1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. 2.Dd September 10, 2025 3.Dt SRC.CONF 5 4.Os 5.Sh NAME 6.Nm src.conf 7.Nd "source build options" 8.Sh DESCRIPTION 9The 10.Nm 11file contains variables that control what components will be generated during 12the build process of the 13.Fx 14source tree; see 15.Xr build 7 . 16.Pp 17The 18.Nm 19file uses the standard makefile syntax. 20However, 21.Nm 22should not specify any dependencies to 23.Xr make 1 . 24Instead, 25.Nm 26is to set 27.Xr make 1 28variables that control the aspects of how the system builds. 29.Pp 30The default location of 31.Nm 32is the top level of the source tree, or 33.Pa /etc/src.conf 34if no 35.Nm 36is found in the source tree itself, 37though an alternative location can be specified in the 38.Xr make 1 39variable 40.Va SRCCONF . 41Overriding the location of 42.Nm 43may be necessary if the system-wide settings are not suitable 44for a particular build. 45For instance, setting 46.Va SRCCONF 47to 48.Pa /dev/null 49effectively resets all build controls to their defaults. 50.Pp 51The only purpose of 52.Nm 53is to control the compilation of the 54.Fx 55source code, which is usually located in 56.Pa /usr/src . 57As a rule, the system administrator creates 58.Nm 59when the values of certain control variables need to be changed 60from their defaults. 61.Pp 62In addition, control variables can be specified 63for a particular build via the 64.Fl D 65option of 66.Xr make 1 67or in its environment; see 68.Xr environ 7 . 69.Pp 70The environment of 71.Xr make 1 72for the build can be controlled via the 73.Va SRC_ENV_CONF 74variable, which defaults to 75.Pa /etc/src-env.conf . 76Some examples that may only be set in this file are 77.Va WITH_DIRDEPS_BUILD , 78and 79.Va WITH_META_MODE , 80and 81.Va MAKEOBJDIRPREFIX 82as they are environment-only variables. 83.Pp 84The values of 85.Va WITH_ 86and 87.Va WITHOUT_ 88variables are ignored regardless of their setting; 89even if they would be set to 90.Dq Li FALSE 91or 92.Dq Li NO . 93The presence of an option causes 94it to be honored by 95.Xr make 1 . 96.Pp 97This list provides a name and short description for variables 98that can be used for source builds. 99.Bl -tag -width indent 100.It Va WITHOUT_ACCT 101Do not build process accounting tools such as 102.Xr accton 8 103and 104.Xr sa 8 . 105.It Va WITHOUT_ACPI 106Do not build 107.Xr acpiconf 8 , 108.Xr acpidump 8 109and related programs. 110.It Va WITHOUT_APM 111Do not build 112.Xr apm 8 , 113.Xr apmd 8 114and related programs. 115.It Va WITH_ASAN 116Build the base system with Address Sanitizer (ASan) to detect 117memory corruption bugs such as buffer overflows or use-after-free. 118Requires that Clang be used as the base system compiler 119and that the runtime support library is available. 120When set, it enforces these options: 121.Pp 122.Bl -item -compact 123.It 124.Va WITH_LLVM_BINUTILS 125.It 126.Va WITH_LLVM_CXXFILT 127.El 128.It Va WITHOUT_ASSERT_DEBUG 129Compile programs and libraries without the 130.Xr assert 3 131checks. 132.It Va WITHOUT_AT 133Do not build 134.Xr at 1 135and related utilities. 136.It Va WITHOUT_AUDIT 137Do not build audit support into system programs. 138.It Va WITHOUT_AUTHPF 139Do not build 140.Xr authpf 8 . 141.It Va WITHOUT_AUTOFS 142Do not build 143.Xr autofs 4 144related programs, libraries, and kernel modules. 145.It Va WITHOUT_AUTO_OBJ 146Disable automatic creation of objdirs. 147This is enabled by default if the wanted OBJDIR is writable by the current user. 148.Pp 149This must be set in the environment, make command line, or 150.Pa /etc/src-env.conf , 151not 152.Pa /etc/src.conf . 153.It Va WITH_BEARSSL 154Build the BearSSL library. 155.Pp 156BearSSL is a tiny SSL library suitable for embedded environments. 157For details see 158.Lk https://www.BearSSL.org/ 159.Pp 160This library is currently only used to perform 161signature verification and related operations 162for Verified Exec and 163.Xr loader 8 . 164.Pp 165Due to size constraints in the BIOS environment on x86, one may need to set 166.Va LOADERSIZE 167larger than the 168default 500000, although often loader is under the 500k limit even with 169this option. 170Setting 171.Va LOADERSIZE 172larger than 500000 may cause 173.Xr pxeboot 8 174to be too large to work. 175Careful testing of the loader in the target environment when built with a larger 176limit to establish safe limits is critical because different BIOS environments 177reserve differing amounts of the low 640k space, making a precise limit for 178everybody impossible. 179.Pp 180See also 181.Va WITH_LOADER_PXEBOOT 182for other considerations. 183When set, these options are also in effect: 184.Pp 185.Bl -inset -compact 186.It Va WITH_LOADER_EFI_SECUREBOOT 187(unless 188.Va WITHOUT_LOADER_EFI_SECUREBOOT 189is set explicitly) 190.It Va WITH_LOADER_VERIEXEC 191(unless 192.Va WITHOUT_LOADER_VERIEXEC 193is set explicitly) 194.It Va WITH_LOADER_VERIEXEC_VECTX 195(unless 196.Va WITHOUT_LOADER_VERIEXEC_VECTX 197is set explicitly) 198.It Va WITH_VERIEXEC 199(unless 200.Va WITHOUT_VERIEXEC 201is set explicitly) 202.El 203.It Va WITHOUT_BHYVE 204Do not build or install 205.Xr bhyve 8 , 206associated utilities, and examples. 207.Pp 208This option only affects amd64/amd64 and arm64/aarch64. 209.It Va WITH_BHYVE_SNAPSHOT 210Include support for save and restore (snapshots) in 211.Xr bhyve 8 212and 213.Xr bhyvectl 8 . 214.Pp 215This option only affects amd64/amd64. 216.It Va WITH_BIND_NOW 217Build all binaries with the 218.Dv DF_BIND_NOW 219flag set to indicate that the run-time loader should perform all relocation 220processing at process startup rather than on demand. 221The combination of the 222.Va BIND_NOW 223and 224.Va RELRO 225options provide "full" Relocation Read-Only (RELRO) support. 226With full RELRO the entire GOT is made read-only after performing relocation at 227startup, avoiding GOT overwrite attacks. 