for RedHat to be annoyed that someone can build a RHEL bug-for-bug compatible Linux distro and then sell support licenses off of it, which is literally RHEL’s business model.
That’s just my two cents. There’s really not many ways for a company to survive entirely off of open-source development like RedHat does and if we start saying that bug-for-bug compatible versions of their software have to exist, then we’ve essentially turned their business model into donations and it would lead to them dying anyways.
Don’t get me wrong, I am not entirely happy about RedHat’s changes, but I also don’t see anyone in this thread suggesting a viable alternative for RedHat to pursue and they’re just piling on the hate. It’s like saying, “Hey RedHat, sorry you’re dying. Thanks for all your hard work, okay good luck, bye.”
Well, the alternative is competing based on what you are actually selling in this model: Support for this product. If I can clone your distro and do better at supporting it than YOU do or at least good enough to sell my support, then you have a situation of possibilities:
Your support sucks
You’re charging too much or don’t have the right market / price options available
Your support in general is not really necessary, and thus your business model is weak in the first place. Another way of saying this one is that you aren’t offering anying particularly unique for new features on top of what’s already freely available to sweeten the deal beyond selling support.
You’ve done other things to your customers to weaken your relationships, and thus income flow
Locking out those “second run” vendors who are riding your coat tails is going to be a self-defeating path, however you slice it. Oracle has deep pockets - they are unlikely to sit back on this one as an example problem. The bigger problem is violation of the spirit of the GPL which alienates devs. You’re correct that they may only be inconvenienced, but inconveniencing any developer is a first class ticket to them working around your shenanigans or just opting out of supporting your platform in general. I already know 2 vendors in my small world who are subtly indicating support for RHEL and CentOS is being considered with some pushes on their customers to consider other distros. That’s in the last few days!
Anyway, they are throwing out the good will they have left with the bathwater of trying to short circuit low-bar competitors because they want to squeeze profit. You may not be wrong to stand by them, but I’m taking my support (and business) elsewhere as a result of their stance. A recent post looks like they are doubling down on the message.
Except that Redhat is trying to literally stop one of the four essential freedoms - the freedom to redistribute. Arguably they might actually be breaking the terms of the GPL.
I don’t think they are. You can distribute the corresponding source for your binaries. You just won’t get updates to the binaries (and their corresponding source) afterwards.
Not only will you not get updates (after they end your subscription), but you’ll probably lose access to the entirety of their packages before you can download all of them in the first place.
Whether or not they’re violating the letter of the GPL is entirely separate from whether they’re violating its intent. The former is debatable but the latter is absolutely happening here.
I put this together a while ago to help myself understand the licenses. I honestly dont know if its accurate. I am not a lawyer.
Philosophy and Intent:
GPL: The GPL is designed to ensure that software remains free and open, in the sense that users should have the freedom to use, modify, and distribute the software as they wish. This is sometimes referred to as "copyleft", because it is meant to counterbalance the traditional copyright system.
BSD: The BSD license is more permissive and does not require the same level of freedom. It is designed to allow as much freedom as possible, including the freedom to turn the software into a proprietary product.
Distribution and Modification:
GPL: If you modify a GPL-licensed program and distribute the modified version, you must distribute it under the GPL as well. You must also make the source code available. This requirement is why the GPL is called a "viral" license: it attempts to ensure that all derivative works are also free.
BSD: If you modify a BSD-licensed program and distribute the modified version, you do not need to distribute it under the BSD license, and you do not need to make the source code available. You could, for example, decide to distribute the modified version under a proprietary license.
Compatibility with Proprietary Software:
GPL: The GPL is not compatible with proprietary software licenses. That is, you cannot take GPL-licensed code and incorporate it into a proprietary software product.
BSD: The BSD license is compatible with proprietary software licenses. This means you can take BSD-licensed code and incorporate it into a proprietary software product.
License versions:
GPL: There are different versions of GPL (e.g., GPL v2 and GPL v3) and they are not necessarily compatible with each other.
