Difference between revisions of "FreedSite"

From LibrePlanet
Jump to: navigation, search
m
m
Line 1: Line 1:
 +
[[Category:FsfSysAdmin]]
 +
 
This page is in progress and isn't intended to make much sense to people other than [[user:Dclark]] yet. It should be fleshed out in time for a lightening talk at [[LibrePlanet2009]].
 
This page is in progress and isn't intended to make much sense to people other than [[user:Dclark]] yet. It should be fleshed out in time for a lightening talk at [[LibrePlanet2009]].
  
Line 386: Line 388:
  
 
* http://wiki.gnewsense.org/Kernel/linux-ubuntu-modules--non-free-files
 
* http://wiki.gnewsense.org/Kernel/linux-ubuntu-modules--non-free-files
 
[[Category:FsfSysAdmin]]
 

Revision as of 13:01, 8 March 2009


This page is in progress and isn't intended to make much sense to people other than user:Dclark yet. It should be fleshed out in time for a lightening talk at LibrePlanet2009.

Links

Related Wiki Pages

Related External Pages

Definitions of "Free" and "Open" in various contexts

Freed Site Definition

Probably want degrees / types of compliance like Creative Commons cc Licenses

Freed Site Early Draft Definition 0.01

  1. All configuration changes happen via changes to a source code repostiory.
  2. The entire source code repository except pieces of information that are private or are auth tokens is available to the public.
  3. The live versions of all configuration files that differ from those installed by packages are exposed in the source code repostiory.
  4. The source code packages and binary packages that are included on the machine are made available.
  5. It is possible for the user to download the site and bring it up within (eg no onerous deps)

Extended version:

  1. Can get template versions of all data
  2. Can get all non-private data

Compliance Web Button

Made with http://cssbutton.com/maker/

<a href="http://freedsite.org">
    <span style="background: #fff; 
                 padding: 1px; 
                 font-family: Silkscreen, Geneva, Vera, Arial, Helvetica, sans-serif; 
                 font-size: x-small; 
                 border: 1px solid #999999;">
      <span style="color: #000000; 
                   background: #a76bcf; 
                   padding: 0px 3px 0px 3px;">
          FREED
      </span>
      <span style="color: #a76bcf; 
                   background: #000000; 
                   padding: 0px 22px 0px 3px;">
          SITE
      </span>
    </span>
</a>

Trademark Registration

If this idea becomes popular, should probably apply for trademark so it continues to mean what is decided on by the community:

Misc Notes

Update if/when ready

To update when live:

The 2-clause BSD of Network Services

"Bradley M. Kuhn" <bkuhn@softwarefreedom.org> user:Bkuhn in "GPL, The 2-clause BSD of Network Services" writes:

We need to encourage, and more importantly, make it easy for network service deployers to make source of network applications available, regardless of their particular FLOSS license. No existing non-AGPL FLOSS licenses prohibit making the source available to network users. Network providers can and should simply do it voluntarily out of respect for their users. Developers of network service software, even if they do not choose the AGPL, should make it easy for the deployers to give source to their users.

.deb automatic source

Automatically installing source and build-deps for binary packages?

Is it possible to configure apt to force the install of source and build-deps for the exact versions of all installed binary packages?

Ideally the configuration would cause "apt-get install foo" to fail if the exact same version of the source and build-deps (and down through the chain of sources for those build-deps) could not be installed.

The use case is to have a virtual machine (virtual appliance) that is redistributable to others while being in compliance with the GPL provisions regarding the distribution of “Corresponding Source" when binaries are distributed (I see little difference between a virtual machine and a distribution like MEPIS - see http://www.linux.com/feature/55285 for details).

Note: user:Brett wrote a quick app that does this, mostly, in python... TODO put link here

Notes on how to implement franklin street statement from a technical POV

USER FREEDOM

Work from the other direction - what is technically possible?

Data Access

Taken for granted until recently because our data has always lived on local drives, or on servers we controlled. As a result, this is implied by the Free Software Definition and yet not protected by the GPL (even v3). DRM falls into this area- the software or hardware takes away your data access, and hence deprives you of the user rights. Sliding scale includes not having any data access (many web services), having access to the data, but only as a binary blob (most end-user proprietary software), or having access to the data stored in standardized or otherwise open formats.

