Can the US government force Canonical and Red Hat to disallow downloads and development from non US countries?

@xavier666 Given that Canonical is a British company, that's not something that could happen at all. Red Hat is anyone's guess given that the law doesn't really mean anything to them any more.
- I had a brain fart. I completely forgot that Canonical is British.
- what has red had done that makes you say the law is meaningless to them?
  
  @gi1242 The US government, not Red Hat themselves.
  
  They literally wanted to close source as much as possible afaik.
  But unsure if its true. Somethinf in that direction of fedora abd locking down was a thing. It rose a question on GPL if its really working or allowed, as they abused loopholes

Canonical is UK based, so scrub that.
But Redhat, Rocky, Alma are all owned by US legal entities and can absolutely be legally forced to do as you describe.
Technically blocked is something else, mind. We're clever, resourceful and motivated people and US laws wouldn't directly affect us.
However - you're thinking small. US influence of IT is massive. Routers, servers, hardware of all levels. The most enterprise level software is US led. All of these things can be restricted, or tarriffed heavily, or sanctioned entirely. If the US wants to hurt the rest of the world, it just has to tell Broadcom to turn off vmware outside of America. Ditto Cisco, Ditto Dell, Ditto... etc etc. Sure, it would be illegal, but does the American government care about that?
Anyone telling you that "Y won't happen because it's unthinkable" clearly hasn't been paying attention this year.
- More than that, it's the cloud services from Google, Amazon, and Microsoft that worry me. Many IT shops are dependent on these services, so if the US regime decides to f- around with that, many companies outside will be screwed.
  
  Absolutely.
  These services are also used by many governments around the world and considered critical infrastructure.
  Terrifying, right?
  
  If its a matter of when. Still has 3 3/4 of a term left.
  
  You wonder though, with the big players, whether they can lobby / pay off trump in some way to not be affected? I mean look at how the China tariffs changed overnight to not include mobile phones etc. Can’t have the majority of Apple’s production being subject to tariffs (they sure can’t make them in the US for the same cost)!
- Redhat Inc is in the US, but Redhat Ltd is Europe (and more I think). I don't know what would happen if the parts of the company had to take different paths for a while. I would assume all the non-US stuff would want to keep making money while the US slogs through crazy...

Canonical? the US could try but Canonical isn't a US company so far as I know. The attempt would probably just piss off their "home" nation. That would be the UK, I think.
Red Hat is another story though. It's owned by IBM which is a US company, which means it is, in theory, obliged to obey any lawful order of the US government. I say "in theory" because there is a long history of companies here saying "Yes sir, Yes sir, Three bags full sir." and then doing whatever they want when no one is looking anymore. For examples see Facebook, Google, OpenAI, Exxon IBM, Coke, Ford and... Well just about every company that has been around for more than 20 years and most small businesses to boot.
Practically speaking, though. These companies are based around open source projects whose source code has been widely distributed. If you need to, (or hell, even if you just want to) fork them, rename the project to avoid trademarks, and move on. Whether you flip Uncle Sam the bird as you do so, your call.
- There's also the fact that a legal order could be seen as violating the First Amendment, and I make no illusion that the Administration will ignore it (like the rest of the Constitution) but barring a bribe, IBM or anyone impacted could at least go to the courts and get a slam dunk injunction for some period of time.

It's practically unrealistic. Even for a distro governed by a US-based company there are a lot of download mirrors, so restricting downloads from all of them is extremely difficult (and anyway unrestricted foreign mirrors still could synchronize with official ones via VPN). Forbidding foreign developers would require identification of each developer, but few distros do this (Debian does, but e.g. Fedora does not).
Developers would understand that such restrictions effectively kill a project, so they would shirk them.

IBM/Red Hat maybe since it’s a US company. HOWEVER we went through this with PGP already and the infamous RSA Dolphin.
So could they try? Yeah. Would it work? I don’t know.

Hello, Suse is also mature company. Just less marketed. Also BSDs are there as alternatives

Honestly have no idea. In current times we're seeing the law do all sorts of things that I would have told you months ago weren't possible. I'm realizing that most of what held up our current system was nothing more than good faith.

Small note. Opensuse Leap is EXTREMELY stable. Just as stable as RHEL and more stable than non-LTS Ubuntu. It’s just less well marketed in the English speaking world.
- I can’t remember exactly why intensive, but it never worked right when I tried it. Weird layers of abstraction, terrible ARM support, blegh.

