Discussion about usage and installation of the log4cxx library

Johnny Njåstad | 19 Mar 2012 10:49

Log4cxx licensing

Hi,

At Tomra we have been happily using log4j as a logging framework for our Java applications, and we now consider using log4cxx for our commercial (closed source) C++ applications. At first glance, that seems ok under the Apache 2 license, but when I inspected the dependencies of log4cxx I found that it depends on the Berkeley DB (libdb4.8) which is licensed under the Sleepycat License. This is a dual license that does not permit use in closed source applications unless we buy a commercial Berkley DB license from Oracle. I was a bit surprised by this finding, since it does not fit well with the permissive Apache 2 license.

I tested log4cxx on Ubuntu 10.4, Debian package liblog4cxx10 version 0.10.0-1.1build1, and looked for dependencies with:

$ ldd /usr/lib/liblog4cxx.so.10

linux-gate.so.1 => (0x00228000)

libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0x00a0f000)

libdb-4.8.so => /usr/lib/libdb-4.8.so (0x00229000)

libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0x00f5e000)

libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00110000)

libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00634000)

libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00a52000)

libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x004fb000)

libuuid.so.1 => /lib/libuuid.so.1 (0x00d14000)

librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00206000)

libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x0038a000)

libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x009a2000)

libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x0020f000)

libexpat.so.1 => /lib/libexpat.so.1 (0x003bc000)

/lib/ld-linux.so.2 (0x00fcb000)

I would be pleased if someone could check if I have understood the licensing stuff right.

If I am right, it would be nice if the log4cxx dev. team could either (in preferred order):

1) Make a release of log4cxx without the Berkeley DB dependency

2) Add some clarification in the licensing text regarding commercial closed source usage

Best regards,

Johnny Njåstad

Tomra Systems ASA

headers

drkmkzs | 20 Mar 2012 09:51

Re: Log4cxx licensing

Hi,

I'm currently using Log4cxx on a Suse 10.3, but I started from the
sources (compiling apr, apr-utils and log4cxx).

I don't have so many dependencies that you have (maybe because I
compiled apr and apr-utils in static ?) :
        linux-gate.so.1 =>  (0xffffe000)
        libexpat.so.1 => /lib/libexpat.so.1 (0xb7d04000)
        libuuid.so.1 => /lib/libuuid.so.1 (0xb7cff000)
        librt.so.1 => /lib/librt.so.1 (0xb7cf6000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7cc4000)
        libpthread.so.0 => /lib/libpthread.so.0 (0xb7cac000)
        libdl.so.2 => /lib/libdl.so.2 (0xb7ca8000)
        libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0xb7bba000)
        libm.so.6 => /lib/libm.so.6 (0xb7b95000)
        libc.so.6 => /lib/libc.so.6 (0xb7a62000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb7a56000)
        /lib/ld-linux.so.2 (0x80000000)

Anyway, i don't find back the lib Berkeley DB (libdb4.8) in the list.

In case it could help,
Jean

2012/3/19, Johnny Njåstad <Johnny.Njaastad <at> tomra.no>:
> Hi,
>
> At Tomra we have been happily using log4j as a logging framework for our
> Java applications, and we now consider using log4cxx for our commercial
> (closed source) C++ applications. At first glance, that seems ok under the
> Apache 2 license, but when I inspected the dependencies of log4cxx I found
> that it depends on the Berkeley DB (libdb4.8) which is licensed under the
> Sleepycat License. This is a dual license that does not permit use in closed
> source applications unless we buy a commercial Berkley DB license from
> Oracle. I was a bit surprised by this finding, since it does not fit well
> with the permissive Apache 2 license.
>
> I tested log4cxx on Ubuntu 10.4, Debian package liblog4cxx10 version
> 0.10.0-1.1build1, and looked for dependencies with:
> $ ldd /usr/lib/liblog4cxx.so.10
>         linux-gate.so.1 =>  (0x00228000)
>         libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0x00a0f000)
>         libdb-4.8.so => /usr/lib/libdb-4.8.so (0x00229000)
>         libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0x00f5e000)
>         libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00110000)
>         libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00634000)
>         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00a52000)
>         libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x004fb000)
>         libuuid.so.1 => /lib/libuuid.so.1 (0x00d14000)
>         librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00206000)
>         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x0038a000)
>         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x009a2000)
>         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x0020f000)
>         libexpat.so.1 => /lib/libexpat.so.1 (0x003bc000)
>         /lib/ld-linux.so.2 (0x00fcb000)
>
> I would be pleased if someone could check if I have understood the licensing
> stuff right.
>
> If I am right, it would be nice if the log4cxx dev. team could either (in
> preferred order):
>
>
> 1)      Make a release of log4cxx without the Berkeley DB dependency
>
> 2)      Add some clarification in the licensing text regarding commercial
> closed source usage
>
> Best regards,
>
> Johnny Njåstad
> Tomra Systems ASA
>
>
>

headers

Johnny Njåstad | 20 Mar 2012 11:36

RE: Log4cxx licensing

Hi,

Thanks for your reply. I can try doing it from the sources myself.