BSD: The BSD license has two main versions (the "new" BSD license and the "simplified" or "free" BSD license), but they do not differ substantially in terms of compatibility.
But since there are multiple GPLs:
GPL v1: Released in 1989 by the Free Software Foundation (FSF), GPL v1 was created to prevent the privatization of free software and to ensure that software could be freely used, modified, and redistributed.
GPL v2: Released in 1991, GPL v2 had several changes from v1. One of the main ones was the introduction of the "Liberty or Death" clause. This clause states that if someone adds restrictions (beyond those in the GPL) to a GPL-licensed program (for instance, as a result of legal rulings or laws), they cannot distribute the program at all. This was intended to close a potential loophole where someone could add restrictions to a program and then claim they were forced to do so.
GPL v3: Released in 2007, GPL v3 has more detailed terms and is longer than GPL v2. There are several key changes:
Patent Clauses: GPL v3 includes explicit patent licensing, meaning that anyone distributing GPL v3-licensed software must also grant a patent license to the users of that software. This was designed to prevent situations where someone distributes software but then sues the users for patent infringement.
Tivoization: Named after a controversy involving TiVo, "Tivoization" refers to the practice of designing hardware so that it will only run a specific version of software, thus preventing modifications from running. GPL v3 explicitly disallows Tivoization, whereas GPL v2 does not.
Compatibility with Other Licenses: GPL v3 is compatible with more licenses than GPL v2. For instance, it's compatible with the Apache License 2.0, which GPL v2 is not.
Protection against Anti-Circumvention Laws: GPL v3 contains provisions that aim to prevent its software from falling under anti-circumvention laws like those in the Digital Millennium Copyright Act (DMCA). It's designed so that users cannot be sued for circumventing DRM (Digital Rights Management) in GPL-licensed software.
Additional Terms: GPL v3 allows “additional terms” to be added to certain parts of the license, offering some room for adaptation of the license to specific needs.
Remember, the different versions of GPL aren’t necessarily compatible with each other. That is, you can’t necessarily mix code licensed under GPL v2 with code licensed under GPL v3. If you’re working on a project that uses GPL-licensed code, you’ll need to pay close attention to the specific version of the license that’s in use.
The AGPL stands for the Affero General Public License. Similar to the GNU General Public License (GPL), the AGPL is a free software license, but it has an additional provision related to software run over a network.
In many ways, the AGPL is very similar to the GPL. It was designed to ensure that the software it covers remains free and open source, and that users have the ability to use, modify, and distribute the software.
However, there’s a key difference between the AGPL and the GPL: the AGPL has a specific requirement that if you run the software on a network server and modify it, you must offer the source code of your modified version to the network’s users. This requirement is meant to cover what’s sometimes called the “Application Service Provider loophole” in the GPL.
This “loophole” arises because the GPL requires you to share the source code of a modified version of a program only if you distribute the program. However, if you run a modified version of a program on a server and let users interact with it over a network (for instance, by providing it as a web service), you’re not technically distributing the program according to the GPL, so you’re not required to share your modifications.
The people using RHEL aren’t using CentOS Stream, and they aren’t able to redistribute the actual software they are actively using. I don’t know how to state this any clearer.
Those snapshots are not CentOS Stream. You are not running CentOS Stream, in the state in which it is provided, when you run a RHEL release. They arent entirely separate, but that’s exaggerating the claim and not what I’m arguing. The people who are using RHEL as provided are not able to redistribute the thing which they are using.
No, RHEL “exploits” large companies and the public sector that require a lot of compliance certificates and long term service guarantees for the software they procure. If Red Hat doesn’t collect this money, it goes into the pockets of people with much lower upstream contributions than Red Hat.
The regular user doesn’t need RHEL. Fedora or any other non-enterprise Linux distribution is perfectily fine and they will directly benefit from the contribution that Red Hat finances through their enterprise sales.
This argument that open source somehow needs to exploit users and blatantly skirt the intent of the GPL because profit must be taken from it is absurd.