Source Access

As noted in the Free Software definition, this is a precondition for all other user rights. Sliding scale can include (among other options) mandatory provision (GPL v2), mandatory provision and reuse (v3’s tivo clauses), or no such (BSD.)

Configuration Access

Roughly defined as the files that tell the compiled source what to do.

Hardware Access

Never much discussed because, unlike everything else here, hardware actually is scarce, and so can’t be provisioned merely by good intent or good licensing. May make some sense to discuss in the context of servers, though- for example, if all your source is available, but it can only be run on multi-billion dollar server farms, is it actually meaningfully open? Does dealing with this angle require p2p solutions, or will single-point of failure solutions (with other safeguards) be sufficient?

SkW: System Administration / Freedom / Web Services

Quotes from Hackers / Heros of the Computer Revolution / Steven Levy

The thing he [rms] liked about the AI lab at Tech Square was that "there were no artificial obstacles, things that are insisted upon that make it hard for people to get any work done - things like bureaucracy, security, refusals to share with other people."

[...] administrator of the AI lab [...] hired Stallman as a systems programmer [...]

The first incursion was when passwords were assigned to Officially Sanctioned Users [...] RMS despised passwords [...] computers he was paid to maintain did not use them.

The outside world, with its affection for security and bureaucracy, was closing in.

AI lab steadfastly refused to limit access to its computers [...] anyone could walk in off the street and use the AI machine [...]

[...] the behavior of the new "tourists" taking advantage of the freedom of the AI computer [...] did not seem as well intentioned, or as eager to immerse themselves into the culture, as their predecessors. In previous times, people seemed to recognize that the open system was in invitation to do good work [...] new users could not handle the freedom to poke around a system, with everyone's files open to them.

"More and more people come in having used other computer systems. Elsewhere it's taken for granted that if anybody else can modify your files you'll be unable to do anything, you'll be sabotaged every five minutes. Fewer and fewer people are around who grew up here the old way, and know that it's possible, and it's a reasonable way to live."

[...] not the only problem [...]

To RMS, who still believed that all information should flow freely, this was blasphemy.

The people remaining at the lab were the professors, students, and non-hacker researchers, who did not know how to maintain the system, or the hardware, or want to know. [...] Needed changes in software could not be made.

The emergence of hackerism at MIT twenty-five years before was a concentrated attempt to fully ingest the magic of the computer; to absorb, explore, and expand the intricacies of those bewitching systems; to use those perfectly logical systems as an inspiration for a culture and a way of life.

TODOs

  • Think of what appropriate libre license would look like w.r.t. entire computer infrastructures (vs web services/AGPLv3 or single programs/GPLv3)
  • Get quote from maybe config-mgmt mailing list about only way of figuring out how to use software was because of accidental release of actual real-site config files (think this was Luke/puppet related)
  • Make Bcfg2 know about / be able to template everything, and have metadata available about things that are not directly available via web interface / expose entire filesystem via web interface
  • Google Summer of Code application

Ideas for Bulletin / Blog Posts

Nix Packages Bcfg2 / Puppet / autonomo.us / "freedom meter" / Arusha gNewSense Builder Prophet / Clipperz / CounchDB / etc

Developers: Think of the user's freedom, and the user's ease of sharing freedom, as the ultimate features for your project. Think of sys admins (configuration) and end users (data), not only the source code of the project itself.

Sys Admins: Make your sites available. Register (with prophet-based freedsite.org service?) - (Ontology)

cc-like ontology of both freenesses

Goal of member card: be an example of Literate System Administration

How to do distributed compliance checking / freedom verification

Some ideas from gNewSense conversations:

