Home opinion-and-analysis Open Sauce BusyBox replacement project fuels animated verbal spat

It's been some time since there was a good old-fashioned verbal spat in the free and open source software community.

Such a state does not last for long, as there are loads of little points to nitpick over, especially when it comes to licensing, and there are lots of developers who love to argue about these differences.

And when Red Hat employee Matthew Garrett, a Linux kernel developer, gets involved, one is sure that the flames will be stoked. Garrett knows how to provoke people, even if his provocatory acts spring from the desire to do good.

One difference about this spat is that it has stayed civil in terms of language so far, though, judging from the contributions of many, emotions are riding high. It hasn't come to the stage where it can be classified as a flame war.

A couple of days ago, Garrett, who maintains a busy blog, ventilated his thoughts about enforcing the General Public Licence (GPL), mentioning the Software Freedom Conservancy and its actions on BusyBox as an example of a body that enforces this licence.

He pointed out that the actions of such organisations resulted in access to large bodies of source code that would otherwise have been kept under lock and key by the companies which indulged in the violations.

A few facts about BusyBox: it was originally started by well-known open source advocate Bruce Perens and combines tiny versions of many common UNIX utilities into a single small executable. The Debian archive says: "It provides minimalist replacements for the most common utilities you would usually find on your desktop system (i.e., ls, cp, mv,  mount, tar, etc.). The utilities in BusyBox generally have fewer options than their full-featured GNU cousins; however, the options that are included provide the expected functionality and behave very much like their GNU counterparts."

From the project's own website: "BusyBox has been written with size-optimization (sic) and limited resources in mind. It is also extremely modular so you can easily include or exclude commands (or features) at compile time. This makes it easy to customize (sic) your embedded systems. To create a working system, just add some device nodes in /dev, a few configuration files in /etc, and a Linux kernel."

Perens wanted to put a complete bootable system on a single floppy that would be both a rescue disk and an installer for the Debian distribution; that was his motivation for writing BusyBox. He is no longer part of the project which is now maintained by Denys Vlasenko.

BusyBox gained a measure of fame a few years ago when it became the subject of a lawsuit in the US, some say the first case in courts in that country to test the GPL. A number of similar suits followed, the contention always being the same: BusyBox was being used by some company or the other in violation of the terms of its licence, the GPL.

The suits were filed by the Software Freedom Law Centre; more recently, the Software Freedom Conservancy has taken over the role of enforcing the GPL on the program. So far, so good.

One must also mention here, for the uninitiated, that the GPL stipulates that any code added to a project that is already under this licence has to be under that very licence. Hence if I were to contribute some code to a GPL project, it would come under the same licence and be subject to the same terms of distribution as the original project.

Supporters of the GPL argue that this ensures that one man's greed is not allowed to get in the way of the community benefitting. For obvious reasons, companies do not like the GPL. There is a lot of very good code out there which is under this very licence and companies do whatever they can to use it without giving back the entire source.

In his blog post, Garrett made reference to a project recently begun to write a non-GPL replacement for BusyBox.

Garrett accused the person behind the project, an engineer from Sony named Tim Bird, of starting the project in order to enable people to "violate licences with impunity." Code licensed under more permissive licences like the BSD licence can be taken by a third party amd locked away if one is so inclined; companies love code that is issued under this licence.

If companies use BusyBox, then the SFC can go after them in the event that they violate the terms of the GPL. One of the conditions in the GPL is that if someone violates it, then one loses the rights to distribute the program in question for all time unless the copyright holder(s) grants it another licence. The SFC has been granting new licences to violators only on condition that they release the source code to BusyBox which they have used and also the source to all other programs on their device which require source distribution.

If something else were to be used instead of BusyBox, then the SFC would have no lever to ask for source release for any programs on a device. Garrett has thus urged those who have copyright to code in the Linux kernel to let the SFC enforce the GPL on their behalf; then the SFC could lay down the same conditions even if Tinybox were used.

Here is where Garrett has hit a sore spot. Bird has denied that his motivations for rewriting BusyBox had anything to do with enabling anyone to violate licences. The person contracted to the replacement project is Rob Landley who began a project named Toybox in 2006 "to create simple implementations of all the important Linux command line     utilities".

Landley has weighed in with some forceful replies of his own, and Perens, who is another interested party, has joined in with gusto. The comments, animated as they are. make for interesting reading; one lot is here, on Linux Weekly News, and the other is on Garrett's blog. Enjoy.


With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the sitecame into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.


Popular News




Sponsored News