redhat enterprise linux license conditions
Alois Treindl
The license conditions are frightening, and I dar not to install
the software.
See: http://www.redhat.com/licenses/rhel_us_2-1.html?country=United+States
I quote relevant sections from this license:
A. GENERAL TERMS AND CONDITIONS
... The term "Installed Systems" means the number of Systems on which
Customer installs the Software. ...
4. REPORTING AND AUDIT.
****If Customer wishes to increase the number of Installed System, then
Customer will purchase from Red Hat additional Services for each
additional Installed System.****
During the term of this Agreement and for one (1) year thereafter,
Customer expressly grants to Red Hat the right to audit Customer's
facilities and records from time to time in order to verify Customer's
compliance with the terms and conditions of this Agreement. Any such
audit shall only take place during Customer's normal business hours and
upon no less than ten (10) days prior written notice from Red Hat. Red
Hat shall conduct no more than one such audit in any twelve-month period
except for the express purpose of assuring compliance by Customer where
non-compliance has been established in a prior audit. Red Hat shall give
Customer written notice of any non-compliance, and if a payment
deficiency exists, then Customer shall have fifteen (15) days from the
date of such notice to make payment to Red Hat for any payment
deficiency. The amount of the payment deficiency will be determined by
multiplying the number of underreported Installed Systems or Services by
the annual fee for such item. If Customer is found to have underreported
the number of Installed Systems or amount of Services by more than five
percent (5%), Customer shall, in addition to the annual fee for such
item, pay a penalty equal to twenty percent (20%) of the underreported
fees.
Question:
---------
Do I understand this correctly:
I can install Redhat Enterprise Linux ES on only exactly on system, as I
have purchased only one license (for $399).
I cannot install it on the 6 systems in my load balanced server farm.
If I do, Redhat can come at any time, 'audit' my system, and charge me
for the additional installations the full prices, plus a 20% penalty.
These are ANNUAL fees, i.e. I have to pay again each year!
For seven sytems, I need to purchase every year seven lisense, i.e.
spend $2793.- annual license fees.
This does not include any actual support, because 'basic license'
covers only 90 days installation support.
I tried to ask redhat support that question, but they would not answer
it, but told me to speak to "my company's legal department". Haha!
Why would I want to use Redhat Enterprise Linux?
-------------------------------------------------
I have been a happy user of regular Redhat Linux (since 6.2) for more
than three years now.
Redhat has announced that in the future it will provide errata (security
bug fixes) for its normal Linux (7.3, 8.0, 9.0 etc) only for 12 months
after original release.
For Enterprise Linux it would provide errata (security bug fixes) for 5
years.
I need errata for more than 12 months, as I don't want to update stable
and running systems as frequently.
Alois
Tim Prince
> I have purchased one 'basic license' for redhat Enterprise linux ES.
>
> The license conditions are frightening, and I dar not to install
> the software.
>
> See: http://www.redhat.com/licenses/rhel_us_2-1.html?country=United+States
I'm somewhat mystified as to why this move at redhat hasn't prompted more
people to consider SuSE. Maybe it has something to do with that strange
interview report last week: http://zdnet.com.com/2100-1107-998918.html
redhat has no monopoly on foot-in-mouth disease. I've used redhat since
5.0, but this installation of SuSE 7.3 replaced rh 6.2 and 7.1. I've had no
reason to upgrade further except through on-line updates, for which SuSE
doesn't charge extra.
--
Tim Prince
Paul W. Frields
> I have purchased one 'basic license' for redhat Enterprise linux ES. The
> license conditions are frightening, and I dar not to install the
> software.
> Do I understand this correctly: I can install Redhat Enterprise Linux ES
> on only exactly on system, as I have purchased only one license (for
> $399).
That's correct. Remember that when you pay for Enterprise Linux, you are
paying not just for slightly expanded support, but for the compatibility,
stability, and other product enhancements that are particular to EL. EL is
not just a dressed up Red Hat 7.x. Plus you get RHN/up2date.
> I cannot install it on the 6 systems in my load balanced server farm.
> If I do, Redhat can come at any time, 'audit' my system, and charge me
> for the additional installations the full prices, plus a 20% penalty.
> These are ANNUAL fees, i.e. I have to pay again each year!
> For seven sytems, I need to purchase every year seven lisense, i.e.
> spend $2793.- annual license fees.
