cross-posted from: https://programming.dev/post/35495679
Earlier post version: image/text.
From another article referenced there:
The maintainers of the Ubuntu Linux distribution are now rewriting GNU Coreutils in Rust. Instead of using the GPLv3 license, which is designed to make sure that the freedoms and rights of the user of the program are preserved and always respected over everything else, the new version is going to be released using the very permissible or “permissive” (non-reciprocal) MIT license, which allows creating proprietary closed-source forks of the program.
There will surely be small incompatibilities - either intentional or accidental - between the Rust rewrite of coreutils and the GNU/C version. If the Rust version becomes popular - and it probably will, if Ubuntu starts using it - the Rust people will start pushing their own versions of higher level programs that are only compatible with the Rust version of coreutils. They will most probably also spam commits to already existing programs making them incompatible with the GNU/C version of coreutils. That way either everyone will be forced into using the MIT-licensed Rust version of coreutils, or the Linux userland becomes even more broken than it already is because now we have again two incompatible sets of runtime functions that conflict with one another. Either way, both outcomes benefit the corporations that produce proprietary software.
(Source – which does contain some more-than-problematic language outside of these passages, compare the valid objections raised by others here and in the cross-posts.)
Compare also how leaders of Canonical/Ubuntu have ties to Microsoft, and how the Canonical employee who leads the push to rewrite coreutils as non-GPL-licensed Rust software has spent years working for the British Army, where he “Architected and built multiple high-end bespoke Electronic Surveillance capabilities”, by his own proud admission.
I don’t really buy the “small incompatibilities” argument. The project strives for total compatibility, even down to the most esoteric parameter that nobody has ever heard of. And even that seems like overkill to me - there are alternative implementations of core commands on Linux and other *nix systems like BSD, Solaris etc. where the compatibility is way worse. For example, busybox is used in embedded Linux, and a containerized images like Alpine Linux.
It also seems a bit rich to complain that uutils might get extended. GNU coreutils came into being because of dissatisfaction with the commands that came with the default *nix. Same for bash (vs sh), GNU cc (vs cc), GNU emacs (vs emacs) and so on. Was there somebody back then complaining about devs “spamming commits” that extended functionality?
And other Rust applications won’t only work with uutils. That’s absurd. They’ll test the capabilities of the OS they’re built to run on either at build time with feature flags or at runtime by probing commands. Just like any other high level application.
As for license, MIT is used for plenty other things in a typical Linux dist, e.g. X11.
The biggest point of concern for a Rust rewrite is dependency integrity. Rust uses cargo to manage dependencies and absolutely everything in the Cargo.toml/Cargo.lock files has to be reviewed. The crates.io repository is beginning to support package signing and The Update Framework initiative but every single dependency of uutils would need to be carefully reviewed and signature validated for it to be considered trustworthy. Basically everything needs to get locked down, and wherever possible dependencies expunged altogether.