They can for red hat but canonical is (or at least I think it is) South African
Either way, it doesn't matter, it's open source software so we'll happily download it somewhere else. loads of distress to choose from
Trying to force other countries to comply? Well the US could do that 2 years ago but since Trump utterly obliterated all of its soft power it has no way of enforcing that beyond threatening with tarrics (and we all know how well that has worked) or a full on invasion which will be bad for said country but as soon as the inevitable body bags come crashing back into the country, it would kill this administration
- canonical is (or at least I think it is) South African
  Canonical is British. Headquarters are in London.
  The founder, Mark Shuttleworth, is a South African born British citizen, hence the African name for the distro. But it is and always has been British.
  
  I stand corrected!
- but as soon as the inevitable body bags come crashing back into the country, it would kill this administration
  No they won't. I've heard all kinds of stories like this for Putin and he's still alive and happy.
  
  Yeah no, Putin is a different story
  He doesn't give a shit about dead soldiers in body bags. Almost noone in Russia sees that, or if they do they'll be told som lie about it. Its much simpler than in the US
  You know what's not simpler? Demographics. As I recently read somewhere, demographics is like a freight train, slow, but all of the sudden you hear this horn bare and you're splattered under it.
  Putin lost now about a million men of working age. That is a huge gash that will come back to haunt Russia. Not Putin, mind you, he'll be dead and gone within a few years. Russia, though, is thoroughly fucked for the next decades. It already has low population issues before, and their demographics chart at this point is a fucking rollercoaster. Their population is already relatively old, and with the loss of about a million men, in a country largely dependent on mineral extraction and sale, it will be ugly.

ubuntu would be fine id imagine Arch is a community project so they cant really stop it and fedora/red hat who knows

No, you can’t prevent open source software being mirrored, nor can you can compel citizens and companies of other countries to stop working on it.

It doesnt matter tbh. Even assuming they could entirely prevent non-US downloads it would take perhaps a few months before non-US alternatives were up and running. Its not like the entire worlds gonna go oh ok guess we wont have that stuff then. They'll just host their own downloads. It probably wouldn't even take that long. It might cause some short term chaos, but long term it wont do a thing.

Compete with what ? I want to see a decent budget and at least 5 year plan first. The scenario is ridiculous, each distribution have so many mirrors that you can't just ban internet, baning development is even more unrealistic given the nature of linux development. What they gonna do, ban email ? https://git-scm.com/docs/git-send-email

The US govt has done worse (cf. Phil Zimmerman)

Whether or not they are US based entities I think is moot since several developers have already been booted from kernel development due to their affiliations largely at the behest of the US.
Also if they try prevent downloads it would have the interesting side affect that: all the folks out there seeding and torrenting Linux ISOs might have to now also claim they only share the un-embargoed ones, wink.

Yes, absolutely. And they can drag Canonical into it as well if they wish though it's harder. Being UK based doesn't protect them from the long arm of US law including arresting any US personnel, freezing and seizing their funds, putting out arrest warrants for and harassing those in the UK with the fear of arrest and rendition to the US if they go to a third country (for a conference, vacation, etc, most would buckle rather than live under that). Additionally the US could sanction them for non-cooperation by making it illegal for US companies to sell them products and services, for US citizens to work for or aid them, etc.
They can go after community led projects too, just send the feds over to the houses of some senior US developers and threaten and intimidate them, intimate their imminent arrest and prison sentence unless they stop contact and work with parties from whatever countries the US wishes to choose to name. Raid their houses, seize their electronics, detain them for hours in poor conditions. Lots of ways to apply pressure that doesn't even have to stand up to extensive legal scrutiny (they can keep devices and things and the people would have to sue to get them back).
The code itself is likely to exist in multiple places so if someone wanted to fork from say next week's builds for an EU build they could and there would be little the US could do to stop that but they could stop cooperation and force these developers to apply technical measures to attempt to prevent downloads from IP addresses known to belong to sanctioned countries of their choosing.
It's not like the US can slam the door and take its Linux home and China and the EU and Russia are left with nothing, they'd still have old builds and code and could develop off of those though with broken international cooperation it would be a fragmented process prone to various teething issues.