Johnny

-----Original Message-----
From: drkmkzs [mailto:drkmkzs <at> gmail.com] 
Sent: 20. mars 2012 09:51
To: Log4CXX User
Subject: Re: Log4cxx licensing

Hi,

I'm currently using Log4cxx on a Suse 10.3, but I started from the
sources (compiling apr, apr-utils and log4cxx).

I don't have so many dependencies that you have (maybe because I
compiled apr and apr-utils in static ?) :
        linux-gate.so.1 =>  (0xffffe000)
        libexpat.so.1 => /lib/libexpat.so.1 (0xb7d04000)
        libuuid.so.1 => /lib/libuuid.so.1 (0xb7cff000)
        librt.so.1 => /lib/librt.so.1 (0xb7cf6000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7cc4000)
        libpthread.so.0 => /lib/libpthread.so.0 (0xb7cac000)
        libdl.so.2 => /lib/libdl.so.2 (0xb7ca8000)
        libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0xb7bba000)
        libm.so.6 => /lib/libm.so.6 (0xb7b95000)
        libc.so.6 => /lib/libc.so.6 (0xb7a62000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb7a56000)
        /lib/ld-linux.so.2 (0x80000000)

Anyway, i don't find back the lib Berkeley DB (libdb4.8) in the list.

In case it could help,
Jean

2012/3/19, Johnny Njåstad <Johnny.Njaastad <at> tomra.no>:
> Hi,
>
> At Tomra we have been happily using log4j as a logging framework for our
> Java applications, and we now consider using log4cxx for our commercial
> (closed source) C++ applications. At first glance, that seems ok under the
> Apache 2 license, but when I inspected the dependencies of log4cxx I found
> that it depends on the Berkeley DB (libdb4.8) which is licensed under the
> Sleepycat License. This is a dual license that does not permit use in closed
> source applications unless we buy a commercial Berkley DB license from
> Oracle. I was a bit surprised by this finding, since it does not fit well
> with the permissive Apache 2 license.
>
> I tested log4cxx on Ubuntu 10.4, Debian package liblog4cxx10 version
> 0.10.0-1.1build1, and looked for dependencies with:
> $ ldd /usr/lib/liblog4cxx.so.10
>         linux-gate.so.1 =>  (0x00228000)
>         libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0x00a0f000)
>         libdb-4.8.so => /usr/lib/libdb-4.8.so (0x00229000)
>         libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0x00f5e000)
>         libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00110000)
>         libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00634000)
>         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00a52000)
>         libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x004fb000)
>         libuuid.so.1 => /lib/libuuid.so.1 (0x00d14000)
>         librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00206000)
>         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x0038a000)
>         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x009a2000)
>         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x0020f000)
>         libexpat.so.1 => /lib/libexpat.so.1 (0x003bc000)
>         /lib/ld-linux.so.2 (0x00fcb000)
>
> I would be pleased if someone could check if I have understood the licensing
> stuff right.
>
> If I am right, it would be nice if the log4cxx dev. team could either (in
> preferred order):
>
>
> 1)      Make a release of log4cxx without the Berkeley DB dependency
>
> 2)      Add some clarification in the licensing text regarding commercial
> closed source usage
>
> Best regards,
>
> Johnny Njåstad
> Tomra Systems ASA
>
>
>

headers

drkmkzs | 27 Mar 2012 10:57

Re: Log4cxx licensing

Hi again Johnny,

As i'm currently working on Fedora, i've looked at log4cxx RPMs for
this distribution, and there is the Berkeley dependance too... And
reading the SleepyCat license, it seems that you were right about the
use of this library in proprietary software.

Anyway, it depends in my understanding of english (ouch) and
understanding of text license (ouch 2)... By reading the license it
seems that the source of any software using it should be available,
but maybe is it considered that log4cxx uses the DB lib, and your
software only use log4cxx ? Quite complicated, but it's true it's
quite strange to see such a dependance in a software under the Apache
License 2...

