diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5 index 08511661e328..815ffc62fc39 100644 --- a/share/man/man5/src.conf.5 +++ b/share/man/man5/src.conf.5 @@ -1,1856 +1,1846 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. -.Dd May 30, 2023 +.Dd June 17, 2023 .Dt SRC.CONF 5 .Os .Sh NAME .Nm src.conf .Nd "source build options" .Sh DESCRIPTION The .Nm file contains variables that control what components will be generated during the build process of the .Fx source tree; see .Xr build 7 . .Pp The .Nm file uses the standard makefile syntax. However, .Nm should not specify any dependencies to .Xr make 1 . Instead, .Nm is to set .Xr make 1 variables that control the aspects of how the system builds. .Pp The default location of .Nm is .Pa /etc/src.conf , though an alternative location can be specified in the .Xr make 1 variable .Va SRCCONF . Overriding the location of .Nm may be necessary if the system-wide settings are not suitable for a particular build. For instance, setting .Va SRCCONF to .Pa /dev/null effectively resets all build controls to their defaults. .Pp The only purpose of .Nm is to control the compilation of the .Fx source code, which is usually located in .Pa /usr/src . As a rule, the system administrator creates .Nm when the values of certain control variables need to be changed from their defaults. .Pp In addition, control variables can be specified for a particular build via the .Fl D option of .Xr make 1 or in its environment; see .Xr environ 7 . .Pp The environment of .Xr make 1 for the build can be controlled via the .Va SRC_ENV_CONF variable, which defaults to .Pa /etc/src-env.conf . Some examples that may only be set in this file are .Va WITH_DIRDEPS_BUILD , and .Va WITH_META_MODE , and .Va MAKEOBJDIRPREFIX as they are environment-only variables. .Pp The values of variables are ignored regardless of their setting; even if they would be set to .Dq Li FALSE or .Dq Li NO . The presence of an option causes it to be honored by .Xr make 1 . .Pp This list provides a name and short description for variables that can be used for source builds. .Bl -tag -width indent .It Va WITHOUT_ACCT Do not build process accounting tools such as .Xr accton 8 and .Xr sa 8 . .It Va WITHOUT_ACPI Do not build .Xr acpiconf 8 , .Xr acpidump 8 and related programs. .It Va WITHOUT_APM Do not build .Xr apm 8 , .Xr apmd 8 and related programs. .It Va WITH_ASAN Build the base system with Address Sanitizer (ASan) to detect memory corruption bugs such as buffer overflows or use-after-free. Requires that Clang be used as the base system compiler and that the runtime support library is available. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITH_LLVM_BINUTILS .It .Va WITH_LLVM_CXXFILT .El .It Va WITHOUT_ASSERT_DEBUG Compile programs and libraries without the .Xr assert 3 checks. .It Va WITHOUT_AT Do not build .Xr at 1 and related utilities. .It Va WITHOUT_AUDIT Do not build audit support into system programs. .It Va WITHOUT_AUTHPF Do not build .Xr authpf 8 . .It Va WITHOUT_AUTOFS Do not build .Xr autofs 5 related programs, libraries, and kernel modules. .It Va WITHOUT_AUTO_OBJ Disable automatic creation of objdirs. This is enabled by default if the wanted OBJDIR is writable by the current user. .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITH_BEARSSL Build the BearSSL library. .Pp BearSSL is a tiny SSL library suitable for embedded environments. For details see .Lk https://www.BearSSL.org/ .Pp This library is currently only used to perform signature verification and related operations for Verified Exec and .Xr loader 8 . When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITH_LOADER_EFI_SECUREBOOT (unless .Va WITHOUT_LOADER_EFI_SECUREBOOT is set explicitly) .It Va WITH_LOADER_VERIEXEC (unless .Va WITHOUT_LOADER_VERIEXEC is set explicitly) .It Va WITH_LOADER_VERIEXEC_VECTX (unless .Va WITHOUT_LOADER_VERIEXEC_VECTX is set explicitly) .It Va WITH_VERIEXEC (unless .Va WITHOUT_VERIEXEC is set explicitly) .El .It Va WITHOUT_BHYVE Do not build or install .Xr bhyve 8 , associated utilities, and examples. .Pp This option only affects amd64/amd64. .It Va WITH_BHYVE_SNAPSHOT Include support for save and restore (snapshots) in .Xr bhyve 8 and .Xr bhyvectl 8 . .Pp This option only affects amd64/amd64. .It Va WITH_BIND_NOW Build all binaries with the .Dv DF_BIND_NOW flag set to indicate that the run-time loader should perform all relocation processing at process startup rather than on demand. The combination of the .Va BIND_NOW and .Va RELRO options provide "full" Relocation Read-Only (RELRO) support. With full RELRO the entire GOT is made read-only after performing relocation at startup, avoiding GOT overwrite attacks. .It Va WITHOUT_BLACKLIST Set this if you do not want to build .Xr blacklistd 8 and .Xr blacklistctl 8 . When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_BLACKLIST_SUPPORT (unless .Va WITH_BLACKLIST_SUPPORT is set explicitly) .El .It Va WITHOUT_BLACKLIST_SUPPORT Build some programs without .Xr libblacklist 3 support, like .Xr fingerd 8 , .Xr ftpd 8 , and .Xr sshd 8 . .It Va WITHOUT_BLUETOOTH Do not build Bluetooth related kernel modules, programs and libraries. .It Va WITHOUT_BOOT Do not build the boot blocks and loader. .It Va WITHOUT_BOOTPARAMD Do not build or install .Xr bootparamd 8 . .It Va WITHOUT_BOOTPD Do not build or install .Xr bootpd 8 . .It Va WITHOUT_BSDINSTALL Do not build .Xr bsdinstall 8 , .Xr sade 8 , and related programs. .It Va WITHOUT_BSD_CPIO Do not build the BSD licensed version of cpio based on .Xr libarchive 3 . .It Va WITHOUT_BSNMP Do not build or install .Xr bsnmpd 1 and related libraries and data files. .It Va WITHOUT_BZIP2 Do not build contributed bzip2 software as a part of the base system. .Bf -symbolic The option has no effect yet. .Ef When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_BZIP2_SUPPORT (unless .Va WITH_BZIP2_SUPPORT is set explicitly) .El .It Va WITHOUT_BZIP2_SUPPORT Build some programs without optional bzip2 support. .It Va WITHOUT_CALENDAR Do not build .Xr calendar 1 . -.It Va WITHOUT_CAPSICUM -Do not build Capsicum support into system programs. -When set, it enforces these options: -.Pp -.Bl -item -compact -.It -.Va WITHOUT_CASPER -.El .It Va WITHOUT_CAROOT Do not add the trusted certificates from the Mozilla NSS bundle to base. -.It Va WITHOUT_CASPER -Do not build Casper program and related libraries. .It Va WITH_CCACHE_BUILD Use .Xr ccache 1 for the build. No configuration is required except to install the .Sy devel/ccache package. When using with .Xr distcc 1 , set .Sy CCACHE_PREFIX=/usr/local/bin/distcc . The default cache directory of .Pa $HOME/.ccache will be used, which can be overridden by setting .Sy CCACHE_DIR . The .Sy CCACHE_COMPILERCHECK option defaults to .Sy content when using the in-tree bootstrap compiler, and .Sy mtime when using an external compiler. The .Sy CCACHE_CPP2 option is used for Clang but not GCC. .Pp Sharing a cache between multiple work directories requires using a layout similar to .Pa /some/prefix/src .Pa /some/prefix/obj and an environment such as: .Bd -literal -offset indent CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' .Ed .Pp See .Xr ccache 1 for more configuration options. .It Va WITHOUT_CCD Do not build .Xr geom_ccd 4 and related utilities. .It Va WITHOUT_CDDL Do not build code licensed under Sun's CDDL. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_CTF .It .Va WITHOUT_DTRACE .It .Va WITHOUT_LOADER_ZFS .It .Va WITHOUT_ZFS .El .It Va WITHOUT_CLANG Do not build the Clang C/C++ compiler during the regular phase of the build. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_CLANG_EXTRAS .It .Va WITHOUT_CLANG_FORMAT .It .Va WITHOUT_CLANG_FULL .It .Va WITHOUT_LLVM_COV .El .Pp When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_LLVM_TARGET_AARCH64 (unless .Va WITH_LLVM_TARGET_AARCH64 is set explicitly) .It Va WITHOUT_LLVM_TARGET_ALL (unless .Va WITH_LLVM_TARGET_ALL is set explicitly) .It Va WITHOUT_LLVM_TARGET_ARM (unless .Va WITH_LLVM_TARGET_ARM is set explicitly) .It Va WITHOUT_LLVM_TARGET_POWERPC (unless .Va WITH_LLVM_TARGET_POWERPC is set explicitly) .It Va WITHOUT_LLVM_TARGET_RISCV (unless .Va WITH_LLVM_TARGET_RISCV is set explicitly) .El .It Va WITHOUT_CLANG_BOOTSTRAP Do not build the Clang C/C++ compiler during the bootstrap phase of the build. To be able to build the system, either gcc or clang bootstrap must be enabled unless an alternate compiler is provided via XCC. .It Va WITH_CLANG_EXTRAS Build additional clang and llvm tools, such as bugpoint and clang-format. .It Va WITH_CLANG_FORMAT Build clang-format. .It Va WITHOUT_CLANG_FULL Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of the Clang C/C++ compiler. .It Va WITHOUT_CLEAN Do not clean before building world and/or kernel. .It Va WITHOUT_CPP Do not build .Xr cpp 1 . .It Va WITHOUT_CROSS_COMPILER Do not build any cross compiler in the cross-tools stage of buildworld. When compiling a different version of .Fx than what is installed on the system, provide an alternate compiler with XCC to ensure success. When compiling with an identical version of .Fx to the host, this option may be safely used. This option may also be safe when the host version of .Fx is close to the sources being built, but all bets are off if there have been any changes to the toolchain between the versions. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_CLANG_BOOTSTRAP .It .Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP .It .Va WITHOUT_LLD_BOOTSTRAP .El .It Va WITHOUT_CRYPT Do not build any crypto code. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_DMAGENT .It .Va WITHOUT_KERBEROS .It .Va WITHOUT_KERBEROS_SUPPORT .It .Va WITHOUT_LDNS .It .Va WITHOUT_LDNS_UTILS .It .Va WITHOUT_LOADER_ZFS .It .Va WITHOUT_OPENSSH .It .Va WITHOUT_OPENSSL .It .Va WITHOUT_OPENSSL_KTLS .It .Va WITHOUT_PKGBOOTSTRAP .It .Va WITHOUT_UNBOUND .It .Va WITHOUT_ZFS .El .Pp When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_GSSAPI (unless .Va WITH_GSSAPI is set explicitly) .El .It Va WITH_CTF Compile with CTF (Compact C Type Format) data. CTF data encapsulates a reduced form of debugging information similar to DWARF and the venerable stabs and is required for DTrace. .It Va WITHOUT_CUSE Do not build CUSE-related programs and libraries. .It Va WITHOUT_CXGBETOOL Do not build .Xr cxgbetool 8 .Pp This is a default setting on arm/armv6, arm/armv7, powerpc/powerpc and riscv/riscv64. .It Va WITH_CXGBETOOL Build .Xr cxgbetool 8 .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_DEBUG_FILES Avoid building or installing standalone debug files for each executable binary and shared library. .It Va WITH_DETECT_TZ_CHANGES Make the time handling code detect changes to the timezone files. .It Va WITHOUT_DIALOG Do not build .Xr dialog 1 , .Xr dialog 3 , .Xr dpv 1 , and .Xr dpv 3 . When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_BSDINSTALL .El .It Va WITHOUT_DICT Do not build the Webster dictionary files. .It Va WITH_DIRDEPS_BUILD This is an alternate build system. For details see https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. Build commands can be seen from the top-level with: .Dl make show-valid-targets The build is driven by dirdeps.mk using .Va DIRDEPS stored in Makefile.depend files found in each directory. .Pp The build can be started from anywhere, and behaves the same. The initial instance of .Xr make 1 recursively reads .Va DIRDEPS from .Pa Makefile.depend , computing a graph of tree dependencies from the current origin. Setting .Va NO_DIRDEPS skips checking dirdep dependencies and will only build in the current and child directories. .Va NO_DIRDEPS_BELOW skips building any dirdeps and only build the current directory. .Pp This also utilizes the .Va WITH_META_MODE logic for incremental builds. .Pp The build hides commands executed unless .Va NO_SILENT is defined. .Pp Note that there is currently no mass install feature for this. This build is designed for producing packages, that can then be installed on a target system. .Pp The implementation in .Fx is incomplete. Completion would require leaf directories for building each kernel and package so that their dependencies can be tracked. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITH_INSTALL_AS_USER .El .Pp When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITH_META_ERROR_TARGET (unless .Va WITHOUT_META_ERROR_TARGET is set explicitly) .It Va WITH_META_MODE (unless .Va WITHOUT_META_MODE is set explicitly) .It Va WITH_STAGING (unless .Va WITHOUT_STAGING is set explicitly) .It Va WITH_STAGING_MAN (unless .Va WITHOUT_STAGING_MAN is set explicitly) .It Va WITH_STAGING_PROG (unless .Va WITHOUT_STAGING_PROG is set explicitly) .It Va WITH_SYSROOT (unless .Va WITHOUT_SYSROOT is set explicitly) .El .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITH_DIRDEPS_CACHE Cache result of dirdeps.mk which can save significant time for subsequent builds. Depends on .Va WITH_DIRDEPS_BUILD . .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP Build .Xr etdump 1 , .Xr makefs 8 and .Xr mkimg 1 as bootstrap tools. .It Va WITHOUT_DMAGENT Do not build dma Mail Transport Agent. .It Va WITHOUT_DOCCOMPRESS Do not install compressed system documentation. Only the uncompressed version will be installed. .It Va WITHOUT_DTRACE Do not build DTrace framework kernel modules, libraries, and user commands. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_CTF .El .It Va WITH_DTRACE_TESTS Build and install the DTrace test suite in .Pa /usr/tests/cddl/usr.sbin/dtrace . This test suite is considered experimental on architectures other than amd64/amd64 and running it may cause system instability. .It Va WITHOUT_DYNAMICROOT Set this if you do not want to link .Pa /bin and .Pa /sbin dynamically. .It Va WITHOUT_EE Do not build and install .Xr edit 1 , .Xr ee 1 , and related programs. .It Va WITHOUT_EFI Set not to build .Xr efivar 3 and .Xr efivar 8 . .Pp This is a default setting on i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. .It Va WITH_EFI Build .Xr efivar 3 and .Xr efivar 8 . .Pp This is a default setting on amd64/amd64, arm/armv6, arm/armv7 and arm64/aarch64. .It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP Do not build ELF Tool Chain tools (addr2line, nm, size, strings and strip) as part of the bootstrap process. .Bf -symbolic An alternate bootstrap tool chain must be provided. .Ef .It Va WITHOUT_EXAMPLES Avoid installing examples to .Pa /usr/share/examples/ . .It Va WITH_EXPERIMENTAL Include experimental features in the build. .It Va WITH_EXTRA_TCP_STACKS Build extra TCP stack modules. .It Va WITHOUT_FDT Do not build Flattened Device Tree support as part of the base system. This includes the device tree compiler (dtc) and libfdt support library. .Pp This is a default setting on amd64/amd64 and i386/i386. .It Va WITH_FDT Build Flattened Device Tree support as part of the base system. This includes the device tree compiler (dtc) and libfdt support library. .Pp This is a default setting on arm/armv6, arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. .It Va WITHOUT_FILE Do not build .Xr file 1 and related programs. .It Va WITHOUT_FINGER Do not build or install .Xr finger 1 and .Xr fingerd 8 . .It Va WITHOUT_FLOPPY Do not build or install programs for operating floppy disk driver. .It Va WITHOUT_FORMAT_EXTENSIONS Do not enable .Fl fformat-extensions when compiling the kernel. Also disables all format checking. .It Va WITHOUT_FORTH Build bootloaders without Forth support. .It Va WITHOUT_FP_LIBC Build .Nm libc without floating-point support. .It Va WITHOUT_FREEBSD_UPDATE Do not build .Xr freebsd-update 8 . .It Va WITHOUT_FTP Do not build or install .Xr ftp 1 and .Xr ftpd 8 . .It Va WITHOUT_GAMES Do not build games. .It Va WITHOUT_GH_BC Install the traditional FreeBSD .Xr bc 1 and .Xr dc 1 programs instead of the enhanced versions. .It Va WITHOUT_GNU_DIFF Do not build GNU .Xr diff3 1 . .It Va WITHOUT_GOOGLETEST Neither build nor install .Lb libgmock , .Lb libgtest , and dependent tests. .It Va WITHOUT_GPIO Do not build .Xr gpioctl 8 as part of the base system. .It Va WITHOUT_GSSAPI Do not build libgssapi. .It Va WITHOUT_HAST Do not build .Xr hastd 8 and related utilities. .It Va WITH_HESIOD Build Hesiod support. .It Va WITHOUT_HTML Do not build HTML docs. .It Va WITHOUT_HYPERV Do not build or install HyperV utilities. .Pp This is a default setting on arm/armv6, arm/armv7, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. .It Va WITH_HYPERV Build or install HyperV utilities. .Pp This is a default setting on amd64/amd64, arm64/aarch64 and i386/i386. .It Va WITHOUT_ICONV Do not build iconv as part of libc. .It Va WITHOUT_INCLUDES Do not install header files. This option used to be spelled .Va NO_INCS . .Bf -symbolic The option does not work for build targets. .Ef .It Va WITHOUT_INET Do not build programs and libraries related to IPv4 networking. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_INET_SUPPORT .El .It Va WITHOUT_INET6 Do not build programs and libraries related to IPv6 networking. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_INET6_SUPPORT .El .It Va WITHOUT_INET6_SUPPORT Build libraries, programs, and kernel modules without IPv6 support. .It Va WITHOUT_INETD Do not build .Xr inetd 8 . .It Va WITHOUT_INET_SUPPORT Build libraries, programs, and kernel modules without IPv4 support. .It Va WITH_INIT_ALL_PATTERN Build the base system or kernel with stack variables initialized to .Pq compiler defined debugging patterns on function entry. This option requires the clang compiler. .It Va WITH_INIT_ALL_ZERO Build the base system or kernel with stack variables initialized to zero on function entry. This option requires that the clang compiler be used. .It Va WITHOUT_INSTALLLIB Set this to not install optional libraries. For example, when creating a .Xr nanobsd 8 image. .Bf -symbolic The option does not work for build targets. .Ef .It Va WITH_INSTALL_AS_USER Make install targets succeed for non-root users by installing files with owner and group attributes set to that of the user running the .Xr make 1 command. The user still must set the .Va DESTDIR variable to point to a directory where the user has write permissions. .It Va WITHOUT_IPFILTER Do not build IP Filter package. .It Va WITHOUT_IPFW Do not build IPFW tools. .It Va WITHOUT_IPSEC_SUPPORT Do not build the kernel with .Xr ipsec 4 support. This option is needed for .Xr ipsec 4 and .Xr tcpmd5 4 . .It Va WITHOUT_ISCSI Do not build .Xr iscsid 8 and related utilities. .It Va WITHOUT_JAIL Do not build tools for the support of jails; e.g., .Xr jail 8 . .It Va WITHOUT_KDUMP Do not build .Xr kdump 1 and .Xr truss 1 . .It Va WITHOUT_KERBEROS Set this to not build Kerberos 5 (KTH Heimdal). When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_GSSAPI (unless .Va WITH_GSSAPI is set explicitly) .It Va WITHOUT_KERBEROS_SUPPORT (unless .Va WITH_KERBEROS_SUPPORT is set explicitly) .El .It Va WITHOUT_KERBEROS_SUPPORT Build some programs without Kerberos support, like .Xr ssh 1 , .Xr telnet 1 , and .Xr sshd 8 . .It Va WITH_KERNEL_RETPOLINE Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel build. .It Va WITHOUT_KERNEL_SYMBOLS Do not install standalone kernel debug symbol files. This option has no effect at build time. .It Va WITHOUT_KVM Do not build the .Nm libkvm library as a part of the base system. .Bf -symbolic The option has no effect yet. .Ef When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_KVM_SUPPORT (unless .Va WITH_KVM_SUPPORT is set explicitly) .El .It Va WITHOUT_KVM_SUPPORT Build some programs without optional .Nm libkvm support. .It Va WITHOUT_LDNS Setting this variable will prevent the LDNS library from being built. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_LDNS_UTILS .It .Va WITHOUT_UNBOUND .El .It Va WITHOUT_LDNS_UTILS Setting this variable will prevent building the LDNS utilities .Xr drill 1 and .Xr host 1 . .It Va WITHOUT_LEGACY_CONSOLE Do not build programs that support a legacy PC console; e.g., .Xr kbdcontrol 1 and .Xr vidcontrol 1 . .It Va WITHOUT_LIB32 On 64-bit platforms, do not build 32-bit library set and a .Nm ld-elf32.so.1 runtime linker. .Pp This is a default setting on arm/armv6, arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64. .It Va WITH_LIB32 On 64-bit platforms, build the 32-bit library set and a .Nm ld-elf32.so.1 runtime linker. .Pp This is a default setting on amd64/amd64 and powerpc/powerpc64. .It Va WITHOUT_LLD Do not build LLVM's lld linker. .It Va WITHOUT_LLDB Do not build the LLDB debugger. .Pp This is a default setting on arm/armv6, arm/armv7 and riscv/riscv64. .It Va WITH_LLDB Build the LLDB debugger. .