228.It Va WITHOUT_BLACKLIST 229Set this if you do not want to build 230.Xr blacklistd 8 231and 232.Xr blacklistctl 8 . 233When set, these options are also in effect: 234.Pp 235.Bl -inset -compact 236.It Va WITHOUT_BLACKLIST_SUPPORT 237(unless 238.Va WITH_BLACKLIST_SUPPORT 239is set explicitly) 240.El 241.It Va WITHOUT_BLACKLIST_SUPPORT 242Build some programs without 243.Xr libblacklist 3 244support, like 245.Xr fingerd 8 , 246.Xr ftpd 8 , 247and 248.Xr sshd 8 . 249.It Va WITHOUT_BLUETOOTH 250Do not build Bluetooth related kernel modules, programs and libraries. 251.It Va WITHOUT_BOOT 252Do not build the boot blocks and loader. 253.It Va WITHOUT_BOOTPARAMD 254Do not build or install 255.Xr bootparamd 8 . 256.It Va WITHOUT_BOOTPD 257Do not build or install 258.Xr bootpd 8 . 259.It Va WITH_BRANCH_PROTECTION 260Build with branch protection enabled. 261On arm64 enable the use of pointer authentication and 262branch target identification instructions on arm64. 263These can be used to help mitigate some exploit techniques. 264.It Va WITHOUT_BSDINSTALL 265Do not build 266.Xr bsdinstall 8 , 267.Xr sade 8 , 268and related programs. 269.It Va WITHOUT_BSD_CPIO 270Do not build the BSD licensed version of cpio based on 271.Xr libarchive 3 . 272.It Va WITHOUT_BSNMP 273Do not build or install 274.Xr bsnmpd 1 275and related libraries and data files. 276.It Va WITHOUT_BZIP2 277Do not build contributed bzip2 software as a part of the base system. 278.Bf -symbolic 279The option has no effect yet. 280.Ef 281When set, these options are also in effect: 282.Pp 283.Bl -inset -compact 284.It Va WITHOUT_BZIP2_SUPPORT 285(unless 286.Va WITH_BZIP2_SUPPORT 287is set explicitly) 288.El 289.It Va WITHOUT_BZIP2_SUPPORT 290Build some programs without optional bzip2 support. 291.It Va WITHOUT_CALENDAR 292Do not build 293.Xr calendar 1 . 294.It Va WITHOUT_CAROOT 295Do not add the trusted certificates from the Mozilla NSS bundle to 296base. 297.It Va WITHOUT_CASPER 298This option has no effect. 299.It Va WITH_CCACHE_BUILD 300Use 301.Xr ccache 1 302for the build. 303No configuration is required except to install the 304.Sy devel/ccache 305or 306.Sy devel/sccache 307package. 308When using with 309.Xr distcc 1 , 310set 311.Sy CCACHE_PREFIX=/usr/local/bin/distcc . 312When using with sccache 313set 314.Sy CCACHE_NAME=sccache 315in 316.Xr src.conf 5 . 317The default cache directory of 318.Pa $HOME/.ccache 319will be used, which can be overridden by setting 320.Sy CCACHE_DIR . 321The 322.Sy CCACHE_COMPILERCHECK 323option defaults to 324.Sy content 325when using the in-tree bootstrap compiler, 326and 327.Sy mtime 328when using an external compiler. 329The 330.Sy CCACHE_CPP2 331option is used for Clang but not GCC. 332.Pp 333Sharing a cache between multiple work directories requires using a layout 334similar to 335.Pa /some/prefix/src 336.Pa /some/prefix/obj 337and an environment such as: 338.Bd -literal -offset indent 339CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' 340.Ed 341.Pp 342See 343.Xr ccache 1 344for more configuration options. 345.It Va WITHOUT_CCD 346Do not build 347.Xr geom_ccd 4 348and related utilities. 349.It Va WITHOUT_CDDL 350Do not build code licensed under Sun's CDDL. 351When set, it enforces these options: 352.Pp 353.Bl -item -compact 354.It 355.Va WITHOUT_CTF 356.It 357.Va WITHOUT_DTRACE 358.It 359.Va WITHOUT_LOADER_ZFS 360.It 361.Va WITHOUT_ZFS 362.It 363.Va WITHOUT_ZFS_TESTS 364.El 365.It Va WITHOUT_CLANG 366Do not build the Clang C/C++ compiler during the regular phase of the build. 367When set, it enforces these options: 368.Pp 369.Bl -item -compact 370.It 371.Va WITHOUT_CLANG_EXTRAS 372.It 373.Va WITHOUT_CLANG_FORMAT 374.It 375.Va WITHOUT_CLANG_FULL 376.It 377.Va WITHOUT_LLVM_COV 378.El 379.Pp 380When set, these options are also in effect: 381.Pp 382.Bl -inset -compact 383.It Va WITHOUT_LLVM_TARGET_AARCH64 384(unless 385.Va WITH_LLVM_TARGET_AARCH64 386is set explicitly) 387.It Va WITHOUT_LLVM_TARGET_ALL 388(unless 389.Va WITH_LLVM_TARGET_ALL 390is set explicitly) 391.It Va WITHOUT_LLVM_TARGET_ARM 392(unless 393.Va WITH_LLVM_TARGET_ARM 394is set explicitly) 395.It Va WITHOUT_LLVM_TARGET_POWERPC 396(unless 397.Va WITH_LLVM_TARGET_POWERPC 398is set explicitly) 399.It Va WITHOUT_LLVM_TARGET_RISCV 400(unless 401.Va WITH_LLVM_TARGET_RISCV 402is set explicitly) 403.El 404.It Va WITHOUT_CLANG_BOOTSTRAP 405Do not build the Clang C/C++ compiler during the bootstrap phase of 406the build. 407To be able to build the system, either gcc or clang bootstrap must be 408enabled unless an alternate compiler is provided via XCC. 409.It Va WITH_CLANG_EXTRAS 410Build additional clang and llvm tools, such as bugpoint and 411clang-format. 412.It Va WITH_CLANG_FORMAT 413Build clang-format. 414.It Va WITHOUT_CLANG_FULL 415Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of 416the Clang C/C++ compiler. 417.It Va WITH_CLEAN 418Clean before building world and/or kernel. 419Note that recording a new epoch in 420.Pa .clean_build_epoch 421in the root of the source tree will also force a clean world build. 422.It Va WITHOUT_CPP 423Do not build 424.Xr cpp 1 . 425.It Va WITHOUT_CROSS_COMPILER 426Do not build any cross compiler in the cross-tools stage of buildworld. 427When compiling a different version of 428.Fx 429than what is installed on the system, provide an alternate 430compiler with XCC to ensure success. 431When compiling with an identical version of 432.Fx 433to the host, this option may be safely used. 434This option may also be safe when the host version of 435.Fx 436is close to the sources being built, but all bets are off if there have 437been any changes to the toolchain between the versions. 438When set, it enforces these options: 439.Pp 440.Bl -item -compact 441.It 442.Va WITHOUT_CLANG_BOOTSTRAP 443.It 444.