this post was submitted on 24 Oct 2024
269 points (90.1% liked)

Linux

48679 readers
376 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Official statement regarding recent Greg' commit 6e90b675cf942e from Serge Semin

Hello Linux-kernel community,

I am sure you have already heard the news caused by the recent Greg' commit 6e90b675cf942e ("MAINTAINERS: Remove some entries due to various compliance requirements."). As you may have noticed the change concerned some of the Ru-related developers removal from the list of the official kernel maintainers, including me.

The community members rightly noted that the quite short commit log contained very vague terms with no explicit change justification. No matter how hard I tried to get more details about the reason, alas the senior maintainer I was discussing the matter with haven't given an explanation to what compliance requirements that was. I won't cite the exact emails text since it was a private messaging, but the key words are "sanctions", "sorry", "nothing I can do", "talk to your (company) lawyer"... I can't say for all the guys affected by the change, but my work for the community has been purely volunteer for more than a year now (and less than half of it had been payable before that). For that reason I have no any (company) lawyer to talk to, and honestly after the way the patch has been merged in I don't really want to now. Silently, behind everyone's back, bypassing the standard patch-review process, with no affected developers/subsystem notified - it's indeed the worse way to do what has been done. No gratitude, no credits to the developers for all these years of the devoted work for the community. No matter the reason of the situation but haven't we deserved more than that? Adding to the GREDITS file at least, no?..

I can't believe the kernel senior maintainers didn't consider that the patch wouldn't go unnoticed, and the situation might get out of control with unpredictable results for the community, if not straight away then in the middle or long term perspective. I am sure there have been plenty ways to solve the problem less harmfully, but they decided to take the easiest path. Alas what's done is done. A bifurcation point slightly initiated a year ago has just been fully implemented. The reason of the situation is obviously in the political ground which in this case surely shatters a basement the community has been built on in the first place. If so then God knows what might be next (who else might be sanctioned...), but the implemented move clearly sends a bad signal to the Linux community new comers, to the already working volunteers and hobbyists like me.

Thus even if it was still possible for me to send patches or perform some reviews, after what has been done my motivation to do that as a volunteer has simply vanished. (I might be doing a commercial upstreaming in future though). But before saying goodbye I'd like to express my gratitude to all the community members I have been lucky to work with during all these years.

top 50 comments
sorted by: hot top controversial new old
[–] kbal@fedia.io 173 points 1 month ago (2 children)

Later in that thread:

Please accept all of our apologies for the way this was handled. A summary of the legal advice the kernel is operating under is

If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.

Anyone who wishes to can query the list here: https://sanctionssearch.ofac.treas.gov/

[–] schizo@forum.uncomfortable.business 134 points 1 month ago (35 children)

Which is exactly what anyone who wasn't wanting to just snort some concentrated outrage knew was the case.

And you can argue as to if OFAC list should apply to things like this or not, but the problem is that the enforcement options for OFAC violations include 'stomp you into the ground until you're powder', most people are just going to comply.

[–] prole@lemmy.blahaj.zone 8 points 1 month ago (1 children)

Oh hey, a reasonable comment here that actually has a decent score... These comments are wild. But given the recent... I'll just say, conspicuously pro-Russian, turn this site seems to have taken in the run up to the election, it's not exactly a surprise.

I'm shocked I didn't get downvoted to shit myself.

It's just that it was VERY clearly either sanctions or a NSL, since the Linux Foundation is in the US and the two things that result in a public entity like that making silent, un-explained changes are, well, sanctions and NSLs and you don't say shit because your lawyer told you not to.

I don't necessarily agree that tossing contributors off an open-source project is in the spirit of the OFAC list, but the problem almost certainly is that they're employed by some giant tech company in Russia.

And, in Russia, like in the US, and Israel, and China, and anywhere else you care to mention, tech companies are almost always involved in military supply chains, since shit don't work without computers at this point.

Which leads to a cycle of being unable to work with Weapons, Inc. and someone works for Weapons, Inc. so now that person can't be worked with either and so your choices are.... comply with the OFAC list, or take a stupid amount of legal risk up to and including angry people with guns showing up to talk to you.