Again, you're paying for software and support services. If you were
to install it on 6 servers, how is Red Hat to know when you call that you
are not calling for a different server than the one that had trouble last
week? Would that not be breach of contract on your part? Certainly. In
fact, you could say that Red Hat puts more faith in you, because they don't
build in a lot of protections that keep you from doing this. They expect
you to do the right thing.
These clauses simply protect their rights while preserving your ability to
use the software fully. In short, you agree to pay for what you use fairly,
and that they reserve the right to ensure compliance. Keep in mind they
don't try to do that in a sneaky, under-the-table electronic way behind
your back; they tell you up front how they intend to insure compliance. To
date, I don't know if anyone's even been audited in this manner. I would
imagine it would take a fairly grievous breach to cause them to invoke this
clause.
> This does not include any actual support, because 'basic license'
> covers only 90 days installation support.
The installation support for RHEL-ES is broader than that for RHL9. It also
covers full access for a year to the RHN/up2date system and its enterprise
management features. This is beyond what RHL 9 users get. If you feel this
is not what you need, perhaps RHL 9 would be sufficient, as it is for many
people who work in small or medium-sized environments. However, both
installation and update features still represent outlays of manpower and
time for the company, and they have to make that back somehow.
> Redhat has announced that in the future it will provide errata (security
> bug fixes) for its normal Linux (7.3, 8.0, 9.0 etc) only for 12 months
> after original release.
That's right, they can't continue to make money if they're constantly
spending it trying to support every user who's got a three-year-old
distribution for which they paid exactly zero. Tracking down bugs and
patching them while maintaining compatibility across a large, and
constantly increasing, number of kernel versions is simply not possible.
> For Enterprise Linux it would provide errata (security bug fixes) for 5
> years. I need errata for more than 12 months, as I don't want to update
> stable and running systems as frequently.
Then EL is for you. You're paying for support now and in the future. If you
compare this to the per-incident costs for other operating systems vendors
it is *extremely* competitive. Good luck to you.
--
Paul W. Frields, RHCX (remove "foo" from e-mail to reply)
-- For Usenet replies, please put "Red Hat" or "Linux" in subject. --
-- Proud promoter of Red Hat, Line 6, and the Chapman Stick. --
Alois Treindl
>
>>I cannot install it on the 6 systems in my load balanced server farm.
>>If I do, Redhat can come at any time, 'audit' my system, and charge me
>>for the additional installations the full prices, plus a 20% penalty.
>>These are ANNUAL fees, i.e. I have to pay again each year!
>>For seven sytems, I need to purchase every year seven lisense, i.e.
>>spend $2793.- annual license fees.
>
>
> Again, you're paying for software and support services. If you were
> to install it on 6 servers, how is Red Hat to know when you call that you
> are not calling for a different server than the one that had trouble last
> week? Would that not be breach of contract on your part? Certainly. In
> fact, you could say that Red Hat puts more faith in you, because they
don't
> build in a lot of protections that keep you from doing this. They expect
> you to do the right thing.
That is not correct. The Basic License contains no service, except
installation service, which I simply do not need if I duplicate my
installation from machine 1 in my server farm to N machines.
But Redhat FORBIDS me to duplicate that installation, and probably are
in severe violation of the GPL with their new license.
I am NOT trying to get free support or any kind of 'work' out of redhat.
It should not be Redhat's concern whether I duplicate my server
installation to N servers in my setup.
But this is what they do: The try to forbid it, and threaten me with
severe auditing and penalties in case they would find that I have
installed more than one copy.
I cannot rely on someone like you saying 'but they never did such
auditing'. They should not impose such clauses in their license contract.
>
> These clauses simply protect their rights while preserving your
ability to
> use the software fully. In short, you agree to pay for what you use
fairly,
> and that they reserve the right to ensure compliance. Keep in mind they
> don't try to do that in a sneaky, under-the-table electronic way behind
> your back; they tell you up front how they intend to insure
compliance. To
> date, I don't know if anyone's even been audited in this manner. I would
> imagine it would take a fairly grievous breach to cause them to
invoke this
> clause.
That is NOT what the license says. The license gives them the right to
charge sever fees, and penalties, even years after the original
installation.
I think you try to play down an act by Redhat which in fact is a clear
violation of GPL.