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 445.It 446.Va WITHOUT_LLD_BOOTSTRAP 447.El 448.It Va WITHOUT_CRYPT 449Do not build any crypto code. 450When set, it enforces these options: 451.Pp 452.Bl -item -compact 453.It 454.Va WITHOUT_DMAGENT 455.It 456.Va WITHOUT_KERBEROS 457.It 458.Va WITHOUT_LDNS 459.It 460.Va WITHOUT_LDNS_UTILS 461.It 462.Va WITHOUT_LOADER_ZFS 463.It 464.Va WITHOUT_MITKRB5 465.It 466.Va WITHOUT_OPENSSH 467.It 468.Va WITHOUT_OPENSSL 469.It 470.Va WITHOUT_OPENSSL_KTLS 471.It 472.Va WITHOUT_PKGBOOTSTRAP 473.It 474.Va WITHOUT_UNBOUND 475.It 476.Va WITHOUT_ZFS 477.It 478.Va WITHOUT_ZFS_TESTS 479.El 480.Pp 481When set, these options are also in effect: 482.Pp 483.Bl -inset -compact 484.It Va WITHOUT_KERBEROS_SUPPORT 485(unless 486.Va WITH_KERBEROS_SUPPORT 487is set explicitly) 488.El 489.It Va WITH_CTF 490Compile with CTF (Compact C Type Format) data. 491CTF data encapsulates a reduced form of debugging information 492similar to DWARF and the venerable stabs and is required for DTrace. 493.It Va WITHOUT_CUSE 494Do not build CUSE-related programs and libraries. 495.It Va WITHOUT_CXGBETOOL 496Do not build 497.Xr cxgbetool 8 498.Pp 499This is a default setting on 500arm/armv7 and riscv/riscv64. 501.It Va WITH_CXGBETOOL 502Build 503.Xr cxgbetool 8 504.Pp 505This is a default setting on 506amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 507.It Va WITHOUT_DEBUG_FILES 508Avoid building or installing standalone debug files for each 509executable binary and shared library. 510.It Va WITH_DETECT_TZ_CHANGES 511Make the time handling code detect changes to the timezone files. 512.It Va WITH_DIALOG 513Do build 514.Xr dialog 1 , 515.Xr dialog 3 , 516.Xr dpv 1 , 517and 518.Xr dpv 3 . 519.It Va WITHOUT_DICT 520Do not build the Webster dictionary files. 521.It Va WITH_DIRDEPS_BUILD 522This is an alternate build system. 523For details see 524https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. 525Build commands can be seen from the top-level with: 526.Dl make show-valid-targets 527The build is driven by dirdeps.mk using 528.Va DIRDEPS 529stored in 530Makefile.depend files found in each directory. 531.Pp 532The build can be started from anywhere, and behaves the same. 533The initial instance of 534.Xr make 1 535recursively reads 536.Va DIRDEPS 537from 538.Pa Makefile.depend , 539computing a graph of tree dependencies from the current origin. 540Setting 541.Va NO_DIRDEPS 542skips checking dirdep dependencies and will only build in the current 543and child directories. 544.Va NO_DIRDEPS_BELOW 545skips building any dirdeps and only build the current directory. 546.Pp 547This also utilizes the 548.Va WITH_META_MODE 549logic for incremental builds. 550.Pp 551The build hides commands executed unless 552.Va NO_SILENT 553is defined. 554.Pp 555Note that there is currently no mass install feature for this. 556This build is designed for producing packages, that can then be installed 557on a target system. 558.Pp 559The implementation in 560.Fx 561is incomplete. 562Completion would require leaf directories for building each kernel 563and package so that their dependencies can be tracked. 564When set, it enforces these options: 565.Pp 566.Bl -item -compact 567.It 568.Va WITH_INSTALL_AS_USER 569.El 570.Pp 571When set, these options are also in effect: 572.Pp 573.Bl -inset -compact 574.It Va WITH_META_ERROR_TARGET 575(unless 576.Va WITHOUT_META_ERROR_TARGET 577is set explicitly) 578.It Va WITH_META_MODE 579(unless 580.Va WITHOUT_META_MODE 581is set explicitly) 582.It Va WITH_STAGING 583(unless 584.Va WITHOUT_STAGING 585is set explicitly) 586.It Va WITH_STAGING_MAN 587(unless 588.Va WITHOUT_STAGING_MAN 589is set explicitly) 590.It Va WITH_STAGING_PROG 591(unless 592.Va WITHOUT_STAGING_PROG 593is set explicitly) 594.It Va WITH_SYSROOT 595(unless 596.Va WITHOUT_SYSROOT 597is set explicitly) 598.El 599.Pp 600This must be set in the environment, make command line, or 601.Pa /etc/src-env.conf , 602not 603.Pa /etc/src.conf . 604.It Va WITH_DIRDEPS_CACHE 605Cache result of dirdeps.mk which can save significant time 606for subsequent builds. 607Depends on 608.Va WITH_DIRDEPS_BUILD . 609.Pp 610This must be set in the environment, make command line, or 611.Pa /etc/src-env.conf , 612not 613.Pa /etc/src.conf . 614.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP 615Build 616.Xr etdump 1 , 617.Xr makefs 8 618and 619.Xr mkimg 1 620as bootstrap tools. 621.It Va WITHOUT_DMAGENT 622Do not build dma Mail Transport Agent. 623.It Va WITHOUT_DOCCOMPRESS 624Do not install compressed system documentation. 625Only the uncompressed version will be installed. 626.It Va WITHOUT_DTRACE 627Do not build DTrace framework kernel modules, libraries, and user commands. 628When set, it enforces these options: 629.Pp 630.Bl -item -compact 631.It 632.Va WITHOUT_CTF 633.El 634.It Va WITH_DTRACE_ASAN 635Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1)) 636with address and undefined behavior sanitizers. 637Requires that Clang be used as the base system compiler 638and that the runtime support library is available. 639.It Va WITH_DTRACE_TESTS 640Build and install the DTrace test suite in 641.Pa /usr/tests/cddl/usr.sbin/dtrace . 642This test suite is considered experimental on architectures other than 643amd64/amd64 and running it may cause system instability. 644.It Va WITHOUT_DYNAMICROOT 645Set this if you do not want to link 646.Pa /bin 647and 648.Pa /sbin 649dynamically. 650.It Va WITHOUT_EE 651Do not build and install 652.Xr edit 1 , 653.Xr ee 1 , 654and related programs. 655.It Va WITHOUT_EFI 656Set not to build 657.Xr efivar 3 658and 659.Xr efivar 8 . 660.Pp 661This is a default setting on 662i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 663.It Va WITH_EFI 664Build 665.Xr efivar 3 666and 667.Xr efivar 8 . 668.Pp 669This is a default setting on 670amd64/amd64, arm/armv7, arm64/aarch64 and riscv/riscv64. 671.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 672Do not build ELF Tool Chain tools 673(addr2line, nm, size, strings and strip) 674as part of the bootstrap process. 