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_LLD_BOOTSTRAP Do not build the LLD linker during the bootstrap phase of the build. To be able to build the system an alternate linker must be provided via XLD. .It Va WITHOUT_LLD_IS_LD Do not install a .Pa /usr/bin/ld symlink to .Pa ld.lld . The system will not have a usable tool chain unless a linker is provided some other way. .It Va WITHOUT_LLVM_ASSERTIONS Disable debugging assertions in LLVM. .It Va WITH_LLVM_BINUTILS Install LLVM's binutils (without an llvm- prefix), instead of ELF Tool Chain's tools. This includes .Xr addr2line 1 , .Xr ar 1 , .Xr nm 1 , .Xr objcopy 1 , .Xr ranlib 1 , .Xr readelf 1 , .Xr size 1 , and .Xr strip 1 . Regardless of this setting, LLVM tools are used for .Xr c++filt 1 and .Xr objdump 1 . .Xr strings 1 is always provided by ELF Tool Chain. .It Va WITHOUT_LLVM_COV Do not build the .Xr llvm-cov 1 tool. .It Va WITHOUT_LLVM_CXXFILT Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. .It Va WITHOUT_LLVM_TARGET_AARCH64 Do not build LLVM target support for AArch64. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITHOUT_LLVM_TARGET_ALL Only build the required LLVM target support. This option is preferred to specific target support options. When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_LLVM_TARGET_AARCH64 (unless .Va WITH_LLVM_TARGET_AARCH64 is set explicitly) .It Va WITHOUT_LLVM_TARGET_ARM (unless .Va WITH_LLVM_TARGET_ARM is set explicitly) .It Va WITHOUT_LLVM_TARGET_POWERPC (unless .Va WITH_LLVM_TARGET_POWERPC is set explicitly) .It Va WITHOUT_LLVM_TARGET_RISCV (unless .Va WITH_LLVM_TARGET_RISCV is set explicitly) .El .It Va WITHOUT_LLVM_TARGET_ARM Do not build LLVM target support for ARM. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITH_LLVM_TARGET_BPF Build LLVM target support for BPF. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITH_LLVM_TARGET_MIPS Build LLVM target support for MIPS. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITHOUT_LLVM_TARGET_POWERPC Do not build LLVM target support for PowerPC. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITHOUT_LLVM_TARGET_RISCV Do not build LLVM target support for RISC-V. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITHOUT_LLVM_TARGET_X86 Do not build LLVM target support for X86. The .Va LLVM_TARGET_ALL option should be used rather than this in most cases. .It Va WITH_LOADER_EFI_SECUREBOOT Enable building .Xr loader 8 with support for verification based on certificates obtained from UEFI. .It Va WITHOUT_LOADER_GELI Disable inclusion of GELI crypto support in the boot chain binaries. .Pp This is a default setting on powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITH_LOADER_GELI Build GELI bootloader support. .Pp This is a default setting on amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. .It Va WITHOUT_LOADER_KBOOT Do not build kboot, a linuxboot environment loader .Pp This is a default setting on arm/armv6, arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64. .It Va WITH_LOADER_KBOOT Build kboot, a linuxboot environment loader .Pp This is a default setting on amd64/amd64, arm64/aarch64 and powerpc/powerpc64. .It Va WITHOUT_LOADER_LUA Do not build LUA bindings for the boot loader. .Pp This is a default setting on powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITH_LOADER_LUA Build LUA bindings for the boot loader. .Pp This is a default setting on amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. .It Va WITHOUT_LOADER_OFW Disable building of openfirmware bootloader components. .Pp This is a default setting on amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. .It Va WITH_LOADER_OFW Build openfirmware bootloader components. .Pp This is a default setting on powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_LOADER_UBOOT Disable building of ubldr. .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. .It Va WITH_LOADER_UBOOT Build ubldr. .Pp This is a default setting on arm/armv6, arm/armv7, powerpc/powerpc and powerpc/powerpc64. .It Va WITH_LOADER_VERBOSE Build with extra verbose debugging in the loader. May explode already nearly too large loader over the limit. Use with care. .It Va WITH_LOADER_VERIEXEC Enable building .Xr loader 8 with support for verification similar to Verified Exec. .Pp Depends on .Va WITH_BEARSSL . When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITH_LOADER_EFI_SECUREBOOT (unless .Va WITHOUT_LOADER_EFI_SECUREBOOT is set explicitly) .It Va WITH_LOADER_VERIEXEC_VECTX (unless .Va WITHOUT_LOADER_VERIEXEC_VECTX is set explicitly) .El .It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST Enable building .Xr loader 8 with support to pass a verified manifest to the kernel. The kernel has to be built with a module to parse the manifest. .Pp Depends on .Va WITH_LOADER_VERIEXEC . .It Va WITH_LOADER_VERIEXEC_VECTX Enable building .Xr loader 8 with support for hashing and verifying kernel and modules as a side effect of loading. .Pp Depends on .Va WITH_LOADER_VERIEXEC . .It Va WITHOUT_LOADER_ZFS Do not build ZFS file system boot loader support. .It Va WITHOUT_LOCALES Do not build localization files; see .Xr locale 1 . .It Va WITHOUT_LOCATE Do not build .Xr locate 1 and related programs. .It Va WITHOUT_LPR Do not build .Xr lpr 1 and related programs. .It Va WITHOUT_LS_COLORS Build .Xr ls 1 without support for colors to distinguish file types. .It Va WITHOUT_MACHDEP_OPTIMIZATIONS Prefer machine-independent non-assembler code in libc and libm. .It Va WITHOUT_MAIL Do not build any mail support (MUA or MTA). When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_DMAGENT .It .Va WITHOUT_MAILWRAPPER .It .Va WITHOUT_SENDMAIL .El .It Va WITHOUT_MAILWRAPPER Do not build the .Xr mailwrapper 8 MTA selector. .It Va WITHOUT_MAKE Do not install .Xr make 1 and related support files. .It Va WITHOUT_MAKE_CHECK_USE_SANDBOX Do not execute .Dq Li "make check" in limited sandbox mode. This option should be paired with .Va WITH_INSTALL_AS_USER if executed as an unprivileged user. See .Xr tests 7 for more details. .It Va WITH_MALLOC_PRODUCTION Disable assertions and statistics gathering in .Xr malloc 3 . It also defaults the A and J runtime options to off. .It Va WITHOUT_MAN Do not build manual pages. When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_MAN_UTILS (unless .Va WITH_MAN_UTILS is set explicitly) .El .It Va WITHOUT_MANCOMPRESS Do not install compressed man pages. Only the uncompressed versions will be installed. .It Va WITH_MANSPLITPKG Split man pages into their own packages during make package. .It Va WITHOUT_MAN_UTILS Do not build utilities for manual pages, .Xr apropos 1 , .Xr makewhatis 1 , .Xr man 1 , .Xr whatis 1 , .Xr manctl 8 , and related support files. .It Va WITH_META_ERROR_TARGET Enable the META_MODE .ERROR target. .Pp This target will copy the meta file of a failed target to .Va ERROR_LOGDIR (default is .Ql ${SRCTOP:H}/error ) to help with failure analysis. Depends on .Va WITH_META_MODE . This default when .Va WITH_DIRDEPS_BUILD is set. .