Hi,
At:
is stated:
Community: The Rocky Linux distribution does not come with any extra legal indemnification from the community of maintainers. Users are therefore open to potential infringement claims related to open source software packaged with the distribution.
How much, if at all, are users of AlmaLinux open to potential infringement claims related to open source software packaged with the distribution, or other risks?
hi @JL1000! I just saw this post yesterday and wanted to let you know that I’m not ignoring you, but I do want to make sure you get a well thought out response. I hope to have something back to you next week.
@bennyVasquez - I just saw your reply. Thank you very much for replying.
I don’t mean to stir the pot with this question.
I am not a user of Rocky, but I was surprised to see that users of Rocky may be open to potential infringement claims.
I just want to make sure I understand the situation with AlmaLinux.
I realize this is a complicated subject. Please take as much time as you need. 
The reasons I ask this question include:
There are several posts re this question on the internet, eg on reddit. And people express their opinion on this matter, but since they are not part of AlmaLinux, they may be incorrect.
From what I have also read on other posts on the net, the answer to this question also depends on the version of AlmaLinux. Eg I have read that ver 10 will be based on Centos Stream. While other version may not be. But again, on eg reddit, which may not be accurate. And this maybe would affect the answer to this question.
The situation is fluid. Eg the terms and conditions of the upstream licensing could and maybe has changed.
I ask the question only so I can understand better the situation.
Thanks again and I look forward to your reply.
Oh, man. I took forever to get you this reply!
Thanks for the clarification AND for your patience, @JL1000 - and thanks for asking the question. I’d much rather be given a chance to share my opinion than have folks speculating about what it might be.
I’ll preface this with all of the normal “I am not a lawyer, please work with your legal person/team before you make decisions that might impact your business” caveats.
How much, if at all, are users of AlmaLinux open to potential infringement claims related to open source software packaged with the distribution, or other risks?
Defining risk here is hard in the abstract. For the purposes of my answer, I’m assuming your question centers on open source licensing risk.
LOTS of companies use open source projects every day. Assessing and understanding the risk involved in that use requires analyzing the license that accompanies the original code, the facts of the situation, and the needs of those involved. A distribution inherently carries with it a greater risk, just because it’s shipping significantly more code than most single projects would.
We think that AlmaLinux users would likely be at less risk of this kind of violation than we were 18 months ago because we are building from sources that are fully and publicly available, but (again) that’s a question for your legal advisor.
VERY tangential to your question (and this is likely mostly my inner armchair-quaterback talking), but the only reason that I can see someone looking for indemnification as a user of Rocky is a fear that Red Hat doesn’t like how Rocky is being built (because the Rocky Linux folks didn’t take the same approach we did when the RHEL source code shifted last year).
I hope that, even as non-answers go, this is helpful for you!