# License Auditing...



## JamesElstone (Nov 3, 2012)

Hi All,

I am seeking yet more enlightenment...

When running [CMD=""]make[/CMD] against some ports, a messgae flies past stating that the user has accepted the XYZ license.

Is there a way to confirm what licenses are required for a port and all its dependancies, similar in operation to [CMD=""]make config-recursive[/CMD] for example but for the license files?  For example, to review the licenses that need to be accepted before installing the port?

Alternatively, is there a way for a sysadmin to only allow certain types of licenses to be accepted or rejected on a system?

I know that something could be scripted around the Makefiles for each port, but was wondering if there was something already out there?

I also had a look at http://wiki.freebsd.org/PortsLicenseInfrastructure and saw that there was a bit of background information on Port License Infrastructure / auditing, but I couldn't tell if this has been implemented or was just a concept; The techniques described are exactly what I was looking for!!

Any pointers or information welcomed; I may be missing the obvious here...

James.


----------



## cpm@ (Nov 4, 2012)

That's an interesting question in legal and informatic terms. You can read this document Licensing Infrastructure in the Ports tree presented at BSDCan 2011 by Thomas M. Abthorpe, but you have the best examples in the FreeBSD wiki page you already read before.

You can get a list of software ports with any license declared in Makefile:
[CMD=]$ find /usr/ports/ -name 'Makefile' -exec egrep -l "LICENSE=[[:space:]]+BSD" {} \;[/CMD]

You must determine which model of license, *BSD* or *EPL* or *GPL*, want to find.

*Source*: http://forums.freebsd.org/showthread.php?t=32871.


----------



## JamesElstone (Nov 7, 2012)

Good point cpu82, but is there anything built in to FreeBSD?

Does anybody know the status of the Ports License Infrastructure; has it been implemented yet as per the URL in the previous post?

Thanks,
James.


----------



## cpm@ (Nov 7, 2012)

*FOSSology project*



			
				JamesElstone said:
			
		

> Good point cpu82, but is there anything built in to FreeBSD?
> 
> Does anybody know the status of the Ports License Infrastructure; has it been implemented yet as per the URL in the previous post?
> 
> ...



Take a look to FOSSology project. The project was abandoned in FreeBSD not long ago (1), but anyone interested can recover it.

(1) This mail confirmed it http://lists.freebsd.org/pipermail/freebsd-ports/2011-June/068086.html.


----------



## wblock@ (Nov 8, 2012)

Look at that link again.  It refers to devel/fossology, not the ports license stuff.


----------



## cpm@ (Nov 8, 2012)

You are right *wblock@*, but this port was developed to analyze licenses. It seems so useful:


> *Where did FOSSology come from?*
> 
> *Q:* Where did the FOSSology tool come from? Why would somebody create this tool? Who are you and what do you get out of this?
> 
> ...



*Source:* http://www.fossology.org/projects/fossology/wiki/Frequently_Asked_Questions.


----------

