[gentoo-dev] Are we allowed to provide valid SRC_URI for fetch restricted packages?

[gentoo-dev] Are we allowed to provide valid SRC_URI for fetch restricted packages?

[Kacper Kowalik]

[-- Attachment #1: Type: text/plain, Size: 517 bytes --]

Hi all,
I've been asked by a user to remove valid SRC_URI for a package that has
RESTRICT="fetch". The package in question requires you to go to
upstream's webpage, sign license agreement and then you're fed with
download link. User argues that by giving people valid download link
hardcoded in ebuild we may encourage them to bypass the registration
step[1] and that may pose a legal threat. Can anyone more law-aware
comment on that?
TIA!
Kacper

[1] https://bugs.gentoo.org/show_bug.cgi?id=405803#c0


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 900 bytes --]

Re: [gentoo-dev] Are we allowed to provide valid SRC_URI for fetch restricted packages?

[Alec Warner]

On Sun, Feb 26, 2012 at 3:34 AM, Kacper Kowalik <xarthisius@gentoo.org> wrote:
> Hi all,
> I've been asked by a user to remove valid SRC_URI for a package that has
> RESTRICT="fetch". The package in question requires you to go to
> upstream's webpage, sign license agreement and then you're fed with
> download link. User argues that by giving people valid download link
> hardcoded in ebuild we may encourage them to bypass the registration
> step[1] and that may pose a legal threat. Can anyone more law-aware
> comment on that?
> TIA!
> Kacper
>
> [1] https://bugs.gentoo.org/show_bug.cgi?id=405803#c0
>

You should file a bug with the trustees; they deal with legal stuff.

-A

Re: [gentoo-dev] Are we allowed to provide valid SRC_URI for fetch restricted packages?

[Mike Frysinger]

[-- Attachment #1: Type: Text/Plain, Size: 651 bytes --]

On Sunday 26 February 2012 06:34:13 Kacper Kowalik wrote:
> I've been asked by a user to remove valid SRC_URI for a package that has
> RESTRICT="fetch". The package in question requires you to go to
> upstream's webpage, sign license agreement and then you're fed with
> download link. User argues that by giving people valid download link
> hardcoded in ebuild we may encourage them to bypass the registration
> step[1] and that may pose a legal threat. Can anyone more law-aware
> comment on that?

i don't see a problem here.  although this is something that you'd prob want 
to post to the trustees and let them make a decision.
-mike

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

Re: [gentoo-dev] Are we allowed to provide valid SRC_URI for fetch restricted packages?

[Rich Freeman]

On Tue, Apr 10, 2012 at 3:38 PM, Mike Frysinger <vapier@gentoo.org> wrote:
>
> i don't see a problem here.  although this is something that you'd prob want
> to post to the trustees and let them make a decision.
> -mike
>

This is a bit of a stale thread.  This particular package was modified
to remove the SRC_URI, so it is no longer outstanding.  The Trustees
have discussed, and i'd say a majority would prefer not to have
SRC_URI for fetch-restricted files.  However, I don't believe we put
it to a vote.

Personally, I tend to not see an issue here, but am open-minded to
specific precedents/etc that raise concerns.  I think others are a bit
more conservative.

Rich