675.Bf -symbolic 676An alternate bootstrap tool chain must be provided. 677.Ef 678.It Va WITHOUT_EXAMPLES 679Avoid installing examples to 680.Pa /usr/share/examples/ . 681.It Va WITH_EXPERIMENTAL 682Include experimental features in the build. 683.It Va WITHOUT_FDT 684Do not build Flattened Device Tree support as part of the base system. 685This includes the device tree compiler (dtc) and libfdt support library. 686.Pp 687This is a default setting on 688amd64/amd64 and i386/i386. 689.It Va WITH_FDT 690Build Flattened Device Tree support as part of the base system. 691This includes the device tree compiler (dtc) and libfdt support library. 692.Pp 693This is a default setting on 694arm/armv7, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 695.It Va WITHOUT_FILE 696Do not build 697.Xr file 1 698and related programs. 699.It Va WITHOUT_FINGER 700Do not build or install 701.Xr finger 1 702and 703.Xr fingerd 8 . 704.It Va WITHOUT_FLOPPY 705Do not build or install programs 706for operating floppy disk driver. 707.It Va WITHOUT_FORMAT_EXTENSIONS 708Do not enable 709.Fl fformat-extensions 710when compiling the kernel. 711Also disables all format checking. 712.It Va WITHOUT_FORTH 713Build bootloaders without Forth support. 714.It Va WITHOUT_FP_LIBC 715Build 716.Nm libc 717without floating-point support. 718.It Va WITHOUT_FREEBSD_UPDATE 719Do not build 720.Xr freebsd-update 8 . 721.It Va WITHOUT_FTP 722Do not build or install 723.Xr ftp 1 724and 725.Xr ftpd 8 . 726.It Va WITHOUT_GAMES 727Do not build games. 728.It Va WITHOUT_GNU_DIFF 729Do not build GNU 730.Xr diff3 1 ; 731build BSD 732.Xr diff3 1 733instead. 734.It Va WITHOUT_GOOGLETEST 735Neither build nor install 736.Lb libgmock , 737.Lb libgtest , 738and dependent tests. 739.It Va WITHOUT_GPIO 740Do not build 741.Xr gpioctl 8 742as part of the base system. 743.It Va WITHOUT_HAST 744Do not build 745.Xr hastd 8 746and related utilities. 747.It Va WITH_HESIOD 748Build Hesiod support. 749.It Va WITHOUT_HTML 750Do not build HTML docs. 751.It Va WITHOUT_HYPERV 752Do not build or install HyperV utilities. 753.Pp 754This is a default setting on 755arm/armv7, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 756.It Va WITH_HYPERV 757Build or install HyperV utilities. 758.Pp 759This is a default setting on 760amd64/amd64, arm64/aarch64 and i386/i386. 761.It Va WITHOUT_ICONV 762Do not build iconv as part of libc. 763.It Va WITHOUT_INCLUDES 764Do not install header files. 765This option used to be spelled 766.Va NO_INCS . 767.Bf -symbolic 768The option does not work for build targets. 769.Ef 770.It Va WITHOUT_INET 771Do not build programs and libraries related to IPv4 networking. 772When set, it enforces these options: 773.Pp 774.Bl -item -compact 775.It 776.Va WITHOUT_INET_SUPPORT 777.El 778.It Va WITHOUT_INET6 779Do not build 780programs and libraries related to IPv6 networking. 781When set, it enforces these options: 782.Pp 783.Bl -item -compact 784.It 785.Va WITHOUT_INET6_SUPPORT 786.El 787.It Va WITHOUT_INET6_SUPPORT 788Build libraries, programs, and kernel modules without IPv6 support. 789.It Va WITHOUT_INETD 790Do not build 791.Xr inetd 8 . 792.It Va WITHOUT_INET_SUPPORT 793Build libraries, programs, and kernel modules without IPv4 support. 794.It Va WITHOUT_INSTALLLIB 795Set this to not install optional libraries. 796For example, when creating a 797.Xr nanobsd 8 798image. 799.Bf -symbolic 800The option does not work for build targets. 801.Ef 802.It Va WITH_INSTALL_AS_USER 803Make install targets succeed for non-root users by installing 804files with owner and group attributes set to that of the user running 805the 806.Xr make 1 807command. 808The user still must set the 809.Va DESTDIR 810variable to point to a directory where the user has write permissions. 811.It Va WITHOUT_IPFILTER 812Do not build IP Filter package. 813.It Va WITHOUT_IPFW 814Do not build IPFW tools. 815.It Va WITHOUT_IPSEC_SUPPORT 816Do not build the kernel with 817.Xr ipsec 4 818support. 819This option is needed for 820.Xr ipsec 4 821and 822.Xr tcpmd5 4 . 823.It Va WITHOUT_ISCSI 824Do not build 825.Xr iscsid 8 826and related utilities. 827.It Va WITHOUT_JAIL 828Do not build tools for the support of jails; e.g., 829.Xr jail 8 . 830.It Va WITHOUT_JEMALLOC_LG_VADDR_WIDE 831Disallow programs to use more than 48 address bits on amd64. 832Incompatible with LA57 mode. 833Enabling this option might result in a slight reduction in memory 834consumption for jemalloc metadata, but also requires disabling LA57 835(if hardware supports it). 836.It Va WITHOUT_KDUMP 837Do not build 838.Xr kdump 1 839and 840.Xr truss 1 . 841.It Va WITHOUT_KERBEROS 842Set this to not build Kerberos. 843When set, these options are also in effect: 844.Pp 845.Bl -inset -compact 846.It Va WITHOUT_KERBEROS_SUPPORT 847(unless 848.Va WITH_KERBEROS_SUPPORT 849is set explicitly) 850.El 851.It Va WITHOUT_KERBEROS_SUPPORT 852Build some programs without Kerberos support, like 853.Xr ssh 1 , 854.Xr telnet 1 , 855and 856.Xr sshd 8 . 857.It Va WITH_KERNEL_BIN 858Generate and install kernel.bin from kernel as part of the normal build and 859install processes for the kernel. Available only on arm and arm64. 860 861Usually this will be added to the kernel config file with: 862 863makeoptions WITH_KERNEL_BIN=1 864 865though it can also be used on the command line. 866.It Va WITH_KERNEL_RETPOLINE 867Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel 868build. 869.It Va WITHOUT_KERNEL_SYMBOLS 870Do not install standalone kernel debug symbol files. 871This option has no effect at build time. 872.It Va WITHOUT_KVM 873Do not build the 874.Nm libkvm 875library as a part of the base system. 876.Bf -symbolic 877The option has no effect yet. 878.Ef 879When set, these options are also in effect: 880.Pp 881.Bl -inset -compact 882.It Va WITHOUT_KVM_SUPPORT 883(unless 884.Va WITH_KVM_SUPPORT 885is set explicitly) 886.El 887.It Va WITHOUT_KVM_SUPPORT 888Build some programs without optional 889.Nm libkvm 890support. 