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITH_META_MODE Create .Xr make 1 meta files when building, which can provide a reliable incremental build when using .Xr filemon 4 . The meta file is created in OBJDIR as .Pa target.meta . These meta files track the command that was executed, its output, and the current directory. The .Xr filemon 4 module is required unless .Va NO_FILEMON is defined. When the module is loaded, any files used by the commands executed are tracked as dependencies for the target in its meta file. The target is considered out-of-date and rebuilt if any of these conditions are true compared to the last build: .Bl -bullet -compact .It The command to execute changes. .It The current working directory changes. .It The target's meta file is missing. .It The target's meta file is missing filemon data when filemon is loaded and a previous run did not have it loaded. .It [requires .Xr filemon 4 ] Files read, executed or linked to are newer than the target. .It [requires .Xr filemon 4 ] Files read, written, executed or linked are missing. .El The meta files can also be useful for debugging. .Pp The build hides commands that are executed unless .Va NO_SILENT is defined. Errors cause .Xr make 1 to show some of its environment for further debugging. .Pp The build operates as it normally would otherwise. This option originally invoked a different build system but that was renamed to .Va WITH_DIRDEPS_BUILD . .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITHOUT_MLX5TOOL Do not build .Xr mlx5tool 8 .Pp This is a default setting on arm/armv6, arm/armv7, powerpc/powerpc and riscv/riscv64. .It Va WITH_MLX5TOOL Build .Xr mlx5tool 8 .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_NETCAT Do not build .Xr nc 1 utility. .It Va WITHOUT_NETGRAPH Do not build applications to support .Xr netgraph 4 . When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_BLUETOOTH .El .Pp When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_NETGRAPH_SUPPORT (unless .Va WITH_NETGRAPH_SUPPORT is set explicitly) .El .It Va WITHOUT_NETGRAPH_SUPPORT Build libraries, programs, and kernel modules without netgraph support. .It Va WITHOUT_NETLINK Do not build .Xr genl 1 utility. .It Va WITHOUT_NETLINK_SUPPORT Make libraries and programs use rtsock and .Xr sysctl 3 interfaces instead of .Xr snl 3 . .It Va WITHOUT_NIS Do not build .Xr NIS 8 support and related programs. If set, you might need to adopt your .Xr nsswitch.conf 5 and remove .Sq nis entries. .It Va WITHOUT_NLS Do not build NLS catalogs. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_NLS_CATALOGS .El .It Va WITHOUT_NLS_CATALOGS Do not build NLS catalog support for .Xr csh 1 . .It Va WITHOUT_NS_CACHING Disable name caching in the .Pa nsswitch subsystem. The generic caching daemon, .Xr nscd 8 , will not be built either if this option is set. .It Va WITHOUT_NTP Do not build .Xr ntpd 8 and related programs. .It Va WITHOUT_NVME Do not build nvme related tools and kernel modules. .Pp This is a default setting on arm/armv6, arm/armv7, powerpc/powerpc and riscv/riscv64. .It Va WITH_NVME Build nvme related tools and kernel modules. .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_OFED Do not build the .Dq "OpenFabrics Enterprise Distribution" InfiniBand software stack, including kernel modules and userspace libraries. .Pp This is a default setting on arm/armv6 and arm/armv7. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_OFED_EXTRA .El .It Va WITH_OFED Build the .Dq "OpenFabrics Enterprise Distribution" InfiniBand software stack, including kernel modules and userspace libraries. .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. .It Va WITH_OFED_EXTRA Build the non-essential components of the .Dq "OpenFabrics Enterprise Distribution" Infiniband software stack, mostly examples. .It Va WITH_OPENLDAP Enable building LDAP support for kerberos using an openldap client from ports. .It Va WITHOUT_OPENMP Do not build LLVM's OpenMP runtime. .Pp This is a default setting on arm/armv6, arm/armv7 and powerpc/powerpc. .It Va WITH_OPENMP Build LLVM's OpenMP runtime. .Pp This is a default setting on amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. .It Va WITHOUT_OPENSSH Do not build OpenSSH. .It Va WITHOUT_OPENSSL Do not build OpenSSL. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_DMAGENT .It .Va WITHOUT_KERBEROS .It .Va WITHOUT_KERBEROS_SUPPORT .It .Va WITHOUT_LDNS .It .Va WITHOUT_LDNS_UTILS .It .Va WITHOUT_LOADER_ZFS .It .Va WITHOUT_OPENSSH .It .Va WITHOUT_OPENSSL_KTLS .It .Va WITHOUT_PKGBOOTSTRAP .It .Va WITHOUT_UNBOUND .It .Va WITHOUT_ZFS .El .Pp When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_GSSAPI (unless .Va WITH_GSSAPI is set explicitly) .El .It Va WITHOUT_OPENSSL_KTLS Do not include kernel TLS support in OpenSSL. .Pp This is a default setting on arm/armv6, arm/armv7, i386/i386, powerpc/powerpc and riscv/riscv64. .It Va WITH_OPENSSL_KTLS Include kernel TLS support in OpenSSL. .Pp This is a default setting on amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_PAM Do not build PAM library and modules. .Bf -symbolic This option is deprecated and does nothing. .Ef When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_PAM_SUPPORT (unless .Va WITH_PAM_SUPPORT is set explicitly) .El .It Va WITHOUT_PAM_SUPPORT Build some programs without PAM support, particularly .Xr ftpd 8 and .Xr ppp 8 . .It Va WITHOUT_PF Do not build PF firewall package. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_AUTHPF .El .It Va WITHOUT_PIE Do not build dynamically linked binaries as Position-Independent Executable (PIE). .Pp This is a default setting on arm/armv6, arm/armv7, i386/i386 and powerpc/powerpc. .It Va WITH_PIE Build dynamically linked binaries as Position-Independent Executable (PIE). .Pp This is a default setting on amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. .It Va WITHOUT_PKGBOOTSTRAP Do not build .Xr pkg 7 bootstrap tool. .It Va WITHOUT_PMC Do not build .Xr pmccontrol 8 and related programs. .It Va WITHOUT_PPP Do not build .Xr ppp 8 and related programs. .It Va WITH_PROFILE Build profiled libraries for use with .Xr gprof 8 . This option is deprecated and may not be present in a future version of .Fx . .It Va WITHOUT_QUOTAS Do not build .Xr quota 1 and related programs. .It Va WITHOUT_RADIUS_SUPPORT Do not build radius support into various applications, like .Xr pam_radius 8 and .Xr ppp 8 . .It Va WITH_RATELIMIT Build the system with rate limit support. .Pp This makes .Dv SO_MAX_PACING_RATE effective in .Xr getsockopt 2 , and .Ar txrlimit support in .Xr ifconfig 8 , by proxy. .It Va WITHOUT_RBOOTD Do not build or install .Xr rbootd 8 . .It Va WITHOUT_RELRO Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. See