CommonPackagingMistakes updated -- notes about debian/copyright

Matthew Palmer mpalmer at hezmatt.org
Sun Jul 23 02:03:02 BST 2006 

On Sat, Jul 22, 2006 at 11:47:58PM +0200, Stefan Potyra wrote:
> == Prelude ==
> When reviewing packages, one major common error I find is that 
> the copyright file is missing some information. However with debian/copyright
> wrong or incomplete, you'll get a veto from me for sure. The reason is 
> simple: If something is missing in debian/copyright, that's a violation
> of the involved licenses which makes the package per se undistributable.

On what do you base the assertion that information missing from
debian/copyright automatically makes a package undistributable?

> == The importance of debian/copyright ==
> The most important thing of debian/copyright is, that it holds the 
> copyright information for the binary package.

Unless you're writing per-binary-package copyright files (very uncommon),
then the same copyright file will be shipped in each binary package,
potentially making parts of the copyright file inapplicable to one or more
of those binary packages.

> licenses. There is no such thing as a general rule of thumb to get it right:
> Different licenses have different requirements for redistribution. While a 
> public domain license may even state that you can do everything with the 
> sourcecode (which would mean that you needn't put anything into 
> debian/copyright,

Like hell you shouldn't.  If all of the copyrightable material has been
placed into the public domain, that should be documented in
debian/copyright.

> or could even choose your own "may be distributed in cd form only on rainy 
> saturday's"-license),

You could stick with the Debian-canonical "must pet a cat" licence, to keep
things simple.  Perhaps noting that such licences are not UFSG-free would be
good, too.

> === Example 1: GPL ===
> The GPL requires that the complete license text is distributed (you can
> refer to /usr/share/common-licenses/GPL, which is always there on 
> debian/ubuntu
> systems), the authors and the short disclaimer of warranty (which you should
> include into debian/copyright). An example is in the license itself, but
> I'll post it here again for clarity:

Never, ever use the boilerplate.  It probably won't match what the author
put in the source.  Find the licence statement in the source files and copy
it in -- not reference, *copy*.  That way you'll be getting *exactly* what
the author specified, instead of some (possibly misleading) boilerplate.  As
an added bonus, this generalises to any licence, so you can drop a couple of
hundred lines of repetitive examples.

> What licenses can be combined can be found at
> [http://www.gnu.org/licenses/license-list.html]

That would be "the Free Software Foundation's opinion on what licences can
be combined".  Useful, but unless the copyright is held by the FSF, it isn't
the final word.  It's far better to get the definitive word from the authors
of the software.

> Usually you'll need to list the different licenses as well in 
> debian/copyright.

"Usually"?  Can you give an example of a case where the different licences
*wouldn't* have to be listed in debian/copyright?

> A good way to do this, is to list files with a different license together 
> with the license in question. Wether you'll actually need to list the 
> different
> licenses depends solely on the license involved.

The licence text needs to be included either explicitly or by reference to
one of the standard forms in /usr/share/common-licenses.

Have you considered including content from or references to existing
literature on debian/copyright files, such as those from Peter Palfrader
(http://lists.debian.org/debian-devel-announce/2003/12/msg00007.html) and
Andrew Suffield
(http://lists.debian.org/debian-legal/2003/12/msg00194.html)?

- Matt

-- 
"You could wire up a dead rat to a DIMM socket and the PC BIOS memory test
would pass it just fine."
		-- Ethan Benson

More information about the Ubuntu-motu mailing list