7/11
On Fri, 2008-07-11 at 07:07 +0200, Sam Geeraerts wrote:
> > Danny Clark wrote:
>> > > Bake Timmons wrote:
>>> > >> Danny Clark <dclark-dGWS0fDw8IM@public.gmane.org> writes:
>>> > >>
>>>> > >>> (Q1) Is a version control program not used just because no one has had
>>>> > >>> time to implement it, or are there arguments against it?
>>> > >> Lack of time has been my impression of the problem.  The wiki tables
>>> > >> have been a quick and easy solution, but just a first step.  I agree
>>> > >> with your comments and am eager to help adapt KFV Mode to a better
>>> > >> back end.  I would be surprised if git were not the most efficient
>>> > >> back end.
>> > > 
>> > > Git is efficient, but also a real pain in the ass to work with
>> > > (extremely nonobvious behavior - and this is coming to me from top
>> > > percentile programmers (former OLPC colleagues), not newbies), and it is
>> > > not (yet) well integrated with a bunch of other tools.
>> > > 
>> > > As I recall this is partly because Linus wanted git to be more of a core
>> > > library that others wrote front ends to, but I think he has since
>> > > changed course, and is trying to make git easier to use. I'm not sure
>> > > what the current state of that is, as I haven't touched git in >6 months.
>> > > 
> > 
> > If we're going to use version control, it might be worth looking at 
> > Bazaar. If we're going to use similar tools as Ubuntu, we might as well 
> > use the same ones. It makes cooperation between the two distros easier 
> > (and Mark and Jono have expressed even more interest in that since the 
> > downfall of Gobuntu) and make it easier for Ubuntu contributors to work 
> > on gNewSense.

This is a good point.

> > 
>>> > >> Moreover, I hope that this new back end could be adapted for *all*
>>> > >> freedom verification work, including what gNewSense started to do for
>>> > >> packages (PFV).  One difference between KFV and PFV is that PFV
>>> > >> typically involved looking not at a file of source code but at a file
>>> > >> of license text that covered a whole package.
>> > > 
>> > > Or even a step beyond that, to freedom verification work even for
>> > > non-gNS projects, and then have the gNS-specific stuff be separated out
>> > > (there really shouldn't be that much packaging code that's separate from
>> > > the pristine sources).
>> > > 
>> > > This seems like it's abstractable to "we need to maintain a database of
>> > > information about a set of files that changes over time, and have nice
>> > > front ends to maintaining that information". I have to think that there
>> > > are - or really should be - nice Free Software products / sites covering
>> > > that problem space. Fossology - http://fossology.org/ - was recently
>> > > pointed out to me, but I haven't had a chance to look at it in depth yet.
>> > > 
>> > > I have a few related memos circulating around the FSF offices about
>> > > this, so soon I should have rms etc. opinions.
>> > > 
>> > > Also re: PFV, I just had a talk with Deb (IRC freedeb), maintainer of
>> > > directory.fsf.org, and it turns out that there are plenty of cases where
>> > > you need to look at every file with packages as well, or at least use
>> > > some simple (grep/keyword) heuristics to scan through the files. She has
>> > > some nice (but internally-focussed) write-ups on how she does that that
>> > > may make it to the resources section of the FSF website in the fullness
>> > > of time.
>> > > 
> > 
> > I don't really know how FOSSology works or what it does exactly, but it 
> > sounds like something that we can use. Too bad their live demo is not up.


Seems that it didnt get recorded at LCA which is a pity.
kk

-- Karl Goetz <karl-gjSFtu7vIzwXC2x5gXVKYQ@public.gmane.org>

7/12(?)
Moreover, percent calculations on some section pages are wrong, so I will look into that using the kfv.el program.


7/13
OK, I have updated the section pages in question, and am glad to say
that we are indeed done with linux-ubuntu-modules, with the exception
of just two files that Eric is waiting to get an email reply for.
These are the two files that I took the liberty of adding to the
non-free page; I would happy to be found wrong about adding them.
Thanks to everyone who pitched in on this reporting!

The effort, however, does continue, since we have much more to verify
in the rest of the kernel as well as packages.  Moreover, we should
always try to improve our process, such as handling upgrades in a
civilized way.

One immediate issue that we should sort out is what "DONE" means.  To
me, it means that one *intends* no further changes to an entry in the
table.  That implies that either the entry is found to be 100% free
(noted with a "N/A" report) or that it has been completely reported
(noted with a "Yes" report) using whichever mechanism the project
recommends, such as reporting a bug.  The %done for an individual
non-free file can be interpreted differently: e.g., one might say 50%
if it has not yet been reported.  However, I think the main thing is
not any intermediate percent values but whether it is 100% done,
implying a "Yes" report.  That explains why I also took the liberty of
marking Eric's two files as not done, since he is still waiting on a
reply about their status.  Please correct me if I am missing something
about the "DONE" issue.