I pay Redhat - via buying their basic license with its annual $349.- to
prepare bugfix and security RPMS for several years. All other users
of Enterprise Linux pay them as well.
Those RPMs again are covered by GPL.
It should not be redhat's concern whether I install these RPMs one one
box, or on 10 boxes.
They have no work load, or server load from me, due to that.
But they try to forbid that, with their license.
Alois Treindl
>>Redhat has announced that in the future it will provide errata (security
>>bug fixes) for its normal Linux (7.3, 8.0, 9.0 etc) only for 12 months
>>after original release.
>
>
> That's right, they can't continue to make money if they're constantly
> spending it trying to support every user who's got a three-year-old
> distribution for which they paid exactly zero. Tracking down bugs and
> patching them while maintaining compatibility across a large, and
> constantly increasing, number of kernel versions is simply not possible.
>
I understand that, that providing errata RPMs is work and costs
something. I am willing to pay Redhat an annual fee to receive errata
RPMS for several years for a given Linux release.
This is why I looked at their Enterprise Linux ES and bought a copy.
I would be happy to pay them annually $349.- for five years, to be sure
I get timely bugfix and security rpms.
But what I do not want and cannot afford: To pay them such an annual fee
***per installed system per year****
Redhat now gives only two choices:
- use regular Linux (7.x, 8.x, 9.x) and be without ANY bugfixes after 12
months from original release date.
- use Enterprise Linux, and PAY them purchase plus license fees per
installed system, per year. For 10 systems of ES, this runs up to 3490
US Dollar per year!!
There is nothing in between, and this is BAD.
And it is a violation of the GPL.
Paul W. Frields
> This is why I looked at their Enterprise Linux ES and bought a copy.
> I would be happy to pay them annually $349.- for five years, to be sure
> I get timely bugfix and security rpms.
>
> But what I do not want and cannot afford: To pay them such an annual fee
> ***per installed system per year****
>
> Redhat now gives only two choices:
> - use regular Linux (7.x, 8.x, 9.x) and be without ANY bugfixes after 12
> months from original release date.
> - use Enterprise Linux, and PAY them purchase plus license fees per
> installed system, per year. For 10 systems of ES, this runs up to 3490
> US Dollar per year!!
>
> There is nothing in between, and this is BAD.
> And it is a violation of the GPL.
Nonsense. The GPL does not prohibit *in any way, shape or form* charging
for support or services related to the Linux software you distribute. Have
you actually *read* the GPL? In fact, this one of the major ways that
companies are expected to make money from Linux. And if you think $3500 per
year is expensive for 10 servers that are all capable of providing network
services, SQL, HTTP/FTP/NFS/SMB, and more, try Windows 2000 Server (or 2003
shortly, I suppose) with all the add-ons.
You are not simply paying for the right to call their support line to get
help installing or configuring; that's why this isn't simply a matter of
you agreeing not to ask for support for systems for which you're not paying
license fees. You are also paying for their continued ISV and IHV
certification, including for any errata or bugfixes they issue, and their
continued development of enterprise enhancements for the kernel and other
services. The agreement and license fees mean that you agree to take
advantage of these costly enhancements and services only for the systems
for which you've paid. The code is still GPL and the agreement doesn't
affect that; they are two separate issues which only seem inseparable at
first glance.
Alois Treindl
> And if you think $3500 per
> year is expensive for 10 servers that are all capable of providing network
> services, SQL, HTTP/FTP/NFS/SMB, and more, try Windows 2000 Server (or 2003
> shortly, I suppose) with all the add-ons.
I do run a Windows 2000 server since the year 2000, and the only fee I
paid for it was the one time purchase price.
There is no annual fee attached to it, but I get the security patches
for free, with automatic update notes. I need no subscription of any
kind for that. the same is true for the copies of Windows 2000 and
Windows XP we are sunning on some desktops.
I do like running Linux, and I dislike a lot about Microsoft.
But the new policy of Redhat, not to provide security fixes for the
standard Linux releases for longer than 12 months, is going to DESTROY
their reputation.
The problem is that Redhat does not offer its users a chance for longer
term support for the standard Linux (7.x, 8.x, 9.x etc) releases. That
was different in the past - errata for 6.x and 7.x were issued for
several years after the original release, and it should remain like
that, at least for serious security bugs.
They are going to destroy their customer base by that short sighted
decision.