Why is it assumed that they weren’t perfectly sustainable before and why is it the end users responsibility to bear the burden of making their business model viable if they weren’t? Being unprofitable doesn’t excuse you from following the terms of your software license.
Red Hat weren’t ever unprofitable under the old model. This is just the classic killing of the goose that lays the golden eggs. They’ll get a short term boost in profit until customers start moving to competitors.
The profit motive is antithetical to software freedom
Except they’re aren’t violating the GPL at all. Their source code is still available to subscribers (and it isn’t behind a paywall because you can get a free license) and available to the public via CentOS Stream. Their code also goes into upstream projects as well.
The GPL exists so that companies can’t just take the code and contribute nothing back. But that isn’t what Redhat is doing here so I find your accusations that Redhat is exploiting users to be very hyperbolic.
My understanding is that if you redistribute the source they provide (whether Paywalled or free dev account) that they can and plan to 1) revoke your payed support access or 2) revoke your free dev account.
That means that people are inevitably going to share out RH source from free dev accounts right off the bat, and just cycle through new dev accounts. That’s an escalating war where they watermark/fingerprint their source so they know who’s redistributing, and any model or distro built on this won’t last or carry considerable risk. Enterprise customers are unlikely to take this risk, though. So this sets up a pretty stupid game and generally goes against the spirit of FOSS if not the letter.
I’d like to address one statement you made above: CentOS Stream is NOT RHEL source. It’s effectively the beta branch. Which means it’s not bug-for-bug which is quite frankly critical to any dev, enterprise or otherwise, and the key reason they moved it upstream of RHEL - because it screws over what they consider to be freeloaders on purpose. They may be targeting other distros, but it affects all developers who just want to test their applications. Now that dev has to explore options for a dev account, be careful not to redistribute or lose that access, etc.
Jeff does an excellent job of explaining it and whether or not RHEL contributes to the kernel or other source, stating it the way you do is akin to giving them an excuse. Oracle contributes. Users contribute (by testing, submitting bugs, providing guidance and configuration templates or advice), Countless Devs contribute. All of that should not excuse IBM Red Hat’s behavior because they want to squeeze more profit out of a model that’s not setup well. The fact that their SNAP is essentially “trust me bro” now and with this move, I’m done with anything dependent upon RH. That may not mean much in my home lab setup with maybe a dozen boxes, but at work, I am in a position to influence thousands upon thousands of instances and I’m just one person paying attention to this. RH is focusing on short term profits over long term health and without disclosing anything, I’m confident will swiftly bite them in the ass. And it will be their own doing.
Edit: I should also note that making CentOS Stream the beta sets them up for potentially new customers who do not want to be on that bleeding edge - which is a risk most established enterprise is unlikely to undertake over the more stable RHEL, which will fill their coffers for the support model.
With the free RHEL licenses, I don’t think developers targetting RHEL are going to be affected at all by this, short of having to signup for an extra account. I also don’t think that there’s going to be many situations where a dev would accidentally redistribute in a way that’s so detrimental to RedHat’s business that it gets their license suspended.
You’re right that its mainly targeted at downstream distros and that’s where I think RedHat has a point. I think that it’s entirely fair for RedHat to be annoyed that someone can build a RHEL bug-for-bug compatible Linux distro and then sell support licenses off of it, which is literally RHEL’s business model.
That’s just my two cents. There’s really not many ways for a company to survive entirely off of open-source development like RedHat does and if we start saying that bug-for-bug compatible versions of their software have to exist, then we’ve essentially turned their business model into donations and it would lead to them dying anyways.
Don’t get me wrong, I am not entirely happy about RedHat’s changes, but I also don’t see anyone in this thread suggesting a viable alternative for RedHat to pursue and they’re just piling on the hate. It’s like saying, “Hey RedHat, sorry you’re dying. Thanks for all your hard work, okay good luck, bye.”