We really don't know the whole story and immediately jumping to "Imperialists bad!" is how certain chunks of Lemmy roll these days.

I think they'd be much happier if they all moved to North Korea and helped achieve the goal of Juche by becoming dirt farmers.

load more comments (34 replies)
[–] SnotFlickerman@lemmy.blahaj.zone 13 points 1 month ago (10 children)

But folks who work for US companies building weapons for Israel are totes okay?

It's honestly fucking wild that an internationally developed open source project has to play by the US government's rules when the US government is out here helping commit genocide right the fuck now.

Like, look in the fucking mirror on this why don't you.

Maybe the better rule is that if you work for a company that produces weaponry for war you shouldn't be allowed to contribute, period.

[–] Orygin@sh.itjust.works 52 points 1 month ago (1 children)

Wow, I didn't know that being a Linux/open source contributor meant you don't have to follow your country's laws.

It's developed internationally but devs still reside somewhere and have to abide by the rules at that place. Linux in this case being represented by an US entity means they have to follow the gov's sanctions. If you want more or less of those, that's where (the government) you act.

load more comments (1 replies)
[–] kbal@fedia.io 31 points 1 month ago (8 children)

You may be amazed to learn that there aren't many international sanctions against the USA at this time, but I imagine you could probably get into legal trouble for collaborating with Americans if you're in, I don't know, North Korea maybe.

[–] AbidanYre@lemmy.world 17 points 1 month ago (1 children)

It's crazy how the US Treasury isn't sanctioning companies for working on US government approved contracts. /s

[–] davel@lemmy.ml 17 points 1 month ago (6 children)
load more comments (6 replies)
[–] davel@lemmy.ml 15 points 1 month ago (2 children)

You may be amazed to learn that the reason there aren’t many international sanctions against the USA at this time is not because the USA is a beacon of peace, freedom, democracy, and national sovereignty. Because the US is very much not that.

load more comments (2 replies)
load more comments (6 replies)
load more comments (8 replies)
[–] Omega_Jimes@lemmy.ca 66 points 1 month ago (3 children)

It sucks if well meaning people are caught up in this, but it also sucks if you're living in the aggressor state of an ongoing war.

[–] matcha_addict@lemy.lol 28 points 1 month ago (11 children)

So shouldn't this also include the US and the many countries (most of Western Europe, plus others) involved in coalitions bombing the middle east and elsewhere?

[–] Omega_Jimes@lemmy.ca 20 points 1 month ago (1 children)

Yes, if the issue was a moral one. This issue, however, is a legal one.

[–] TheOubliette@lemmy.ml 11 points 1 month ago (2 children)

Then it isn't about living in an aggressor state, is it?

load more comments (2 replies)
load more comments (10 replies)
[–] SnotFlickerman@lemmy.blahaj.zone 19 points 1 month ago (2 children)

Yeah must suck to live in Israel.

[–] nialv7@lemmy.world 9 points 1 month ago

Not as much as living in Palestine or Ukraine.

load more comments (1 replies)
[–] x00z@lemmy.world 12 points 1 month ago (2 children)

These people allegedly work for companies that work for the Russian war machine. They will regain privileges if they don't work for them. So if they find a moral job, they'll be treated morally.

load more comments (2 replies)
[–] Matty_r@programming.dev 52 points 1 month ago (2 children)

Honestly must be incredibly stressful managing a project like the Linux kernel. Governments constantly wanting changes made for their own purposes, companies leeching off the work of volunteers, neck beards losing their minds over some change they don't like.

I don't envy them at all. This sort of change was inevitability going to piss people off - it could have been handled better but I think it was going to be lose/lose no matter which way it was done.

[–] princessnorah@lemmy.blahaj.zone 25 points 1 month ago (10 children)

I personally think this is a cop out. Obviously people would have been outraged either way, but personally my only issue is about how it was done. The whole point of the FOSS community is openness and transparency. The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.

[–] 0x4E4F@infosec.pub 12 points 1 month ago (4 children)

The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.

Basically, my stand on this.

And that it was dismissed like it was "no big deal" by Linus and some of the other senior maintainers.