also the .Va BIND_NOW option. .It Va WITH_REPRODUCIBLE_BUILD Exclude build metadata (such as the build time, user, or host) from the kernel, boot loaders, and uname output, so that builds produce bit-for-bit identical output. .It Va WITHOUT_RESCUE Do not build .Xr rescue 8 . .It Va WITH_RETPOLINE Build the base system with the retpoline speculative execution vulnerability mitigation for CVE-2017-5715. .It Va WITHOUT_ROUTED Do not build .Xr routed 8 utility. .It Va WITH_RPCBIND_WARMSTART_SUPPORT Build .Xr rpcbind 8 with warmstart support. .It Va WITHOUT_SCTP_SUPPORT Disable support in the kernel for the .Xr sctp 4 Stream Control Transmission Protocol loadable kernel module. .It Va WITHOUT_SENDMAIL Do not build .Xr sendmail 8 and related programs. .It Va WITHOUT_SERVICESDB Do not install .Pa /var/db/services.db . .It Va WITHOUT_SETUID_LOGIN Set this to disable the installation of .Xr login 1 as a set-user-ID root program. .It Va WITHOUT_SHAREDOCS Do not build the .Bx 4.4 legacy docs. .It Va WITHOUT_SHARED_TOOLCHAIN Build the toolchain binaries as statically linked executables. The set includes .Xr cc 1 , .Xr make 1 and necessary utilities like assembler, linker and library archive manager. .It Va WITH_SORT_THREADS Enable threads in .Xr sort 1 . .It Va WITHOUT_SOURCELESS Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_SOURCELESS_HOST .It .Va WITHOUT_SOURCELESS_UCODE .El .It Va WITHOUT_SOURCELESS_HOST Do not build kernel modules that include sourceless native code for host CPU. .It Va WITHOUT_SOURCELESS_UCODE Do not build kernel modules that include sourceless microcode. .It Va WITHOUT_SPLIT_KERNEL_DEBUG Do not build standalone kernel debug files. Debug data (if enabled by the kernel configuration file) will be included in the kernel and modules. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_KERNEL_SYMBOLS .El .It Va WITHOUT_SSP Do not build world with propolice stack smashing protection. .It Va WITH_STAGING Enable staging of files to a stage tree. This can be best thought of as auto-install to .Va DESTDIR with some extra meta data to ensure dependencies can be tracked. Depends on .Va WITH_DIRDEPS_BUILD . When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITH_STAGING_MAN (unless .Va WITHOUT_STAGING_MAN is set explicitly) .It Va WITH_STAGING_PROG (unless .Va WITHOUT_STAGING_PROG is set explicitly) .El .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITH_STAGING_MAN Enable staging of man pages to stage tree. .It Va WITH_STAGING_PROG Enable staging of PROGs to stage tree. .It Va WITH_STALE_STAGED Check staged files are not stale. .It Va WITHOUT_STATS Neither build nor install .Lb libstats and dependent binaries. .It Va WITHOUT_SYSCONS Do not build .Xr syscons 4 support files such as keyboard maps, fonts, and screen output maps. .It Va WITH_SYSROOT Enable use of sysroot during build. Depends on .Va WITH_DIRDEPS_BUILD . .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITHOUT_SYSTEM_COMPILER Do not opportunistically skip building a cross-compiler during the bootstrap phase of the build. Normally, if the currently installed compiler matches the planned bootstrap compiler type and revision, then it will not be built. This does not prevent a compiler from being built for installation though, only for building one for the build itself. The .Va WITHOUT_CLANG option controls that. .It Va WITHOUT_SYSTEM_LINKER Do not opportunistically skip building a cross-linker during the bootstrap phase of the build. Normally, if the currently installed linker matches the planned bootstrap linker type and revision, then it will not be built. This does not prevent a linker from being built for installation though, only for building one for the build itself. The .Va WITHOUT_LLD option controls that. .Pp This option is only relevant when .Va WITH_LLD_BOOTSTRAP is set. .It Va WITHOUT_TALK Do not build or install .Xr talk 1 and .Xr talkd 8 . .It Va WITHOUT_TCP_WRAPPERS Do not build or install .Xr tcpd 8 , and related utilities. .It Va WITHOUT_TCSH Do not build and install .Pa /bin/csh (which is .Xr tcsh 1 ) . .It Va WITHOUT_TELNET Do not build .Xr telnet 1 and related programs. .It Va WITHOUT_TESTS Do not build nor install the .Fx Test Suite in .Pa /usr/tests/ . See .Xr tests 7 for more details. This also disables the build of all test-related dependencies, including ATF. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_DTRACE_TESTS .El .Pp When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_GOOGLETEST (unless .Va WITH_GOOGLETEST is set explicitly) .It Va WITHOUT_TESTS_SUPPORT (unless .Va WITH_TESTS_SUPPORT is set explicitly) .El .It Va WITHOUT_TESTS_SUPPORT Disable the build of all test-related dependencies, including ATF. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_GOOGLETEST .El .It Va WITHOUT_TEXTPROC Do not build programs used for text processing. .It Va WITHOUT_TFTP Do not build or install .Xr tftp 1 and .Xr tftpd 8 . .It Va WITHOUT_TOOLCHAIN Do not install programs used for program development, compilers, debuggers etc. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_CLANG .It .Va WITHOUT_CLANG_EXTRAS .It .Va WITHOUT_CLANG_FORMAT .It .Va WITHOUT_CLANG_FULL .It .Va WITHOUT_LLD .It .Va WITHOUT_LLDB .It .Va WITHOUT_LLVM_COV .El .It Va WITH_UBSAN Build the base system with Undefined Behavior Sanitizer (UBSan) to detect various kinds of undefined behavior at runtime. Requires that Clang be used as the base system compiler and that the runtime support library is available .It Va WITHOUT_UNBOUND Do not build .Xr unbound 8 and related programs. .It Va WITHOUT_UNIFIED_OBJDIR Use the historical object directory format for .Xr build 7 targets. For native-builds and builds done directly in sub-directories the format of .Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} is used, while for cross-builds .Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} is used. .Pp This option is transitional and will be removed in a future version of .Fx , at which time .Va WITH_UNIFIED_OBJDIR will be enabled permanently. .Pp This must be set in the environment, make command line, or .Pa /etc/src-env.conf , not .Pa /etc/src.conf . .It Va WITHOUT_USB Do not build USB-related programs and libraries. .It Va WITHOUT_USB_GADGET_EXAMPLES Do not build USB gadget kernel modules. .It Va WITHOUT_UTMPX Do not build user accounting tools such as .Xr last 1 , .Xr users 1 , .Xr who 1 , .Xr ac 8 , .Xr lastlogin 8 and .Xr utx 8 . .It Va WITH_VERIEXEC Enable building .Xr veriexec 8 which loads the contents of verified manifests into the kernel for use by .Xr mac_veriexec 4 .Pp Depends on .Va WITH_BEARSSL . .It Va WITHOUT_VI Do not build and install vi, view, ex and related programs. .It Va WITHOUT_VT Do not build .Xr vt 4 support files (fonts and keymaps). .It Va WITHOUT_WARNS Set this to not add warning flags to the compiler invocations. Useful