2012/3/20, Johnny Njåstad <Johnny.Njaastad <at> tomra.no>:
> Hi,
>
> Thanks for your reply. I can try doing it from the sources myself.
>
> Johnny
>
>
> -----Original Message-----
> From: drkmkzs [mailto:drkmkzs <at> gmail.com]
> Sent: 20. mars 2012 09:51
> To: Log4CXX User
> Subject: Re: Log4cxx licensing
>
> Hi,
>
> I'm currently using Log4cxx on a Suse 10.3, but I started from the
> sources (compiling apr, apr-utils and log4cxx).
>
> I don't have so many dependencies that you have (maybe because I
> compiled apr and apr-utils in static ?) :
>         linux-gate.so.1 =>  (0xffffe000)
>         libexpat.so.1 => /lib/libexpat.so.1 (0xb7d04000)
>         libuuid.so.1 => /lib/libuuid.so.1 (0xb7cff000)
>         librt.so.1 => /lib/librt.so.1 (0xb7cf6000)
>         libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7cc4000)
>         libpthread.so.0 => /lib/libpthread.so.0 (0xb7cac000)
>         libdl.so.2 => /lib/libdl.so.2 (0xb7ca8000)
>         libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0xb7bba000)
>         libm.so.6 => /lib/libm.so.6 (0xb7b95000)
>         libc.so.6 => /lib/libc.so.6 (0xb7a62000)
>         libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb7a56000)
>         /lib/ld-linux.so.2 (0x80000000)
>
> Anyway, i don't find back the lib Berkeley DB (libdb4.8) in the list.
>
> In case it could help,
> Jean
>
>
>
> 2012/3/19, Johnny Njåstad <Johnny.Njaastad <at> tomra.no>:
>> Hi,
>>
>> At Tomra we have been happily using log4j as a logging framework for our
>> Java applications, and we now consider using log4cxx for our commercial
>> (closed source) C++ applications. At first glance, that seems ok under the
>> Apache 2 license, but when I inspected the dependencies of log4cxx I found
>> that it depends on the Berkeley DB (libdb4.8) which is licensed under the
>> Sleepycat License. This is a dual license that does not permit use in
>> closed
>> source applications unless we buy a commercial Berkley DB license from
>> Oracle. I was a bit surprised by this finding, since it does not fit well
>> with the permissive Apache 2 license.
>>
>> I tested log4cxx on Ubuntu 10.4, Debian package liblog4cxx10 version
>> 0.10.0-1.1build1, and looked for dependencies with:
>> $ ldd /usr/lib/liblog4cxx.so.10
>>         linux-gate.so.1 =>  (0x00228000)
>>         libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0x00a0f000)
>>         libdb-4.8.so => /usr/lib/libdb-4.8.so (0x00229000)
>>         libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0x00f5e000)
>>         libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00110000)
>>         libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00634000)
>>         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00a52000)
>>         libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x004fb000)
>>         libuuid.so.1 => /lib/libuuid.so.1 (0x00d14000)
>>         librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00206000)
>>         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x0038a000)
>>         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x009a2000)
>>         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x0020f000)
>>         libexpat.so.1 => /lib/libexpat.so.1 (0x003bc000)
>>         /lib/ld-linux.so.2 (0x00fcb000)
>>
>> I would be pleased if someone could check if I have understood the
>> licensing
>> stuff right.
>>
>> If I am right, it would be nice if the log4cxx dev. team could either (in
>> preferred order):
>>
>>
>> 1)      Make a release of log4cxx without the Berkeley DB dependency
>>
>> 2)      Add some clarification in the licensing text regarding commercial
>> closed source usage
>>
>> Best regards,
>>
>> Johnny Njåstad
>> Tomra Systems ASA
>>
>>
>>
>

headers

drkmkzs | 27 Mar 2012 11:13

Re: Log4cxx licensing

Sorry for spamming, I would have looked firstly at configure options,
the use of DB lib is an option ... So compiling the source code is a
solution