Well, the alternative is competing based on what you are actually selling in this model: Support for this product. If I can clone your distro and do better at supporting it than YOU do or at least good enough to sell my support, then you have a situation of possibilities:
Locking out those “second run” vendors who are riding your coat tails is going to be a self-defeating path, however you slice it. Oracle has deep pockets - they are unlikely to sit back on this one as an example problem. The bigger problem is violation of the spirit of the GPL which alienates devs. You’re correct that they may only be inconvenienced, but inconveniencing any developer is a first class ticket to them working around your shenanigans or just opting out of supporting your platform in general. I already know 2 vendors in my small world who are subtly indicating support for RHEL and CentOS is being considered with some pushes on their customers to consider other distros. That’s in the last few days!
Anyway, they are throwing out the good will they have left with the bathwater of trying to short circuit low-bar competitors because they want to squeeze profit. You may not be wrong to stand by them, but I’m taking my support (and business) elsewhere as a result of their stance. A recent post looks like they are doubling down on the message.
Except that Redhat is trying to literally stop one of the four essential freedoms - the freedom to redistribute. Arguably they might actually be breaking the terms of the GPL.
I don’t think they are. You can distribute the corresponding source for your binaries. You just won’t get updates to the binaries (and their corresponding source) afterwards.
Not only will you not get updates (after they end your subscription), but you’ll probably lose access to the entirety of their packages before you can download all of them in the first place.
Whether or not they’re violating the letter of the GPL is entirely separate from whether they’re violating its intent. The former is debatable but the latter is absolutely happening here.
What do you think the intent of the GPL is though? Genuinely curious, this isn’t meant as a retort or anything.
They are specifically and explicitly trying to limit your freedom with regards to redistribution by making it a violation of their EULA to do so.
I put this together a while ago to help myself understand the licenses. I honestly dont know if its accurate. I am not a lawyer. Philosophy and Intent:
But since there are multiple GPLs:
Remember, the different versions of GPL aren’t necessarily compatible with each other. That is, you can’t necessarily mix code licensed under GPL v2 with code licensed under GPL v3. If you’re working on a project that uses GPL-licensed code, you’ll need to pay close attention to the specific version of the license that’s in use.
Oh and then there is the AGPL:
The AGPL stands for the Affero General Public License. Similar to the GNU General Public License (GPL), the AGPL is a free software license, but it has an additional provision related to software run over a network.
In many ways, the AGPL is very similar to the GPL. It was designed to ensure that the software it covers remains free and open source, and that users have the ability to use, modify, and distribute the software.
However, there’s a key difference between the AGPL and the GPL: the AGPL has a specific requirement that if you run the software on a network server and modify it, you must offer the source code of your modified version to the network’s users. This requirement is meant to cover what’s sometimes called the “Application Service Provider loophole” in the GPL.
This “loophole” arises because the GPL requires you to share the source code of a modified version of a program only if you distribute the program. However, if you run a modified version of a program on a server and let users interact with it over a network (for instance, by providing it as a web service), you’re not technically distributing the program according to the GPL, so you’re not required to share your modifications.
The AGPL was designed to close this loophole.
But the code is also available in CentOS Stream, which is basically the “git master” of RHEL, and that you can freely redistribute.
The people using RHEL aren’t using CentOS Stream, and they aren’t able to redistribute the actual software they are actively using. I don’t know how to state this any clearer.
Your logic would apply if they were entirely separate pieces of software, but RHEL is just essentially snapshots of CentOS Stream.
Those snapshots are not CentOS Stream. You are not running CentOS Stream, in the state in which it is provided, when you run a RHEL release. They arent entirely separate, but that’s exaggerating the claim and not what I’m arguing. The people who are using RHEL as provided are not able to redistribute the thing which they are using.
No, RHEL “exploits” large companies and the public sector that require a lot of compliance certificates and long term service guarantees for the software they procure. If Red Hat doesn’t collect this money, it goes into the pockets of people with much lower upstream contributions than Red Hat.
The regular user doesn’t need RHEL. Fedora or any other non-enterprise Linux distribution is perfectily fine and they will directly benefit from the contribution that Red Hat finances through their enterprise sales.