But seriously, Linus's comment regarding this was... just... I have no words... he basically put every Russian in the same basket, called them trolls and added a racist comment on top of that, I mean... yeah, I lost all respect for him. At least his previous fits were about code and only if someone fucked up something, this is completely different.

load more comments (4 replies)
load more comments (9 replies)
load more comments (1 replies)
[–] Korkki@lemmy.world 41 points 1 month ago (6 children)

Are they legally bound to follow any sanction list in their dealings? If so Linux foundation should consider move out of the US jurisdiction, because the santion load is just going to increase and more countries will be included.

If they are just doing this because of a political fad and partaking "the current thing" then they are just voluntarily digging their own and the linux foundation's grave.

[–] 0x4E4F@infosec.pub 11 points 1 month ago* (last edited 1 month ago) (5 children)

because the santion load is just going to increase and more countries will be included.

Not to mention more stupid shit, like not being able to visit the US if your wife is Russian, cuz.. you know, you might be a spy.

If they are just doing this because of a political fad and partaking "the current thing" then they are just voluntarily digging their own and the linux foundation's grave.

My 2 cents. Nobody is asking them to do anything... yet... and they probably never will, but... they're scared shitless and they would rather comply, even for things no one is asking of them yet and is dubious whether or not they're even covered by the sanctions, than show some backbone.

load more comments (5 replies)
[–] freeman@sh.itjust.works 9 points 1 month ago

Linus chose to move to the US as well to become a US citizen.

To be fair he never claimed to be an idealist.

Also he is anti Russian himself as he made clear in his first comment in the thread. So being forced to remove them is probably a bonus for him.

load more comments (4 replies)
[–] mariusafa@lemmy.sdf.org 20 points 1 month ago (3 children)

Wait linux community is removing maintainters because of their nationality???!!

[–] pound_heap@lemm.ee 44 points 1 month ago (13 children)

Not nationality but alleged involvement with sanctioned organizations. There are plenty of Russian names on maintainers list remaining.

load more comments (13 replies)
[–] Nibodhika@lemmy.world 42 points 1 month ago (3 children)

It's not about nationality. Here are the facts:

  1. LF is USA based (headquarters in California), as such they're subject to USA law
  2. USA imposed sanctions on companies that are directly involved in supplying Russia with weapons.
  3. To have business, including receiving help, from those companies would open LF to legal repercussions in the country where they're based.
  4. Baikal Electronic JSC is on the sanctioned list.
  5. Serge Sermin public GitHub profile listed Baikal as their employer

Therefore to not remove Serge from the maintainers would open LF to legal repercussions.

You might not agree with what was done, I certainly don't, but I understand it.

load more comments (3 replies)
[–] LeFantome@programming.dev 22 points 1 month ago

Let’s just say this properly ok so that 70 percent of the commenters here might better understand.

Association with some of the people previously on the kernel maintainers list was putting the Linux kernel at risk. The risk was that European, American, and other users may be prohibited from using it. The risk was that entities such as the Linux Foundation could be held in contempt of sanctions and sanctioned themselves. That could mean financial damage or even a full stop to operations.

If the kernel were sanctioned, every entity, individual or company, could be put at risk.

Association with sanctioned individuals put every other maintainer at risk. Being listed together in the maintainers file put many innocent people in extreme jeopardy.

So, let’s say this properly ok…

Some of the maintainers were removed to defend the Linux kernel and the many, many entities ( individual and corporate ) that use it. They were removed to protect the other maintainers and the people and companies that they associate with.

The Linux Foundation, being American, may have been particularly at risk. But “moving” the kernel does nothing. The contributors and maintainers are still wherever they are. Linux users are equally economically dependent on the US and Europe regardless. The issue are the international sanctions. My country has issued them too ( neither American or European ). And blaming the counties that issued the sanctions, instead of blaming Russia, is a very interesting morale position to take ( not getting into that here ).

My first reaction was to have a problem with how this was done. However, once you acknowledge the association, any interaction, collaboration, or communication becomes even more problematic as you KNOW that you are working with sanctioned individuals. So, doing it simply and succinctly was probably best.

load more comments
view more: next ›