as a temporary workaround when code enters the tree which triggers warnings in environments that differ from the original developer. .It Va WITHOUT_WERROR Set this to not treat compiler warnings as errors. Useful as a temporary workaround when working on fixing compiler warnings. When set, warnings are still printed in the build log but do not fail the build. .It Va WITHOUT_WIRELESS Do not build programs used for 802.11 wireless networks; especially .Xr wpa_supplicant 8 and .Xr hostapd 8 . When set, these options are also in effect: .Pp .Bl -inset -compact .It Va WITHOUT_WIRELESS_SUPPORT (unless .Va WITH_WIRELESS_SUPPORT is set explicitly) .El .It Va WITHOUT_WIRELESS_SUPPORT Build libraries, programs, and kernel modules without 802.11 wireless support. .It Va WITHOUT_WPA_SUPPLICANT_EAPOL Build .Xr wpa_supplicant 8 without support for the IEEE 802.1X protocol and without support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS protocols (usable only via 802.1X). .It Va WITHOUT_ZFS Do not build the ZFS file system kernel module, libraries such as .Xr libbe 3 , and user commands such as .Xr zpool 8 or .Xr zfs 8 . Also disable ZFS support in utilities and libraries which implement ZFS-specific functionality. .It Va WITHOUT_ZONEINFO Do not build the timezone database. When set, it enforces these options: .Pp .Bl -item -compact .It .Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT .El .It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT Build leapsecond information in to the timezone database. .El .Sh FILES .Bl -tag -compact -width Pa .It Pa /etc/src.conf .It Pa /etc/src-env.conf .It Pa /usr/share/mk/bsd.own.mk .El .Sh SEE ALSO .Xr make 1 , .Xr make.conf 5 , .Xr build 7 , .Xr ports 7 .Sh HISTORY The .Nm file appeared in .Fx 7.0 . .Sh AUTHORS This manual page was autogenerated by .An tools/build/options/makeman . diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk index 8120e23cb28b..3c17f9319619 100644 --- a/share/mk/src.opts.mk +++ b/share/mk/src.opts.mk @@ -1,515 +1,515 @@ # $FreeBSD$ # # Option file for FreeBSD /usr/src builds, at least the userland and boot loader # portions of the tree. These options generally chose what parts of the tree to # include or omit and are FreeBSD source tree specific. # # Users define WITH_FOO and WITHOUT_FOO on the command line or in /etc/src.conf # and /etc/make.conf files. These translate in the build system to MK_FOO={yes,no} # with sensible (usually) defaults. # # Makefiles must include bsd.opts.mk after defining specific MK_FOO options that # are applicable for that Makefile (typically there are none, but sometimes there # are exceptions). Recursive makes usually add MK_FOO=no for options that they wish # to omit from that make. # # Makefiles must include bsd.mkopt.mk before they test the value of any MK_FOO # variable. # # Makefiles may also assume that this file is included by src.opts.mk should it # need variables defined there prior to the end of the Makefile where # bsd.{subdir,lib.bin}.mk is traditionally included. # # The old-style YES_FOO and NO_FOO are being phased out. No new instances of them # should be added. Old instances should be removed since they were just to # bridge the gap between FreeBSD 4 and FreeBSD 5. # # Makefiles should never test WITH_FOO or WITHOUT_FOO directly (although an # exception is made for _WITHOUT_SRCONF which turns off this mechanism # completely inside bsd.*.mk files). # .if !target(____) ____: .include # # Define MK_* variables (which are either "yes" or "no") for users # to set via WITH_*/WITHOUT_* in /etc/src.conf and override in the # make(1) environment. # These should be tested with `== "no"' or `!= "no"' in makefiles. # The NO_* variables should only be set by makefiles for variables # that haven't been converted over. # # These options are used by the src builds. Those listed in # __DEFAULT_YES_OPTIONS default to 'yes' and will build unless turned # off. __DEFAULT_NO_OPTIONS will default to 'no' and won't build # unless turned on. Any options listed in 'BROKEN_OPTIONS' will be # hard-wired to 'no'. "Broken" here means not working or # not-appropriate and/or not supported. It doesn't imply something is # wrong with the code. There's not a single good word for this, so # BROKEN was selected as the least imperfect one considered at the # time. Options are added to BROKEN_OPTIONS list on a per-arch basis. # At this time, there's no provision for mutually incompatible options. # Options listed in 'REQUIRED_OPTIONS' will be hard-wired to 'yes'; this # is intended as a transitional measure while options are in the process # of being removed. __DEFAULT_YES_OPTIONS = \ ACCT \ ACPI \ APM \ AT \ AUDIT \ AUTHPF \ AUTOFS \ BHYVE \ BLACKLIST \ BLUETOOTH \ BOOT \ BOOTPARAMD \ BOOTPD \ BSD_CPIO \ BSDINSTALL \ BSNMP \ BZIP2 \ CALENDAR \ - CAPSICUM \ CAROOT \ - CASPER \ CCD \ CDDL \ CLANG \ CLANG_BOOTSTRAP \ CLEAN \ CPP \ CROSS_COMPILER \ CRYPT \ CUSE \ CXGBETOOL \ DIALOG \ DICT \ DMAGENT \ DTRACE \ DYNAMICROOT \ EE \ EFI \ ELFTOOLCHAIN_BOOTSTRAP \ EXAMPLES \ FILE \ FINGER \ FLOPPY \ FORTH \ FP_LIBC \ FREEBSD_UPDATE \ FTP \ GAMES \ GH_BC \ GNU_DIFF \ GOOGLETEST \ GPIO \ HAST \ HTML \ HYPERV \ ICONV \ INET \ INET6 \ INETD \ IPFILTER \ IPFW \ ISCSI \ JAIL \ KDUMP \ KVM \ LDNS \ LDNS_UTILS \ LEGACY_CONSOLE \ LLD \ LLD_BOOTSTRAP \ LLD_IS_LD \ LLVM_ASSERTIONS \ LLVM_COV \ LLVM_CXXFILT \ LOADER_GELI \ LOADER_KBOOT \ LOADER_LUA \ LOADER_OFW \ LOADER_UBOOT \ LOCALES \ LOCATE \ LPR \ LS_COLORS \ MACHDEP_OPTIMIZATIONS \ MAIL \ MAILWRAPPER \ MAKE \ MLX5TOOL \ NETCAT \ NETGRAPH \ NETLINK \ NETLINK_SUPPORT \ NLS_CATALOGS \ NS_CACHING \ NTP \ NVME \ OFED \ OPENSSL \ PAM \ PF \ PKGBOOTSTRAP \ PMC \ PPP \ QUOTAS \ RADIUS_SUPPORT \ RBOOTD \ RESCUE \ ROUTED \ SENDMAIL \ SERVICESDB \ SETUID_LOGIN \ SHARED_TOOLCHAIN \ SHAREDOCS \ SOURCELESS \ SOURCELESS_HOST \ SOURCELESS_UCODE \ STATS \ SYSCONS \ SYSTEM_COMPILER \ SYSTEM_LINKER \ TALK \ TCP_WRAPPERS \ TCSH \ TELNET \ TEXTPROC \ TFTP \ UNBOUND \ USB \ UTMPX \ VI \ VT \ WIRELESS \ WPA_SUPPLICANT_EAPOL \ ZFS \ LOADER_ZFS \ ZONEINFO __DEFAULT_NO_OPTIONS = \ BEARSSL \ BHYVE_SNAPSHOT \ CLANG_EXTRAS \ CLANG_FORMAT \ DETECT_TZ_CHANGES \ DISK_IMAGE_TOOLS_BOOTSTRAP \ DTRACE_TESTS \ EXPERIMENTAL \ HESIOD \ LOADER_VERBOSE \ LOADER_VERIEXEC_PASS_MANIFEST \ LLVM_BINUTILS \ MALLOC_PRODUCTION \ OFED_EXTRA \ OPENLDAP \ REPRODUCIBLE_BUILD \ RPCBIND_WARMSTART_SUPPORT \ SORT_THREADS \ ZONEINFO_LEAPSECONDS_SUPPORT \ __REQUIRED_OPTIONS = \ + CAPSICUM \ + CASPER # LEFT/RIGHT. Left options which default to "yes" unless their corresponding # RIGHT option is disabled. __DEFAULT_DEPENDENT_OPTIONS= \ CLANG_FULL/CLANG \ LLVM_TARGET_ALL/CLANG \ LOADER_VERIEXEC/BEARSSL \ LOADER_EFI_SECUREBOOT/LOADER_VERIEXEC \ LOADER_VERIEXEC_VECTX/LOADER_VERIEXEC \ VERIEXEC/BEARSSL \ # MK_*_SUPPORT options which default to "yes" unless their corresponding # MK_* variable is set to "no". # .for var in \ BLACKLIST \ BZIP2 \ INET \ INET6 \ KERBEROS \ KVM \ NETGRAPH \ PAM \ TESTS \ WIRELESS __DEFAULT_DEPENDENT_OPTIONS+= ${var}_SUPPORT/${var} .endfor # # Default behaviour of some options depends on the architecture. Unfortunately # this means that we have to test TARGET_ARCH (the buildworld case) as well # as MACHINE_ARCH (the non-buildworld case). Normally TARGET_ARCH is not # used at all in bsd.