2012/3/20, drkmkzs <drkmkzs <at> gmail.com>:
> Hi,
>
> I'm currently using Log4cxx on a Suse 10.3, but I started from the
> sources (compiling apr, apr-utils and log4cxx).
>
> I don't have so many dependencies that you have (maybe because I
> compiled apr and apr-utils in static ?) :
>         linux-gate.so.1 =>  (0xffffe000)
>         libexpat.so.1 => /lib/libexpat.so.1 (0xb7d04000)
>         libuuid.so.1 => /lib/libuuid.so.1 (0xb7cff000)
>         librt.so.1 => /lib/librt.so.1 (0xb7cf6000)
>         libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7cc4000)
>         libpthread.so.0 => /lib/libpthread.so.0 (0xb7cac000)
>         libdl.so.2 => /lib/libdl.so.2 (0xb7ca8000)
>         libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0xb7bba000)
>         libm.so.6 => /lib/libm.so.6 (0xb7b95000)
>         libc.so.6 => /lib/libc.so.6 (0xb7a62000)
>         libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb7a56000)
>         /lib/ld-linux.so.2 (0x80000000)
>
> Anyway, i don't find back the lib Berkeley DB (libdb4.8) in the list.
>
> In case it could help,
> Jean
>
>
>
> 2012/3/19, Johnny Njåstad <Johnny.Njaastad <at> tomra.no>:
>> Hi,
>>
>> At Tomra we have been happily using log4j as a logging framework for our
>> Java applications, and we now consider using log4cxx for our commercial
>> (closed source) C++ applications. At first glance, that seems ok under
>> the
>> Apache 2 license, but when I inspected the dependencies of log4cxx I
>> found
>> that it depends on the Berkeley DB (libdb4.8) which is licensed under the
>> Sleepycat License. This is a dual license that does not permit use in
>> closed
>> source applications unless we buy a commercial Berkley DB license from
>> Oracle. I was a bit surprised by this finding, since it does not fit well
>> with the permissive Apache 2 license.
>>
>> I tested log4cxx on Ubuntu 10.4, Debian package liblog4cxx10 version
>> 0.10.0-1.1build1, and looked for dependencies with:
>> $ ldd /usr/lib/liblog4cxx.so.10
>>         linux-gate.so.1 =>  (0x00228000)
>>         libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0x00a0f000)
>>         libdb-4.8.so => /usr/lib/libdb-4.8.so (0x00229000)
>>         libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0x00f5e000)
>>         libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00110000)
>>         libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00634000)
>>         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00a52000)
>>         libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x004fb000)
>>         libuuid.so.1 => /lib/libuuid.so.1 (0x00d14000)
>>         librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00206000)
>>         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x0038a000)
>>         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0
>> (0x009a2000)
>>         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x0020f000)
>>         libexpat.so.1 => /lib/libexpat.so.1 (0x003bc000)
>>         /lib/ld-linux.so.2 (0x00fcb000)
>>
>> I would be pleased if someone could check if I have understood the
>> licensing
>> stuff right.
>>
>> If I am right, it would be nice if the log4cxx dev. team could either (in
>> preferred order):
>>
>>
>> 1)      Make a release of log4cxx without the Berkeley DB dependency
>>
>> 2)      Add some clarification in the licensing text regarding commercial
>> closed source usage
>>
>> Best regards,
>>
>> Johnny Njåstad
>> Tomra Systems ASA
>>
>>
>>
>

Mon	Tue	Wed	Thu	Fri	Sat	Sun

			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

10	June 2013
29	May 2013
8	April 2013
2	March 2013
3	February 2013
2	January 2013
3	November 2012
2	October 2012
3	July 2012
1	June 2012
19	May 2012
7	April 2012
5	March 2012
6	February 2012
9	January 2012
15	December 2011
2	November 2011
8	September 2011
13	August 2011
1	June 2011
5	May 2011
6	April 2011
6	March 2011
10	February 2011
21	January 2011
14	December 2010
4	November 2010
19	October 2010
6	September 2010
14	August 2010
12	June 2010
36	May 2010
6	April 2010
2	March 2010
7	February 2010
2	January 2010
7	December 2009
14	November 2009
10	October 2009
12	September 2009
22	August 2009
6	July 2009
29	June 2009
49	May 2009
31	April 2009
20	March 2009
3	January 2009
34	December 2008
24	November 2008
12	October 2008
75	September 2008
32	August 2008
28	July 2008
108	June 2008
75	May 2008
74	April 2008
55	March 2008
53	February 2008
26	January 2008
40	December 2007
70	November 2007
26	October 2007
30	September 2007
43	August 2007
39	July 2007
51	June 2007
68	May 2007
28	April 2007
19	March 2007
26	February 2007
37	January 2007
43	December 2006
30	November 2006
49	October 2006
29	September 2006
27	August 2006
24	July 2006
40	June 2006
61	May 2006
47	April 2006
57	March 2006
39	February 2006
21	January 2006
39	December 2005
57	November 2005
33	October 2005
40	September 2005
34	August 2005
59	July 2005
59	June 2005
101	May 2005
83	April 2005
80	March 2005
74	February 2005
78	January 2005
97	December 2004
59	November 2004
40	October 2004
53	September 2004
57	August 2004