891.It Va WITHOUT_LDNS 892Setting this variable will prevent the LDNS library from being built. 893When set, it enforces these options: 894.Pp 895.Bl -item -compact 896.It 897.Va WITHOUT_LDNS_UTILS 898.It 899.Va WITHOUT_UNBOUND 900.El 901.It Va WITHOUT_LDNS_UTILS 902Setting this variable will prevent building the LDNS utilities 903.Xr drill 1 904and 905.Xr host 1 . 906.It Va WITHOUT_LEGACY_CONSOLE 907Do not build programs that support a legacy PC console; e.g., 908.Xr kbdcontrol 1 909and 910.Xr vidcontrol 1 . 911.It Va WITHOUT_LIB32 912On 64-bit platforms, do not build 32-bit library set and a 913.Nm ld-elf32.so.1 914runtime linker. 915.Pp 916This is a default setting on 917arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 918.It Va WITH_LIB32 919On 64-bit platforms, build the 32-bit library set and a 920.Nm ld-elf32.so.1 921runtime linker. 922.Pp 923This is a default setting on 924amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 925.It Va WITHOUT_LLD 926Do not build LLVM's lld linker. 927.It Va WITHOUT_LLDB 928Do not build the LLDB debugger. 929.Pp 930This is a default setting on 931arm/armv7 and riscv/riscv64. 932.It Va WITH_LLDB 933Build the LLDB debugger. 934.Pp 935This is a default setting on 936amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 937.It Va WITHOUT_LLD_BOOTSTRAP 938Do not build the LLD linker during the bootstrap phase of 939the build. 940To be able to build the system an alternate linker must be provided via XLD. 941.It Va WITHOUT_LLVM_ASSERTIONS 942Disable debugging assertions in LLVM. 943.It Va WITHOUT_LLVM_BINUTILS 944Install ELF Tool Chain's binary utilities instead of LLVM's. 945This includes 946.Xr addr2line 1 , 947.Xr ar 1 , 948.Xr nm 1 , 949.Xr objcopy 1 , 950.Xr ranlib 1 , 951.Xr readelf 1 , 952.Xr size 1 , 953and 954.Xr strip 1 . 955Regardless of this setting, LLVM tools are used for 956.Xr c++filt 1 957and 958.Xr objdump 1 . 959.Xr strings 1 960is always provided by ELF Tool Chain. 961.It Va WITHOUT_LLVM_COV 962Do not build the 963.Xr llvm-cov 1 964tool. 965.It Va WITHOUT_LLVM_CXXFILT 966Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. 967.It Va WITH_LLVM_FULL_DEBUGINFO 968Generate full debug information for LLVM libraries and tools, which uses 969more disk space and build resources, but allows for easier debugging. 970.It Va WITHOUT_LLVM_TARGET_AARCH64 971Do not build LLVM target support for AArch64. 972The 973.Va LLVM_TARGET_ALL 974option should be used rather than this in most cases. 975.It Va WITHOUT_LLVM_TARGET_ALL 976Only build the required LLVM target support. 977This option is preferred to specific target support options. 978When set, these options are also in effect: 979.Pp 980.Bl -inset -compact 981.It Va WITHOUT_LLVM_TARGET_AARCH64 982(unless 983.Va WITH_LLVM_TARGET_AARCH64 984is set explicitly) 985.It Va WITHOUT_LLVM_TARGET_ARM 986(unless 987.Va WITH_LLVM_TARGET_ARM 988is set explicitly) 989.It Va WITHOUT_LLVM_TARGET_POWERPC 990(unless 991.Va WITH_LLVM_TARGET_POWERPC 992is set explicitly) 993.It Va WITHOUT_LLVM_TARGET_RISCV 994(unless 995.Va WITH_LLVM_TARGET_RISCV 996is set explicitly) 997.El 998.It Va WITHOUT_LLVM_TARGET_ARM 999Do not build LLVM target support for ARM. 1000The 1001.Va LLVM_TARGET_ALL 1002option should be used rather than this in most cases. 1003.It Va WITH_LLVM_TARGET_BPF 1004Build LLVM target support for BPF. 1005The 1006.Va LLVM_TARGET_ALL 1007option should be used rather than this in most cases. 1008.It Va WITH_LLVM_TARGET_MIPS 1009Build LLVM target support for MIPS. 1010The 1011.Va LLVM_TARGET_ALL 1012option should be used rather than this in most cases. 1013.It Va WITHOUT_LLVM_TARGET_POWERPC 1014Do not build LLVM target support for PowerPC. 1015The 1016.Va LLVM_TARGET_ALL 1017option should be used rather than this in most cases. 1018.It Va WITHOUT_LLVM_TARGET_RISCV 1019Do not build LLVM target support for RISC-V. 1020The 1021.Va LLVM_TARGET_ALL 1022option should be used rather than this in most cases. 1023.It Va WITHOUT_LLVM_TARGET_X86 1024Do not build LLVM target support for X86. 1025The 1026.Va LLVM_TARGET_ALL 1027option should be used rather than this in most cases. 1028.It Va WITHOUT_LOADER_BIOS_TEXTONLY 1029Include graphics, font and video mode support in the i386 and amd64 BIOS 1030boot loader. 1031.It Va WITH_LOADER_EFI_SECUREBOOT 1032Enable building 1033.Xr loader 8 1034with support for verification based on certificates obtained from UEFI. 1035.It Va WITHOUT_LOADER_GELI 1036Disable inclusion of GELI crypto support in the boot chain binaries. 1037.Pp 1038This is a default setting on 1039powerpc/powerpc64 and powerpc/powerpc64le. 1040.It Va WITH_LOADER_GELI 1041Build GELI bootloader support. 1042.Pp 1043This is a default setting on 1044amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1045.It Va WITHOUT_LOADER_IA32 1046Do not build the 32-bit UEFI loader. 1047.Pp 1048This is a default setting on 1049arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1050.It Va WITH_LOADER_IA32 1051Build the 32-bit UEFI loader. 1052.Pp 1053This is a default setting on 1054amd64/amd64. 1055.It Va WITHOUT_LOADER_KBOOT 1056Do not build kboot, a linuxboot environment loader 1057.Pp 1058This is a default setting on 1059arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1060.It Va WITH_LOADER_KBOOT 1061Build kboot, a linuxboot environment loader 1062.Pp 1063This is a default setting on 1064amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 1065.It Va WITHOUT_LOADER_LUA 1066Do not build LUA bindings for the boot loader. 1067.Pp 1068This is a default setting on 1069powerpc/powerpc64 and powerpc/powerpc64le. 1070.It Va WITH_LOADER_LUA 1071Build LUA bindings for the boot loader. 1072.Pp 1073This is a default setting on 1074amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1075.It Va WITHOUT_LOADER_OFW 1076Disable building of openfirmware bootloader components. 