Alexander> I wanted to get some clarification as I couldnt find this
Alexander> info via googling/debian pages (but I might've missed
Alexander> something obvious, if so - I'd appreciate pointing me in
Alexander> right direction on what should i read)
Under section 2.4 of debian policy, any distribution license that you
are required to comply with needs to be placed in the copyright file in
the binary package. We do tend to organize license and copyright
information by source because that is convenient to us. But based on
policy, if you comply with all of the licenses listed in the copyright
file for a given binary package when dealing with binaries in that
package, that would be a conservative approach to take.
In particular if because of a build dependency a binary required
additional license restrictions to be followed beyond the licenses of
its source, my reading of policy is that needs to be mentioned in
debian/copyright.
Failing to do so sounds like a bug to me.
Admittedly, that corner case sounds like one we didn't consider
thoroughly in our machine-readable copyright file spec.
Obviously there are cases where by interpreting the copyright in a finer
grain manner, you could discover situations where your license
compliance obligations are less.
As an example, if only some of the binary packages built from a given
source package are under a copyleft license, handling modifications
might be easier.
It's true that our current approach to managing license information does
not make that easy to discover.
That's not a bug, although obviously you could discuss whether improving
that would be a welcome feature change.
