[4132] in Release_7.7_team
An idea for a technically enforced definition of 'Administered by
daemon@ATHENA.MIT.EDU (Bill Cattey)
Tue Nov 25 15:12:16 2003
From: Bill Cattey <wdc@MIT.EDU>
To: owls@mit.edu, release-team@mit.edu
Cc: openafs-release@mit.edu
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-Id: <1069791126.20186.84.camel@tokata.mit.edu>
Mime-Version: 1.0
Date: Tue, 25 Nov 2003 15:12:06 -0500
We've been going round and round for some time trying to avoid the issue
of, "This here third party software is site licensed for 'Athena', so
only run it on Athena machines."
I ended up thinking some more about this issue as I've pursued site
licensing for Red Hat Enterprise Linux. And now the question is coming
up again as we plan to release OpenAFS for stand-alone Linux systems.
Just this minute I had an idea which might work, or might just end up
drowning in a see of negative feedback:
Background: Since Athena 9.1 every Athena system has a daily cron job
that syslogs, "I'm an Athena system of type X with unique ID Y." to a
central location.
Idea: Define "A system supported by Athena" as a system that makes that
daily syslog.
Enforcement: Modify Athena software execution scripts to run a test (it
might mean a subtle change to the syslog stuff) to see if that
syslogging is enabled. If not, error out with a message,
This software is licensed only for Athena use. You need to
acquire a stand-alone copy and install it yourself.
Implicit in this idea is an explicit reconciliation of the policy issue
engendered by, "Now that stand-alone Linux systems can have AFS, should
they be able to run Athena software?" The answer to that policy
question is actually very difficult and somewhat arbitrary, and often
involves a bit of rationalizing of ambiguous terms or technology
surrounding the license or the executables.
Stated differently: When we give people stand-alone AFS, some may well
expect to run Athena locker software, except that the locker software
will be relying on a bunch of stuff out of /usr/athena that we're just
not installing. I think it would be better to build some mechanism
whereby scripts test explicitly for "Athenized" rather than blowing out
with obscure errors depending on which Athena tool is missing in the
course of running the start-up script.
What do y'all think?
-wdc
P.S. After getting an initial reading on this idea, I'll LATER follow up
to the thread on acst, student-sw asking about this for the stand-alone
Linux OpenAFS case.
