Tools Repo

jdillard

@razzfazz:

it seems that any changes you made compared to the "TLA" that folks signed already would only affect new signees from this point on, no?

Correct. I also only made changes to the title and last modified date.

razzfazz

Another note: The required attribution text in section 3b) explicitly says "2014"; that is probably not what you really want folks to keep using moving forward, is it?

msi

The tools repo is under a OpenSSL-like license which is OK to me, but now I have a doubt when it comes to patches to the base system or ports in the case of upstreaming.
(part of the stuff I am interested is going through patches and trying to figure out whether this as possibly of interested in upstream ~ less to care in pfSense)

As I understand the license it's OK for pfSense to take BSD code, integrate and modify with additional terms in this new license: BSD -> pfSense-tools License works.

However I'm twisting my head around this new license when it comes to upstreaming things to a BSD-licensed project such as the base FreeBSD.
In my understanding I'd have to punch a patch for Freebsd in shape and then I'd have to offer it under the OpenSSL-derived license, not BSD)

I'm asking mainly since I really don't want to stand on anyone toe and to properly understand the intentions of this new license.

Grub3

https://portal.pfsense.org/members/signup/ICLA 
is unacceptable, as it transfers copyright free developer work to a company without compensation.

This assignment also suggest that pfSense codebase (not pfSense brand) is the ownership of all developers and this is an interesting information, thank you.

As a member of the future developer alliance incorporated under a foundation, we don't recommend signing this agreement.
Please read pfSense Internet neutrality and FreeBSD licence post.

msi

@Grub3: I remember GOOSE as Smartcard vendor, props for that.
However: Although the effective difference is little, there is a difference in legal terms on what you write and what the CLA says:

• The CLA doesn't mention copyright ownership, you give them a license to do almost whatever they whish with your code i.e. sublicense etc (you don't give them warranties).

• There is a difference between and extensive license that you grant ESF and copyright transfer (the later isn't even possible in some countries ie. most EU countries).

If you contribute to Apache projects you have to sign a their CLA (http://www.apache.org/licenses/icla.txt), beyond s/ESF/Apache Foundation/g is the same as the CLA of pfSense.
Agreed difference: Apache is US-based non-profit 501(3) while ESF is a (for-profit) LLC. 2 widely known OSS projects have a very similar CLA with the entity being a company: Android and Chromium. Another that I know about is Joyent SmartOS.

In comparison Sun (RIP): On a lot of their projects they insisted on copyright assignment which is what allowed Oracle to close back previously open projects without much acknowleding external contributors (think Solaris).  I'm definitely not pro-CLA and extensive licensing to an entity (Linux and illumos explicitely share copyrights), but I don't see ESF isn't reinventing the wheel and doing necessarily more evil than others that have CLAs too.

If you aren't OK with the CLA, don't sign it, if you feel to fork, do so by respecting of the terms under which you received the code.

Guest

@Grub3:

https://portal.pfsense.org/members/signup/ICLA 
is unacceptable, as it transfers copyright free developer work to a company without compensation.

No, it does not.

Grub3

Here are the facts:

https://www.pfsense.org/ESF_Individual_Contributor_License_Agreement_v1.0.pdf

Grant of Copyright License
.Subject to the terms and conditions of this Agreement, You hereby grant to ESF and to recipients of the Work a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and derivative works thereto, including but not limited to combination(s) of Your Contributions with the Work

Your company is asking individual contributor to grant ownership of their code to your company, without compensation other than access to their source code.

pfSense licence agreement is available here:
https://www.pfsense.org/ESF_License_Agreement_v1.0.pdf

Copyright 2014. Electric Sheep Fencing LLC. The pfSense
software is offered under license from Electric Sheep Fencing LLC
(“ESF”)

The ESF licence is a very restrictive licence, including a copyright where your company owns everything and people only have the right to ask for permission.
i.e. there is no freedom to modify the source code, i.e. no copyleft. The problem is that all community is about copyleft, so are killing the community and destroying the project.

You are simply REBRANDING THE WORK OF THE COMMUNITY, putting an Electric Sheep Fencing STICKER on it to pretend it is YOURS.

We would prefer:

Copyright 2014. Electric Sheep Fencing LLC. The pfSense
software is offered under the FreeBSD licence without any limitation.

