[em500]

The ftp site does not contain sources for RHEL 8 (it's just sources for a bunch of add-on packages). The RHEL 8 sources are in git.centos.org, though not in SRPM form.

I know that GPL only requires Red Hat to provide sources on request to those receiving their binaries. But in principle the receiver can then legally redistribute those sources. Now AFAICT nobody's actually doing that redistributing. I don't know whether that's due to lack of interest, or due to some Red Had shenanigans that makes redistribution illegal/unattractive.

[mbreese]

RedHat has to permit the redistribution per the GPL. But there is nothing stating that your support contract can’t be cancelled if you do it. (I don’t have any first hand knowledge of this, just a guess).

[bigbubba]

Grsecurity also uses this 'loophole.' Seeing this scheme go mainstream is really disheartening; I feel that it really undermines the intent and social value of the GPL.

[ikiris]

It's supposed to be against the GPL, but no one is willing to chase it.

[dralley]

In what way is it "supposed to be against the GPL"?

[hvdijk]

See Bruce Perens's explanation: <https://perens.com/2017/06/28/warning-grsecurity-potential-c...>. The short story: adding a penalty to an action that the GPL allows is a restriction of that action, and the GPL does not allow setting additional restrictions. This has not been tested in court, as far as I know.

[andi999]

In the case of Red Hat it is not a penalty (as far as I understand) but a 'bonus' you can keep your support contract when obliging..

[coldtea]

The same way something like "we can tell you, but then we'll have to kill you" would be against the spirit of the Freedom of Information Act.

[type0]

> I don't know whether that's due to lack of interest, or due to some Red Had shenanigans that makes redistribution illegal/unattractive.

Red Hat is overly protective of their trademarks, and this includes CentOS, Fedora, CoreOS etc