Redhat is going to look very bad in a short time, when the public is
simply told 'Redhat 7.x is insecure and can be easily breached, there is
no bugfix available from redhat'
Redhat 8.x is insecure and can be easily breached, there is no bugfix
available from redhat'
Redhat 9.x is isnsecure and can be easily breached, there is no bugfix
available from redhat.
By the way, the SQL, HTTP/FTP/NFS/SMB services running on top of Redhat
Linux are NOT creations by Redhat. If there is a security hole in
Apache, Samba, Sendmail or in Mysql, for example, I tend to get the
tarballs or rpms from Apache, Samba, Sendmail and Mysql, to fix it, not
the ones from Redhat.
Paul W. Frields
> But the new policy of Redhat, not to provide security fixes for the
> standard Linux releases for longer than 12 months, is going to DESTROY
> their reputation.
Pure FUD. I think most reasonable individuals realize that their company
can't continue to expend huge amounts of manpower and time on supporting
people using a product they got for free. Microsoft supports you because
you paid for their product. The same goes for RHEL. The free RHL product is
considered more of a bleeding-edge solution for hobbyists, and people who
know enough about the system that they aren't afraid to run a shop based on
something they need to understand fully, and upgrade regularly. The people
who are complaining about it are people who are confounded by updates
because they don't know how to maintain a standard Linux system properly.
That's not a slam, it's just how it is. They are entitled to complain, and
those of us who know better are entitled to ignore it.
> The problem is that Redhat does not offer its users a chance for longer
> term support for the standard Linux (7.x, 8.x, 9.x etc) releases. That
> was different in the past - errata for 6.x and 7.x were issued for
> several years after the original release, and it should remain like
> that, at least for serious security bugs.
That was back before Red Hat's focus became the enterprise (i.e. when it
became clear that is where the money is). They need to remain lean and
competitive to fight back the M$ tide, which means they can't spend a huge
amount of resources supporting users who don't pay for their product to
begin with. Nevertheless, they continue to put it out there, free for
everyone to use as they wish, and I for one am happy to use it. It keeps me
and my family fed and sheltered. :-)
> They are going to destroy their customer base by that short sighted
> decision.
Wrong. As I pointed out above, Joe Blow users are not their customer base.
Their primary customer base consists of (1) large technology companies with
whom they have partnership agreements, and who drive (and fund) a lot of
their advanced development; (2) integrators who ship RHL on their hardware;
and (3) individual Enterprise Linux buyers. Individuals using the standard
RHL product may represent the vast majority of the USER BASE, but that is
not the same as their CUSTOMER BASE (i.e. people who contribute to their
bottom line). This is a common misconception; it's important to
differentiate the two.
> By the way, the SQL, HTTP/FTP/NFS/SMB services running on top of Redhat
> Linux are NOT creations by Redhat. If there is a security hole in Apache,
> Samba, Sendmail or in Mysql, for example, I tend to get the tarballs or
> rpms from Apache, Samba, Sendmail and Mysql, to fix it, not the ones from
> Redhat.
Why do you think I don't know this? I merely said that they ship with all
those features, I never intimated that they created them. They do, however,
apply specific patches in-house to insure compatibility, which is a
necessity due to the value-added enhancements they provide in the Red Hat
kernels. Surely you can understand how managing that very large and
divergent code base would sink the company if they didn't set a fairly
aggressive EOL for a product with an equally aggressive release schedule.
And I'm glad to hear you can do all this; so can I, and many others as
well. If you are capable of all this, as I said, are you sure you need to
pay for RHEL? Are you supporting a larger-scale department where you need
assured compatibility with a major software player like Oracle or some
such? Perhaps that train has left the station as far as you're concerned;
in any case, good luck to you.
Maanus Kask
On Fri, 09 May 2003 16:20:31 +0200
Alois Treindl <my_real_firstname@my_real_lastname.com> wrote:
> The problem is that Redhat does not offer its users a chance for
> longer term support for the standard Linux (7.x, 8.x, 9.x etc)
> releases. That was different in the past - errata for 6.x and 7.x were
> issued for several years after the original release, and it should
> remain like that, at least for serious security bugs.
>
> They are going to destroy their customer base by that short sighted
> decision.
Why bother yourself, if you do not like Redhat anymore take Debian or
any other distribution. It is very easy to switch and I am currently
doing it.
best regards
Maanus Kask