[needs-packaging] [FFE] Please include uvp-monitor in Ubuntu

*** This is an automated message ***

This bug is tagged needs-packaging which identifies it as a request for a new package in Ubuntu. As a part of the managing needs-packaging bug reports specification, https://wiki.ubuntu.com/QATeam/Specs/NeedsPackagingBugs, all needs-packaging bug reports have Wishlist importance. Subsequently, I'm setting this bug's status to Wishlist.

Since the copyright situation (and quality) of the code is a bit tricky, I'm actually thinking if we shouldn't get this package to partner instead.

I guess let's try getting this included in the primary archive - from what I see we don't want to include new packages into partner (and generally just get partner removed).

Uploaded to artful NEW queue. A few notes about the package:
 * I recently noticed that the generated .deb package is not completely lintian clean. There are some errors coming from the init.d file that's being shipped with the package. Those can be surely fixed if needed.
 * I patch up the Makefile to make the package building process a bit more intuitive. I couldn't decide if I should do all the hacking-around in debian/rules or simply patch up the Makefile. I can remove some of the Makefile changes though. But even in that case, we still *have* to modify the Makefile since otherwise the target we want to build will try to build the custom libxenstore and generate a statically linked uvp-monitor binary that we don't need.

Ugg there is such a malange of bits in there. Of the bits we are using there is only one bit to my eye which is suspect. In uvp-monitor/securec is source for a library which does not appear to claim to be GPL-2 indeed it appears to claim to be proprietry. It does appear that this code was submitted to the upstream github repo by Huawei but that probabally ought to be queried with the vendor.

Note that I have not done a full review of this source to satisfy myself about the legalities, and am not asserting anything either way about the package as a whole (and as a result am also not accepting it directly); I have only reviewed enough to be address Andy's previous comment.

The code under uvp-monitor/securec contains copyright notices of the form:

  * Copyright @ Huawei Technologies Co., Ltd. 1998-2014. All rights reserved.

"All rights reserved" is not a statement of any license or lack thereof. This is particular legal boilerplate language, historically required under certain (now obsolete) copyright treaties, which is part of the declaration of *copyright*.

If there is a top-level distribution license, there is no conflicting statement in this directory about distribution terms (which "all rights reserved" is not), and there is evidence that the code was submitted upstream to a GPL-licensed project by the copyright owner, that is sufficient grounds for assuming this is on the up-and-up and this does not need to be a blocker for acceptance into the archive.

Status changed to 'Confirmed' because the bug affects multiple users.

Any update on this?

(cleaning up ~ubuntu-release bugs)

This package is in xenial and yakkety via -updates, and artful and bionic proper. So I believe this bug is done.