*.mk, but we have to make an exception here if we want # to allow defaults for some things like clang to vary by target architecture. # Additional, per-target behavior should be rarely added only after much # gnashing of teeth and grinding of gears. # .if defined(TARGET_ARCH) __T=${TARGET_ARCH} .else __T=${MACHINE_ARCH} .endif # All supported backends for LLVM_TARGET_XXX __LLVM_TARGETS= \ aarch64 \ arm \ powerpc \ riscv \ x86 __LLVM_TARGET_FILT= C/(amd64|i386)/x86/:C/powerpc.*/powerpc/:C/armv[67]/arm/:C/riscv.*/riscv/ .for __llt in ${__LLVM_TARGETS} # Default enable the given TARGET's LLVM_TARGET support .if ${__T:${__LLVM_TARGET_FILT}} == ${__llt} __DEFAULT_YES_OPTIONS+= LLVM_TARGET_${__llt:${__LLVM_TARGET_FILT}:tu} # aarch64 needs arm for -m32 support. .elif ${__T} == "aarch64" && ${__llt:Marm*} != "" __DEFAULT_DEPENDENT_OPTIONS+= LLVM_TARGET_ARM/LLVM_TARGET_AARCH64 # Default the rest of the LLVM_TARGETs to the value of MK_LLVM_TARGET_ALL. .else __DEFAULT_DEPENDENT_OPTIONS+= LLVM_TARGET_${__llt:${__LLVM_TARGET_FILT}:tu}/LLVM_TARGET_ALL .endif .endfor __DEFAULT_NO_OPTIONS+=LLVM_TARGET_BPF LLVM_TARGET_MIPS .include .if ${__T} == "i386" || ${__T} == "amd64" __DEFAULT_NO_OPTIONS += FDT .else __DEFAULT_YES_OPTIONS += FDT .endif .if ${__T:Marm*} == "" && ${__T:Mriscv64*} == "" __DEFAULT_YES_OPTIONS+=LLDB .else __DEFAULT_NO_OPTIONS+=LLDB .endif # LIB32 is supported on amd64 and powerpc64 .if (${__T} == "amd64" || ${__T} == "powerpc64") __DEFAULT_YES_OPTIONS+=LIB32 .else BROKEN_OPTIONS+=LIB32 .endif # EFI doesn't exist on powerpc (well, officially) and doesn't work on i386 .if ${__T:Mpowerpc*} || ${__T} == "i386" BROKEN_OPTIONS+=EFI .endif # OFW is only for powerpc, exclude others .if ${__T:Mpowerpc*} == "" BROKEN_OPTIONS+=LOADER_OFW .endif # KBOOT is only for powerpc64 (powerpc64le broken) amd64 and aarch64 .if ${__T} != "powerpc64" && ${__T} != "amd64" && ${__T} != "aarch64" BROKEN_OPTIONS+=LOADER_KBOOT .endif # UBOOT is only for arm, and big-endian powerpc .if (${__T:Marm*} == "" && ${__T:Mpowerpc*} == "") || ${__T} == "powerpc64le" BROKEN_OPTIONS+=LOADER_UBOOT .endif # GELI and Lua in loader currently cause boot failures on powerpc. # Further debugging is required -- probably they are just broken on big # endian systems generically (they jump to null pointers or try to read # crazy high addresses, which is typical of endianness problems). .if ${__T:Mpowerpc*} BROKEN_OPTIONS+=LOADER_GELI LOADER_LUA .endif # Kernel TLS is enabled by default on amd64, aarch64 and powerpc64* .if ${__T} == "aarch64" || ${__T} == "amd64" || ${__T:Mpowerpc64*} != "" __DEFAULT_YES_OPTIONS+=OPENSSL_KTLS .else __DEFAULT_NO_OPTIONS+=OPENSSL_KTLS .endif .if ${__T} != "aarch64" && ${__T} != "amd64" && ${__T} != "i386" && \ ${__T:Mpowerpc64*} == "" BROKEN_OPTIONS+=CXGBETOOL BROKEN_OPTIONS+=MLX5TOOL .endif .if ${__T} != "amd64" && ${__T} != "i386" && ${__T} != "aarch64" BROKEN_OPTIONS+=HYPERV .endif # NVME is only aarch64, x86 and powerpc64* .if ${__T} != "aarch64" && ${__T} != "amd64" && ${__T} != "i386" && \ ${__T:Mpowerpc64*} == "" BROKEN_OPTIONS+=NVME .endif .if ${__T} == "aarch64" || ${__T} == "amd64" || ${__T} == "i386" || \ ${__T:Mpowerpc64*} != "" || ${__T:Mriscv64*} != "" __DEFAULT_YES_OPTIONS+=OPENMP .else __DEFAULT_NO_OPTIONS+=OPENMP .endif # Broken on 32-bit arm, kernel module compile errors .if ${__T:Marm*} != "" BROKEN_OPTIONS+= OFED .endif # MK_host_egacy is set by local.sys.mk so is valid here .if ${MACHINE} == "host" && ${MK_host_egacy} == "yes" # we cannot expect tests to work BROKEN_OPTIONS+= TESTS .endif .-include .include # # Force some options off if their dependencies are off. # Order is somewhat important. # .if ${MK_CAPSICUM} == "no" MK_CASPER:= no .endif .if ${MK_SOURCELESS} == "no" MK_SOURCELESS_HOST:= no MK_SOURCELESS_UCODE:= no .endif .if ${MK_CDDL} == "no" MK_CTF:= no MK_DTRACE:= no MK_LOADER_ZFS:= no MK_ZFS:= no .endif .if ${MK_CRYPT} == "no" MK_OPENSSL:= no MK_OPENSSH:= no MK_KERBEROS:= no MK_KERBEROS_SUPPORT:= no .endif .if ${MK_DIALOG} == "no" MK_BSDINSTALL:= no .endif .if ${MK_DTRACE} == "no" MK_CTF:= no .endif .if ${MK_MAIL} == "no" MK_MAILWRAPPER:= no MK_SENDMAIL:= no MK_DMAGENT:= no .endif .if ${MK_NETGRAPH} == "no" MK_BLUETOOTH:= no .endif .if ${MK_NLS} == "no" MK_NLS_CATALOGS:= no .endif .if ${MK_OPENSSL} == "no" MK_DMAGENT:= no MK_OPENSSH:= no MK_OPENSSL_KTLS:= no MK_KERBEROS:= no MK_KERBEROS_SUPPORT:= no MK_LDNS:= no MK_PKGBOOTSTRAP:= no MK_LOADER_ZFS:= no MK_ZFS:= no .endif .if ${MK_LDNS} == "no" MK_LDNS_UTILS:= no MK_UNBOUND:= no .endif .if ${MK_PF} == "no" MK_AUTHPF:= no .endif .if ${MK_OFED} == "no" MK_OFED_EXTRA:= no .endif .if ${MK_TESTS} == "no" MK_DTRACE_TESTS:= no .endif .if ${MK_TESTS_SUPPORT} == "no" MK_GOOGLETEST:= no .endif .if ${MK_ZONEINFO} == "no" MK_ZONEINFO_LEAPSECONDS_SUPPORT:= no .endif .if ${MK_CROSS_COMPILER} == "no" MK_CLANG_BOOTSTRAP:= no MK_ELFTOOLCHAIN_BOOTSTRAP:= no MK_LLD_BOOTSTRAP:= no .endif .if ${MK_TOOLCHAIN} == "no" MK_CLANG:= no MK_LLD:= no MK_LLDB:= no MK_LLVM_BINUTILS:= no .endif .if ${MK_CLANG} == "no" MK_CLANG_EXTRAS:= no MK_CLANG_FORMAT:= no MK_CLANG_FULL:= no MK_LLVM_COV:= no .endif .if ${MK_ASAN} == "yes" # In order to get sensible backtraces from ASAN we have to install # llvm-symbolizer as /usr/bin/addr2line instead of the elftoolchain version. MK_LLVM_BINUTILS:= yes .endif .if ${MK_LLVM_BINUTILS} == "yes" # MK_LLVM_CXXFILT is a subset of MK_LLVM_BINUTILS and should therefore be # enabled if MK_LLVM_BINUTILS is set. MK_LLVM_CXXFILT:= yes .endif .if ${MK_LOADER_VERIEXEC} == "no" MK_LOADER_VERIEXEC_PASS_MANIFEST := no .endif # # MK_* options whose default value depends on another option. # .for vv in \ GSSAPI/KERBEROS \ MAN_UTILS/MAN .if defined(WITH_${vv:H}) MK_${vv:H}:= yes .elif defined(WITHOUT_${vv:H}) MK_${vv:H}:= no .else MK_${vv:H}:= ${MK_${vv:T}} .endif .endfor # # Set defaults for the MK_*_SUPPORT variables. # .endif # !target(____) diff --git a/tools/build/options/WITHOUT_CAPSICUM b/tools/build/options/WITHOUT_CAPSICUM deleted file mode 100644 index 9d0eb89e491d..000000000000 --- a/tools/build/options/WITHOUT_CAPSICUM +++ /dev/null @@ -1,2 +0,0 @@ -.\" $FreeBSD$ -Do not build Capsicum support into system programs. diff --git a/tools/build/options/WITHOUT_CASPER b/tools/build/options/WITHOUT_CASPER deleted file mode 100644 index 32bfa960d7d5..000000000000 --- a/tools/build/options/WITHOUT_CASPER +++ /dev/null @@ -1,2 +0,0 @@ -.\" $FreeBSD$ -Do not build Casper program and related libraries.