The difference is that the FreeBSD offers copyleft and the ESF does not.
The FreeBSD would still allow you to make commercial works from pfsense source code.

Grub3

To make a comparision, this repo is like "offering free keys" to a house owner, prevented that "the owner grants you ownership of the house".

cmb

License != ownership. EVERY open source project in proper legal standing does exactly the same as what we're doing. Apache? Yep. Linux? Yep. FreeBSD? Well they will be soon, possibly using our exact CLA.

Nothing about prohibiting modifications is in any way remotely true. You just can't modify it and put our brand on it. You can't do that to any other trademarked open source project either.

grub3's other ignorance addressed in other threads since he's been busy spreading bullshit all over the place.

msi

@cmb: Can you share a clarification on the patches applied to ports and the base system as I mentioned?

It's really just a matter of "I'd like to understand things correctly". I guess that the less patches pfSense has to mangle (8.3 had quite some backports too), the quicker pfSense can stay in sync - and it seems as of currently 2.2 seems to be very closely tracking 10-STABLE.

A couple of patches miss some comments - without that it's pretty difficult if you are not closely related to the code or the author of said patches. ;-)

cmb

There's no issue in including BSD licensed code (and we'll release it as same as it goes upstream and stays closer to the most recent). Things in that regard haven't changed at all. BSD and similar licenses are fine to include. GPL and other more restrictive licenses cannot be, same as before.

Thanks Mathieu, appreciate all your contributions. Sorry your question got lost in the noise from the trolls and/or tinfoil hat crowd.

msi

Thanks Chris, that's what I guessed.

As author of patches and thus copyright holder one can always define the compatible license when passing upstream.
However as contributor I have to stick with the license it comes to me which is the OpenSSL-style license in the top directory.

I don't see an issue for code from pfSense itself, it's only about the bits that pfSense takes from upstream FreeBSD and makes patches for it: base and ports.
With the old license it was simple as it was the same license, now there is a little difference, and if there is something stupid happening I can't take a fix in pfSense and send upstream if I'm not the original author.

I'm not a lawyer so if you tell us that without additional mentionings it's just fine, then I shall stay silent :-)
Otherwise what about clarification in the top-level license or explicit license file or information for pfPorts and patches directories (i.e. ~ "These files are governed by same license as unpatched upstream source.").

Guest

@Grub3:

Here are the facts:

https://www.pfsense.org/ESF_Individual_Contributor_License_Agreement_v1.0.pdf

Grant of Copyright License
.Subject to the terms and conditions of this Agreement, You hereby grant to ESF and to recipients of the Work a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and derivative works thereto, including but not limited to combination(s) of Your Contributions with the Work

Your company is asking individual contributor to grant ownership of their code to your company, without compensation other than access to their source code.

You're wallowing in your FUD.

Point in fact, we are not "asking individual contributor to grant ownership of their code".

"ownership" of the copyright on the code would require an assignment, which we are explicitly NOT asking for.

This is about a non-exclusive license.

@Grub3:

pfSense licence agreement is available here:
https://www.pfsense.org/ESF_License_Agreement_v1.0.pdf

Copyright 2014. Electric Sheep Fencing LLC. The pfSense
software is offered under license from Electric Sheep Fencing LLC
(“ESF”)

The ESF licence is a very restrictive licence, including a copyright where your company owns everything and people only have the right to ask for permission.
i.e. there is no freedom to modify the source code, i.e. no copyleft. The problem is that all community is about copyleft, so are killing the community and destroying the project.

Let's take your points in order here:

• "a copyright where your company owns everything" – false.  just a non-exclusive license to the copyright

• "there is no freedom to modify the source code" – 100% false.  You just can't call the result pfSense.

• "i.e. no copyleft" – Here you are 100% right.  There is NO WAY IN HELL we're going to GPL the code.

• "The problem is that all community is about copyleft."  – You appear to have missed the turn that takes you to the linux village.  This is BSD-land.

• "so are killing the community and destroying the project." – you offer no proof here.

@Grub3:

You are simply REBRANDING THE WORK OF THE COMMUNITY, putting an Electric Sheep Fencing STICKER on it to pretend it is YOURS.

Seriously?  Let's look at some data.

https://forum.pfsense.org/index.php?topic=76140.0

Also, the brand applied is "pfSense", not ESF.