1077.Pp 1078This is a default setting on 1079amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1080.It Va WITH_LOADER_OFW 1081Build openfirmware bootloader components. 1082.Pp 1083This is a default setting on 1084powerpc/powerpc64 and powerpc/powerpc64le. 1085.It Va WITHOUT_LOADER_PXEBOOT 1086Do not build pxeboot on i386/amd64. 1087When the pxeboot is too large, or unneeded, it may be disabled with this option. 1088See 1089.Va WITH_LOADER_PXEBOOT 1090for how to adjust the defaults when you need both a larger 1091.Pa /boot/loader 1092and 1093.Pa /boot/pxeboot 1094.Pp 1095This option only has an effect on x86. 1096.It Va WITHOUT_LOADER_UBOOT 1097Disable building of ubldr. 1098.Pp 1099This is a default setting on 1100amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1101.It Va WITH_LOADER_UBOOT 1102Build ubldr. 1103.Pp 1104This is a default setting on 1105arm/armv7 and powerpc/powerpc64. 1106.It Va WITH_LOADER_VERBOSE 1107Build with extra verbose debugging in the loader. 1108May explode already nearly too large loader over the limit. 1109Use with care. 1110.It Va WITH_LOADER_VERIEXEC 1111Enable building 1112.Xr loader 8 1113with support for verification similar to Verified Exec. 1114.Pp 1115Depends on 1116.Va WITH_BEARSSL . 1117May require a larger 1118.Va LOADERSIZE . 1119When set, these options are also in effect: 1120.Pp 1121.Bl -inset -compact 1122.It Va WITH_LOADER_EFI_SECUREBOOT 1123(unless 1124.Va WITHOUT_LOADER_EFI_SECUREBOOT 1125is set explicitly) 1126.It Va WITH_LOADER_VERIEXEC_VECTX 1127(unless 1128.Va WITHOUT_LOADER_VERIEXEC_VECTX 1129is set explicitly) 1130.El 1131.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST 1132Enable building 1133.Xr loader 8 1134with support to pass a verified manifest to the kernel. 1135The kernel has to be built with a module to parse the manifest. 1136.Pp 1137Depends on 1138.Va WITH_LOADER_VERIEXEC . 1139.It Va WITH_LOADER_VERIEXEC_VECTX 1140Enable building 1141.Xr loader 8 1142with support for hashing and verifying kernel and modules as a side effect 1143of loading. 1144.Pp 1145Depends on 1146.Va WITH_LOADER_VERIEXEC . 1147.It Va WITHOUT_LOADER_ZFS 1148Do not build ZFS file system boot loader support. 1149.It Va WITHOUT_LOCALES 1150Do not build localization files; see 1151.Xr locale 1 . 1152.It Va WITHOUT_LOCATE 1153Do not build 1154.Xr locate 1 1155and related programs. 1156.It Va WITHOUT_LPR 1157Do not build 1158.Xr lpr 1 1159and related programs. 1160.It Va WITHOUT_LS_COLORS 1161Build 1162.Xr ls 1 1163without support for colors to distinguish file types. 1164.It Va WITHOUT_MACHDEP_OPTIMIZATIONS 1165Prefer machine-independent non-assembler code in libc and libm. 1166.It Va WITHOUT_MAIL 1167Do not build any mail support (MUA or MTA). 1168When set, it enforces these options: 1169.Pp 1170.Bl -item -compact 1171.It 1172.Va WITHOUT_DMAGENT 1173.It 1174.Va WITHOUT_MAILWRAPPER 1175.It 1176.Va WITHOUT_SENDMAIL 1177.El 1178.It Va WITHOUT_MAILWRAPPER 1179Do not build the 1180.Xr mailwrapper 8 1181MTA selector. 1182.It Va WITHOUT_MAKE 1183Do not install 1184.Xr make 1 1185and related support files. 1186.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX 1187Do not execute 1188.Dq Li "make check" 1189in limited sandbox mode. 1190This option should be paired with 1191.Va WITH_INSTALL_AS_USER 1192if executed as an unprivileged user. 1193See 1194.Xr tests 7 1195for more details. 1196.It Va WITH_MALLOC_PRODUCTION 1197Disable assertions and statistics gathering in 1198.Xr malloc 3 . 1199The run-time options 1200.Dv opt.abort , 1201.Dv opt.abort_conf , 1202and 1203.Dv opt.junk 1204also default to false. 1205.It Va WITHOUT_MAN 1206Do not build manual pages. 1207When set, these options are also in effect: 1208.Pp 1209.Bl -inset -compact 1210.It Va WITHOUT_MAN_UTILS 1211(unless 1212.Va WITH_MAN_UTILS 1213is set explicitly) 1214.El 1215.It Va WITHOUT_MANCOMPRESS 1216Do not install compressed man pages. 1217Only the uncompressed versions will be installed. 1218.It Va WITH_MANSPLITPKG 1219Split man pages into their own packages during make package. 1220.It Va WITHOUT_MAN_UTILS 1221Do not build utilities for manual pages, 1222.Xr apropos 1 , 1223.Xr makewhatis 1 , 1224.Xr man 1 , 1225.Xr whatis 1 , 1226.Xr manctl 8 , 1227and related support files. 1228.It Va WITH_META_ERROR_TARGET 1229Enable the META_MODE .ERROR target. 1230.Pp 1231This target will copy the meta file of a failed target 1232to 1233.Va ERROR_LOGDIR 1234(default is 1235.Ql ${SRCTOP:H}/error ) 1236to help with failure analysis. 1237Depends on 1238.Va WITH_META_MODE . 1239This default when 1240.Va WITH_DIRDEPS_BUILD 1241is set. 1242.Pp 1243This must be set in the environment, make command line, or 1244.Pa /etc/src-env.conf , 1245not 1246.Pa /etc/src.conf . 1247.It Va WITH_META_MODE 1248Create 1249.Xr make 1 1250meta files when building, which can provide a reliable incremental build when 1251using 1252.Xr filemon 4 . 1253The meta file is created in OBJDIR as 1254.Pa target.meta . 1255These meta files track the command that was executed, its output, and the 1256current directory. 1257The 1258.Xr filemon 4 1259module is required unless 1260.Va NO_FILEMON 1261is defined. 1262When the module is loaded, any files used by the commands executed are 1263tracked as dependencies for the target in its meta file. 1264The target is considered out-of-date and rebuilt if any of these 1265conditions are true compared to the last build: 1266.Bl -bullet -compact 1267.It 1268The command to execute changes. 1269.It 1270The current working directory changes. 1271.It 1272The target's meta file is missing. 1273.It 1274The target's meta file is missing filemon data when filemon is loaded 1275and a previous run did not have it loaded. 1276.It 1277[requires 1278.Xr filemon 4 ] 1279Files read, executed or linked to are newer than the target. 1280.It 1281[requires 1282.Xr filemon 4 ] 1283Files read, written, executed or linked are missing. 