In looking back on the KFV process, I recall the time that Brian
reminded us that the big problem is non-free firmware (i.e., binary
blobs).  I felt a little stupid at that point, since I had mostly
thought about license details.  Then Danny mentioned a possible
evolution of our process to have a more sophisticated back end.  We
are also considering what place license-guessing tools such as
Fossology might have.  Change always risks some discomfort, so I hope
everyone voices their concerns as we move beyond linux-ubuntu-modules.

7/22
It'd be nice to finish off the Kernel. While we've completed sound+drivers,
which is where I'd expect the vast majority of the non-free stuff to be,
there's still a few thousand files to be checked and we've been caught by
suprise before.

Checking external BTS is a good idea from a tactical standpoint, but
strageically we need to do the full check of kernel/main/universe to be sure
we're free.

http://wiki.gnewsense.org/External-BTS-freedom-bugs

Since Brian seems to want just a simple list for now, it now is
available at

http://wiki.gnewsense.org/Kernel/linux-ubuntu-modules--non-free-files

The script that generated the list, filter-non-free-files, had a
problem related to sorting, so I ended up redoing it in bash and have
attached it.  Other than working properly, the other (very slight)
improvement is that no items in a directory are listed if the
directory itself is to be deleted (i.e., is 100% non-free).

I agree with Karl that it would be nice to convert the list to
hyperlinks, so just let me know, Brian, and I will do that.




#!/bin/bash
#                              -*- Mode: Bash -*-
#
# Usage: filter-non-free-files [file of sorted path names]
#
# Given gNewSense KFV table source on standard input, print on
# standard output relative file paths corresponding to any table rows
# specifying non-free files.  Such table rows are converted to regular
# expressions that are matched against a special file of sorted,
# relative file paths.  A single optional argument can indicate the
# location of the special file, otherwise the default value is
# "all-file-paths".

# Here is an example of creating the special file:
#
# $ find linux-ubuntu-modules-2.6.24_16.23/ \
#       | sort -t/ -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 -k6,6 -k7,7 -k8,8 -k9,9 \
#       > ~/kernel-files
#
# Here is an extended example of use:
#
# $ find /var/www/wiki.d/ -mtime -1 -type f -exec cat '{}' ';' \
#       | filter-non-free-files ~/kernel-files > to-remove-new
# $ rm -fr $(cat to-remove-new)
# $ touch removed \
#       && cp removed removed-old \
#       && sort --unique --merge removed-old to-remove-new > removed
#
# The "removed" file in this case is a record of removed files and
# could be included in a web page, for example.

lastpath=^$

if [[ $1 ]]; then
    filepaths=$1
else
    filepaths=all-file-paths
fi

grep --only-matching 'linux.\+||0%||[^|]*|\?\(N\|Y\)[^/]' \
| sed -n -e 's/\([^|]\+\).\+/\1/' -e 's/--/\//g' -e 's/-/./gp' \
| sort -t/ -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 -k6,6 -k7,7 -k8,8 -k9,9 \
| while read pattern; do
    while read -u 4 path && [[ ! ($path =~ $pattern) ]]; do
	false;
    done
    if [[ $path && ! $path =~ $lastpath ]]; then
    	echo $path
    	lastpath=$path
    fi
done 4<$filepaths
> > no, scuse me
> > is ok...

> > Il giorno mer, 16/07/2008 alle 14.29 +0200, crap0101 ha scritto:
>> >> what's appened at the table???
>> >> http://wiki.gnewsense.org/Kernel/Image
>> >> 
>> >> new formatting rules?

The only problem I noticed with KFV tables is some excessive updating
of summary dates, which could have resulted from a bug in kfv.el 0.8.
Interested readers can find this and other fixes at:

https://gna.org/svn/?group=pfv-mode

In the announcement for the project page that includes KFV Mode, I
could have been clearer about the URL containing screenshots for the
new version:

http://home.gna.org/pfv-mode/#sec1


I should also note my *adoption* of the arch directory, where I have
checked 245 files so far.  The checking has been done on the
relatively obscure mips directory.  (I did this because I was using
quite experimental kfv.el code at the time and wanted to minimize the
impact of any bugs.)