@Grub3:

We would prefer:

Copyright 2014. Electric Sheep Fencing LLC. The pfSense
software is offered under the FreeBSD licence without any limitation.

The difference is that the FreeBSD offers copyleft and the ESF does not.
The FreeBSD would still allow you to make commercial works from pfsense source code.

You would prefer a license which does not exist?  There is no such thing as "the FreeBSD license" (or licence).  There is a BSD license (several versions exist.  Most people know about the 2-clause and 3-clause variants.)

This, along with your call for GPL, and your misunderstanding of the difference between assignment and license, tends to show that you really don't know what you're talking about.

Guest

@Grub3:

https://portal.pfsense.org/members/signup/ICLA 
is unacceptable, as it transfers copyright free developer work to a company without compensation.

If it was an assignment (which it is not), then yes, it would transfer copyright to ESF.  It does not, but rather grants a non-exclusive license.
There is a big difference here.

BTW, your call for GPL est très drôle, parce que le FSF exige assignment (transfer of ownership) of copyright when you contribute to their projects.

Read these and ponder your hero:
http://www.gnu.org/licenses/why-assign.html
http://www.gnu.org/prep/maintain/html_node/Copyright-Papers.html
http://www.fsf.org/licensing/assigning.html

@Grub3:

This assignment also suggest that pfSense codebase (not pfSense brand) is the ownership of all developers and this is an interesting information, thank you.

As a member of the future developer alliance incorporated under a foundation, we don't recommend signing this agreement.
Please read pfSense Internet neutrality and FreeBSD licence post.

You are entitled to your opinions, of course.  Even when they're laughably wrong.

BTW, don't post here again on this subject.  There is a forum for licensing discussions.  Any further postings by you in Development, which are about licensing, will be deleted.

rudivd

hi Jeremy,

You stated that in the https://portal.pfsense.org/ there should be an $0 developer option, for subscribing.
I cannot find it. The subscription form only states $99 and up subscriptions, and I just want to have acces
to the repo.

Rudi

kpa

@rudivd:

hi Jeremy,

You stated that in the https://portal.pfsense.org/ there should be an $0 developer option, for subscribing.
I cannot find it. The subscription form only states $99 and up subscriptions, and I just want to have acces
to the repo.

Rudi

The instructions are quite wrong and incomplete because you can't create an account unless you either subscribe for support or sign the ICLA at the same time. Unfortunately the only piece of information that directs you to the ICLA is here on forums and not on the portal page (you hear me admins?) Go here and fill in the form to sign the ICLA and create your account:

https://portal.pfsense.org/members/signup/ICLA

jdillard

I modified the original post to clear up the instructions.

kpa

Thanks :) Could you also look into adding a link to the ICLA on the portal page?

dreamcat4

I cannot for the life of me get this to work.

@jporter:

If you are being prompted for a password your ssh-key is not working.

This ^^

@jporter:

Check your local ssh-agent and make sure it is running.  Check that your ssh public key is valid and correct in your profile.  Sometimes cutting and pasting can introduce unwanted whitespace/newlines.

Checked.

@jporter:

DSA Keys longer than 512 characters will fail work in the portal.  Keys encoded up to 1024 bytes are ok.  Still avoid newlines.

Checked.

@jporter:

If there are other pointers suggestions you can add them here, and I'll update the post.

What is really missing is a full example of all the little steps from scratch. By that, I mean showing the correct sequence of "ssh-agent" commands, and so on for generating a key file. With some kind of example of what the public key should actually look like, once pasted into the web form / input box.

See here for other such guides:

• https://confluence.atlassian.com/pages/viewpage.action?pageId=271943168
• https://help.github.com/articles/generating-ssh-keys
  [EDIT]

• https://help.github.com/articles/error-permission-denied-publickey

[EDIT]
On IRC, someone say they signed up long ago with this link, to get LA:

https://portal.pfsense.org/members/signup/la

However that not work anymore. So I wonder it that have anything to do with it. Because my subscription only have ICLA and LA accepted (but not TLA). Many thanks.

EDIT: moderator edit to correct incorrect link

jporter

Fyi there is currently a bug with the tools repo, we are working on it:
https://forum.pfsense.org/index.php?topic=79413.0