The package build pipeline covers both the open and closed source parts of the FreePBX Distro. The pipeline produces both source and binary packages in one place for internal QA. After that, the binaries are copied in to Sagoma’s public production repository of packages for Debian 12.
Although Asterisk and FreePBX are open source, some Sangoma-produced modules are closed source. Traditionally, the source code is not released for these closed source modules eg. DPMA, the SIPStation and VI/WCS easy-button integrations, etc.
There’s been delays in this area before – as pointed out in an earlier post – but hopefully it makes more sense this time around that we are experiencing these delays if you also consider that the package build pipeline saw a lot of changes when the primary target moved from CentOS to Debian last year, after being an RPM-based system for a decade or more, while still maintaining that for v16, plus adding in the DEB-based work for v17. (It is much more than a doubling of the effort to maintain two parallel distros like this.)
Anyhow, there’s of course more details, but one specific privacy leak is related to email addresses of the packagers, which needs to be updated/genericized before we finalize the source output.
This still does not add up. The FreePBX DEB and Asterisk DEB are both released as open source. You are not saying no not everything in those packages are open source. You can not claim something as open source in binary format and when asked to give us the source for it told well technically the binary is not open source as it includes closed source things. Once you have released the binary as open source which you already did, all the source that made up that binary is now open source. You can not put the cookie back into the jar when called out on it. Sangoma made the choice to release a binary under GPL and now we the community are saying we want ALL the source of that binary that was released as GPL as we are legally entitled to.
So what you’re saying is just like the previous Distros released, SNGDF12 (SNGDEB) isn’t open source since it contains non-open source items inside of it. Am I understanding that correctly? Because no previous Distro was open source. The Distro release has historically been considered a commercial product.
Given that everything is modular, what would be the reason behind combining open-source and non-open software in the same packaging?
Package the open source stuff and document the source of it (as the community is requesting), and package the non-open stuff to be installed in separate .deb files. This seems so obvious that I don’t even know why I am writing it.
No they say it’s Open Source. The whole announcement of the Distro was it’s the first ever FreePBX distro to be open source, which I have already questioned publicly that you can’t have a Distro be open source when it includes non open source items but it like most things with the Penguin, it has fallen on deaf ears.
We all get that. This isn’t a problem if those closed source modules are released under commercial license. When I just installed the latest FreePBX it’s pretty clear going into modules which ones are commercial, and which are GPL. That right there is certainly enough of a statement of which ones are commercial that if what you are referring to is some of the various readme files and whatnot are listing GPL on commercial closed source modules, I doubt any court would side with the interpretation that just because some random GPL license file was accidentally included in a binary-only deb when the Modules front end lists it as commercial, suddenly makes that foss. I do get, though, that you would all want to make sure all the binary debs were cleaned up so as to avoid any embarrassments.
But if what you are saying is parts of the toolchain are not FOSS, or some FOSS modules can’t be built without including non-FOSS, that’s a horse of a different color.
Once you get the open source package eg. Asterisk SRPMs, then a FOSS toolchain should be able to be used to produce comparable binaries (probably not bit-for-bit, yet, as explained earlier.) This will be almost the same process in FreePBX v17 Distro as it was in FreePBX v16 Distro except, you know, DEB vs. RPM and all.
The big news from February is that YES we now have a Distro ISO!
…following almost a year of only having an (awesome ) shell installer for v17.
The shell script’s --opensourceonly option was added in the fall of last year and helps get to a purer open source install.
The new ISO presents an OSO spice level to utilize the --opensourceonly option during OS installation.
The sngfd12 Ansible role used to produce the ISO is open source – this is a big change from the past AFAICT the ISO build script was always closed before this.
The current ISO lacks additional closed source items from Sangoma – previously these were embedded on the ISOs eg. sysadmin. (Although when the shell script runs, then some closed source stuff will get downloaded at that time, which is hopefully pretty clear if you read through the options like OSO and ask what that’s all about.)
EULA comparisons
FreePBX Distro v5 from over 10 years ago (ISO link):
CentOS-6 EULA
CentOS-6 comes with no guarantees or warranties of any sorts,
either written or implied.
The Distribution is released as GPL. Individual packages in the
distribution come with their own licences.
FreePBX Distro v7
Sangoma-7 EULA
Sangoma-7 comes with no guarantees or warranties of any sorts,
either written or implied.
The Distribution is released as GPLv2. Individual packages in the
distribution come with their own licences.
FreePBX Distro v12
Sangoma FreePBX Distro 12.1.3-BETA End User License Agreement
Sangoma FreePBX Distro 12.1.3-BETA comes with no guarantees
or warranties of any sorts, either written or implied.
The Distribution is released as GPLv2. Individual packages
in the distribution come with their own licences.
If I understand CentOS Project Licensing Policy - The CentOS Project correctly, what they actually mean here is the compilation copyright. which is not really something I would have thought Richard Stallman had in mind, when creating the GPL. It’s the copyright in the selection and arrangement of the components, not any of the actual components. CentOS actually requires multiple licences to cover a working system. CentOS does require components to meet the Fedora Project definition of “open source”.
That’s all great and good but are you going to fulfill my request and provide what I asked for per the GPL? It’s been almost 30 days and I haven’t gotten what I asked for. Something that Sangoma is legally obligated to do.
Honestly, with all this push back and dancing around it is making wonder if this .deb is on the line for violation of the GPL. You are free to create a .deb that has open source and non-free programs in it but it’s how it is done that is the major concern. The open source and the non-free items must be completely independent of each other and not depend on each other.
So the open source and the non-free need to be completely separate binaries or scripts. There can be no linking of any sort between them, static or dynamic. They cannot share memory or APIs. One cannot depend on the other. The OSS version of FreePBX doesn’t depend on SysAdmin but SysAdmin depends on OSS FreePBX so that is questionable. However, until things are provided as they should be it’s going to be hard to determine what is what with all this.
) shell installer for v17.
back