Simon McVittie <s...@debian.org> writes:
> On Sat, 23 Sep 2017 at 10:25:33 +0200, to...@tuxteam.de wrote:
>> Not a readymade solution, but perhaps a lead to follow: package copyright
>> info is supposed to be in a file debian/copyright within the package source
>> archive[1]. I don't know at the moment whether this info percolates to
>> the package binary when building.
>
> It does, and Debian Policy says it must. That information ends up in
> /usr/share/doc/${binary_package}/copyright where ${binary_package} is the
> binary package.That is so only in theory. In practice, the machine readable copyright file documents all copyrights of the sources, but does not have a mechanism to tell which sources are at the end used for a specific binary. It even documents source files that do not end up in any binary package at all. And it does not document files that are not in the source package but affect the copyright (unless one writes that in a free-form comment). For example, if you have a source licensed under BSD, and link it to GPL, the resulting binary must be licensed under GPL (because it is a derived work in the meaning of the GPL), but this is not documented in the machine readable source file: there is just no place for such information. So, if you want to know, under which license a specific binary is distributed, the realistic answer is: This is usually undocumented, one has to check the licenses of the build dependencies, the license of the source package, and the specific build process. Since build dependencies are binary packages, this is recursive. Best regards Ole