1284.El 1285The meta files can also be useful for debugging. 1286.Pp 1287The build hides commands that are executed unless 1288.Va NO_SILENT 1289is defined. 1290Errors cause 1291.Xr make 1 1292to show some of its environment for further debugging. 1293.Pp 1294The build operates as it normally would otherwise. 1295This option originally invoked a different build system but that was renamed 1296to 1297.Va WITH_DIRDEPS_BUILD . 1298.Pp 1299This must be set in the environment, make command line, or 1300.Pa /etc/src-env.conf , 1301not 1302.Pa /etc/src.conf . 1303.It Va WITHOUT_MITKRB5 1304Set this to build KTH Heimdal instead of MIT Kerberos 5. 1305.It Va WITHOUT_MLX5TOOL 1306Do not build 1307.Xr mlx5tool 8 1308.Pp 1309This is a default setting on 1310arm/armv7 and riscv/riscv64. 1311.It Va WITH_MLX5TOOL 1312Build 1313.Xr mlx5tool 8 1314.Pp 1315This is a default setting on 1316amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 1317.It Va WITHOUT_NETCAT 1318Do not build 1319.Xr nc 1 1320utility. 1321.It Va WITHOUT_NETGRAPH 1322Do not build applications to support 1323.Xr netgraph 4 . 1324When set, it enforces these options: 1325.Pp 1326.Bl -item -compact 1327.It 1328.Va WITHOUT_BLUETOOTH 1329.El 1330.Pp 1331When set, these options are also in effect: 1332.Pp 1333.Bl -inset -compact 1334.It Va WITHOUT_NETGRAPH_SUPPORT 1335(unless 1336.Va WITH_NETGRAPH_SUPPORT 1337is set explicitly) 1338.El 1339.It Va WITHOUT_NETGRAPH_SUPPORT 1340Build libraries, programs, and kernel modules without netgraph support. 1341.It Va WITHOUT_NETLINK 1342Do not build 1343.Xr genl 1 1344utility. 1345.It Va WITHOUT_NETLINK_SUPPORT 1346Make libraries and programs use rtsock and 1347.Xr sysctl 3 1348interfaces instead of 1349.Xr snl 3 . 1350.It Va WITHOUT_NIS 1351Do not build 1352.Xr NIS 8 1353support and related programs. 1354If set, you might need to adopt your 1355.Xr nsswitch.conf 5 1356and remove 1357.Sq nis 1358entries. 1359.It Va WITHOUT_NLS 1360Do not build NLS catalogs. 1361When set, it enforces these options: 1362.Pp 1363.Bl -item -compact 1364.It 1365.Va WITHOUT_NLS_CATALOGS 1366.El 1367.It Va WITHOUT_NLS_CATALOGS 1368Do not build NLS catalog support for 1369.Xr csh 1 . 1370.It Va WITHOUT_NS_CACHING 1371Disable name caching in the 1372.Pa nsswitch 1373subsystem. 1374The generic caching daemon, 1375.Xr nscd 8 , 1376will not be built either if this option is set. 1377.It Va WITHOUT_NTP 1378Do not build 1379.Xr ntpd 8 1380and related programs. 1381.It Va WITHOUT_NUAGEINIT 1382Do not install the limited cloud init support scripts. 1383.It Va WITHOUT_OFED 1384Do not build the 1385.Dq "OpenFabrics Enterprise Distribution" 1386InfiniBand software stack, including kernel modules and userspace libraries. 1387.Pp 1388This is a default setting on 1389arm/armv7. 1390When set, it enforces these options: 1391.Pp 1392.Bl -item -compact 1393.It 1394.Va WITHOUT_OFED_EXTRA 1395.El 1396.It Va WITH_OFED 1397Build the 1398.Dq "OpenFabrics Enterprise Distribution" 1399InfiniBand software stack, including kernel modules and userspace libraries. 1400.Pp 1401This is a default setting on 1402amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1403.It Va WITH_OFED_EXTRA 1404Build the non-essential components of the 1405.Dq "OpenFabrics Enterprise Distribution" 1406Infiniband software stack, mostly examples. 1407.It Va WITH_OPENLDAP 1408Enable building LDAP support for kerberos using an openldap client from ports. 1409.It Va WITHOUT_OPENMP 1410Do not build LLVM's OpenMP runtime. 1411.Pp 1412This is a default setting on 1413arm/armv7. 1414.It Va WITH_OPENMP 1415Build LLVM's OpenMP runtime. 1416.Pp 1417This is a default setting on 1418amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1419.It Va WITHOUT_OPENSSH 1420Do not build OpenSSH. 1421.It Va WITHOUT_OPENSSL 1422Do not build OpenSSL. 1423When set, it enforces these options: 1424.Pp 1425.Bl -item -compact 1426.It 1427.Va WITHOUT_DMAGENT 1428.It 1429.Va WITHOUT_KERBEROS 1430.It 1431.Va WITHOUT_LDNS 1432.It 1433.Va WITHOUT_LDNS_UTILS 1434.It 1435.Va WITHOUT_LOADER_ZFS 1436.It 1437.Va WITHOUT_MITKRB5 1438.It 1439.Va WITHOUT_OPENSSH 1440.It 1441.Va WITHOUT_OPENSSL_KTLS 1442.It 1443.Va WITHOUT_PKGBOOTSTRAP 1444.It 1445.Va WITHOUT_UNBOUND 1446.It 1447.Va WITHOUT_ZFS 1448.It 1449.Va WITHOUT_ZFS_TESTS 1450.El 1451.Pp 1452When set, these options are also in effect: 1453.Pp 1454.Bl -inset -compact 1455.It Va WITHOUT_KERBEROS_SUPPORT 1456(unless 1457.Va WITH_KERBEROS_SUPPORT 1458is set explicitly) 1459.El 1460.It Va WITHOUT_OPENSSL_KTLS 1461Do not include kernel TLS support in OpenSSL. 1462.Pp 1463This is a default setting on 1464arm/armv7, i386/i386 and riscv/riscv64. 1465.It Va WITH_OPENSSL_KTLS 1466Include kernel TLS support in OpenSSL. 1467.Pp 1468This is a default setting on 1469amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. 1470.It Va WITHOUT_PAM 1471Do not build PAM library and modules. 1472.Bf -symbolic 1473This option is deprecated and does nothing. 1474.Ef 1475When set, these options are also in effect: 1476.Pp 1477.Bl -inset -compact 1478.It Va WITHOUT_PAM_SUPPORT 1479(unless 1480.Va WITH_PAM_SUPPORT 1481is set explicitly) 1482.El 1483.It Va WITHOUT_PAM_SUPPORT 1484Build some programs without PAM support, particularly 1485.Xr ftpd 8 1486and 1487.Xr ppp 8 . 1488.It Va WITHOUT_PF 1489Do not build PF firewall package. 1490When set, it enforces these options: 1491.Pp 1492.Bl -item -compact 1493.It 1494.Va WITHOUT_AUTHPF 1495.El 1496.It Va WITHOUT_PIE 1497Do not build dynamically linked binaries as 1498Position-Independent Executable (PIE). 1499.Pp 1500This is a default setting on 1501arm/armv7 and i386/i386. 1502.It Va WITH_PIE 1503Build dynamically linked binaries as 1504Position-Independent Executable (PIE). 1505.Pp 1506This is a default setting on 1507amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1508.It Va WITHOUT_PKGBOOTSTRAP 1509Do not build 1510.Xr pkg 7 1511bootstrap tool. 1512.It Va WITHOUT_PMC 1513Do not build 1514.Xr pmccontrol 8 1515and related programs. 