Rocky Linux claims to have found 'path forward' from CentOS source purge

The backlash against Red Hat's decision to stop distributing the source code of RHEL for free to non-customers continues to widen.

Last week, we reported that Red Hat would pull the sources of its enterprise distribution from its public Git servers. To quote Douglas Adams once again: "This has made a lot of people very angry and been widely regarded as a bad move." So much so, in fact, that Mike McGrath, the Hatter who announced the change, has felt compelled to publish a response defending it.

Compared to his previous post, for us, this one is refreshingly plain spoken, and we recommend taking the time to read it. As one might expect, McGrath both defends the move and rejects allegations of violating either the spirit or the terms of open source licensing. The core argument is that the free rebuilds of RHEL add no value either to Red Hat as a company or to the open source ecosystem as a whole; they simply deprive Red Hat of revenue that it fairly earned producing arguably the stablest of stable distros… and he does have a point.

Meanwhile, though, the ripples continue to spread. Former Hatter Jeff Law posted an elegant critique to the Fedora-devel list, and the maintainers of probably the oldest RHEL rebuild still standing, Springdale Linux, have also noted that the move will cause them problems. An academic rebuild, Springdale used to be called PUIAS Linux after Princeton University and the Institute of Advanced Studies where it was created, and it predates even CentOS Linux.

Blogger and vlogger Jeff Geerling, who we've written about more than once before, is furious. Although he's probably best known for his Raspberry Pi-related content, Geerling is a prolific author of both playbooks, and perhaps more importantly textbooks, for the Ansible infrastructure-as-code tool, which Red Hat has owned since 2015. Geerling is removing support for RHEL from his tools. That won't merely inconvenience this community, it'll hurt.

An interesting development is that the organization behind Rocky Linux says it has found what it describes as a "path forward" into "a brave new world," which it says "does abide by licensing agreements" – although we note that this doesn't specify whose licensing agreements. The announcement says updates to both 8.8 and 9.2 have now resumed. The Register asked founder Greg Kurtzer for more information, but at the time of writing had received no reply. We don't blame the Rocky management for playing their cards close to their chest, but if they have been able to find a workaround, we suspect that soon enough those behind the other rebuilds will too.

The Software Freedom Conservancy's Bradley M Kuhn has published a detailed analysis of the GNU General Public License (GPL) issues around the move – which The Reg is gratified to note links back to our earlier story. The tone of this is generally highly critical, but it can't directly point to any violation on Red Hat's part.

The key point a lot of the louder critics have missed is that the GPL only obliges the Hat to provide source code to parties to whom it has provided binaries, and not to the rest of the world. Red Hat customers still can get the source code, so the Hat isn't violating the GPL. The GPL doesn't free them from their Red Hat contracts: they can redistribute the source code if they so wish, but equally, the Hat can respond to them doing so by terminating their customer contracts, and that is 100 percent compliant with the GPL.

• Red Hat strikes a crushing blow against RHEL downstreams
• Red Hat to stop packaging LibreOffice for RHEL
• Red Hat releases RHEL 9.2 to customers, with buffet of rebuilds for the rest of us
• Red Hat layoffs spark calls to unionize, CEO wades in

And it's not all about the GPL. All Linux distros include lots of code which is governed by multiple different licenses, including different versions of the GPL. All of these impose different requirements, and most of them are more permissive than the GPL.

There are an awful lot of people who feel that simply because this is Linux, they have some kind of right to get it for free. Unfortunately, they don't.

Among the many criticisms of the move, many detractors have pointed out that Red Hat benefits, indirectly but considerably, from the large pool of expertise generated by people using the free rebuilds. This is perfectly true, but it's also true that the company has two other completely free-to-use OSes: Fedora and CentOS Stream. It also offers freely distributable Universal Base Images which may allow you to run RHEL-specific apps on top of other distros – so long as the apps' license and support agreements permit, of course, but that's the customer's lookout. They won't help with drivers or other things that need specific RHEL kernel versions, obviously, but even with RHEL, customers are far freer from vendor lock-in than are users of any proprietary OS.

What's next

We suspect that IBM-owned Red Hat is not going to back down on this, and if the rebuilds find ways around these restrictions the Big Purple Hat will simply come up with new restrictions.

Any business does have a legitimate right to defend its model and products. Setting aside the large numbers of angry people who don't really understand how open source licenses work, our impression is that the core issue here is that there are an awful lot of people who feel that simply because this is Linux, they have some kind of right to get it for free. Unfortunately, they don't. That is not what the "free" in Free Software means, and it never was. Red Hat puts an enormous amount of work into developing Free Software, into making sure its code makes its way back upstream, and into producing safe, secure, and long-term stable supported versions of inherently rapidly changing FOSS software, aimed primarily at large enterprise customers.

And perhaps the clearest sign that it's not really interested in dealing with small users and small customers is that it continues to make the product available free of charge for those who only want up to 16 servers. (A temporary glitch that made it look like this had gone up to 240 was just a bug.)

There are a host – pun intended – of other distros out there if you don't want to pay for your Linux. If you are happy to pay but you feel aggrieved with IBM or Red Hat, both Canonical and SUSE will be happy to take your money and provide you with enterprise-level support, and both of them let you get and use a version of their enterprise OS entirely free of charge.

After over a decade of trying, it may be that Red Hat has finally found a way to shut down the RHEL rebuild aftermarket. It never was under any obligation to provide ready-packaged source code in a form that made it easy for competitors to construct identical copies. That is not what the GPL – or any other FOSS license – was ever about. The critics may be right: long term, this may be harmful to Red Hat, but its move into enterprise software sales was wildly successful, and for now, this could actually help the company. ®