1516.It Va WITHOUT_PPP 1517Do not build 1518.Xr ppp 8 1519and related programs. 1520.It Va WITHOUT_PTHREADS_ASSERTIONS 1521Disable debugging assertions in pthreads library. 1522.It Va WITHOUT_QUOTAS 1523Do not build 1524.Xr quota 1 1525and related programs. 1526.It Va WITHOUT_RADIUS_SUPPORT 1527Do not build radius support into various applications, like 1528.Xr pam_radius 8 1529and 1530.Xr ppp 8 . 1531.It Va WITH_RATELIMIT 1532Build the system with rate limit support. 1533.Pp 1534This makes 1535.Dv SO_MAX_PACING_RATE 1536effective in 1537.Xr getsockopt 2 , 1538and 1539.Ar txrlimit 1540support in 1541.Xr ifconfig 8 , 1542by proxy. 1543.It Va WITHOUT_RBOOTD 1544Do not build or install 1545.Xr rbootd 8 . 1546.It Va WITHOUT_RELRO 1547Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. 1548See also the 1549.Va BIND_NOW 1550option. 1551.It Va WITH_REPRODUCIBLE_BUILD 1552Exclude build metadata (such as the build time, user, or host) 1553from the kernel, boot loaders, and uname output, so that builds produce 1554bit-for-bit identical output. 1555.It Va WITHOUT_RESCUE 1556Do not build 1557.Xr rescue 8 . 1558.It Va WITH_RETPOLINE 1559Build the base system with the retpoline speculative execution 1560vulnerability mitigation for CVE-2017-5715. 1561.It Va WITHOUT_ROUTED 1562Do not build 1563.Xr routed 8 1564utility. 1565.It Va WITH_RPCBIND_WARMSTART_SUPPORT 1566Build 1567.Xr rpcbind 8 1568with warmstart support. 1569.It Va WITH_RUN_TESTS 1570Run tests as part of the build. 1571.It Va WITHOUT_SCTP_SUPPORT 1572Disable support in the kernel for the 1573.Xr sctp 4 1574Stream Control Transmission Protocol 1575loadable kernel module. 1576.It Va WITHOUT_SENDMAIL 1577Do not build 1578.Xr sendmail 8 1579and related programs. 1580.It Va WITHOUT_SERVICESDB 1581Do not install 1582.Pa /var/db/services.db . 1583.It Va WITHOUT_SETUID_LOGIN 1584Set this to disable the installation of 1585.Xr login 1 1586as a set-user-ID root program. 1587.It Va WITHOUT_SHAREDOCS 1588Do not build the 1589.Bx 4.4 1590legacy docs. 1591.It Va WITH_SORT_THREADS 1592Enable threads in 1593.Xr sort 1 . 1594.It Va WITHOUT_SOURCELESS 1595Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). 1596When set, it enforces these options: 1597.Pp 1598.Bl -item -compact 1599.It 1600.Va WITHOUT_SOURCELESS_HOST 1601.It 1602.Va WITHOUT_SOURCELESS_UCODE 1603.El 1604.It Va WITHOUT_SOURCELESS_HOST 1605Do not build kernel modules that include sourceless native code for host CPU. 1606.It Va WITHOUT_SOURCELESS_UCODE 1607Do not build kernel modules that include sourceless microcode. 1608.It Va WITHOUT_SPLIT_KERNEL_DEBUG 1609Do not build standalone kernel debug files. 1610Debug data (if enabled by the kernel configuration file) 1611will be included in the kernel and modules. 1612When set, it enforces these options: 1613.Pp 1614.Bl -item -compact 1615.It 1616.Va WITHOUT_KERNEL_SYMBOLS 1617.El 1618.It Va WITHOUT_SSP 1619Do not build world with stack smashing protection. 1620See 1621.Xr mitigations 7 1622for more information. 1623.It Va WITH_STAGING 1624Enable staging of files to a stage tree. 1625This can be best thought of as auto-install to 1626.Va DESTDIR 1627with some extra meta data to ensure dependencies can be tracked. 1628Depends on 1629.Va WITH_DIRDEPS_BUILD . 1630When set, these options are also in effect: 1631.Pp 1632.Bl -inset -compact 1633.It Va WITH_STAGING_MAN 1634(unless 1635.Va WITHOUT_STAGING_MAN 1636is set explicitly) 1637.It Va WITH_STAGING_PROG 1638(unless 1639.Va WITHOUT_STAGING_PROG 1640is set explicitly) 1641.El 1642.Pp 1643This must be set in the environment, make command line, or 1644.Pa /etc/src-env.conf , 1645not 1646.Pa /etc/src.conf . 1647.It Va WITH_STAGING_MAN 1648Enable staging of man pages to stage tree. 1649.It Va WITH_STAGING_PROG 1650Enable staging of PROGs to stage tree. 1651.It Va WITH_STALE_STAGED 1652Check staged files are not stale. 1653.It Va WITHOUT_STATS 1654Neither build nor install 1655.Lb libstats 1656and dependent binaries. 1657.It Va WITHOUT_SYSCONS 1658Do not build 1659.Xr syscons 4 1660support files such as keyboard maps, fonts, and screen output maps. 1661.It Va WITH_SYSROOT 1662Enable use of sysroot during build. 1663Depends on 1664.Va WITH_DIRDEPS_BUILD . 1665.Pp 1666This must be set in the environment, make command line, or 1667.Pa /etc/src-env.conf , 1668not 1669.Pa /etc/src.conf . 1670.It Va WITHOUT_SYSTEM_COMPILER 1671Do not opportunistically skip building a cross-compiler during the 1672bootstrap phase of the build. 1673Normally, if the currently installed compiler matches the planned bootstrap 1674compiler type and revision, then it will not be built. 1675This does not prevent a compiler from being built for installation though, 1676only for building one for the build itself. 1677The 1678.Va WITHOUT_CLANG 1679option controls that. 1680.It Va WITHOUT_SYSTEM_LINKER 1681Do not opportunistically skip building a cross-linker during the 1682bootstrap phase of the build. 1683Normally, if the currently installed linker matches the planned bootstrap 1684linker type and revision, then it will not be built. 1685This does not prevent a linker from being built for installation though, 1686only for building one for the build itself. 1687The 1688.Va WITHOUT_LLD 1689option controls that. 1690.Pp 1691This option is only relevant when 1692.Va WITH_LLD_BOOTSTRAP 1693is set. 1694.It Va WITHOUT_TALK 1695Do not build or install 1696.Xr talk 1 1697and 1698.Xr talkd 8 . 1699.It Va WITHOUT_TCP_WRAPPERS 1700Do not build or install 1701.Xr tcpd 8 , 1702and related utilities. 1703.It Va WITHOUT_TCSH 1704Do not build and install 1705.Pa /bin/csh 1706(which is 1707.Xr tcsh 1 ) . 1708.It Va WITHOUT_TELNET 1709Do not build 1710.Xr telnet 1 1711and related programs. 1712.It Va WITHOUT_TESTS 1713Do not build nor install the 1714.Fx 1715Test Suite in 1716.Pa /usr/tests/ . 1717See 1718.Xr tests 7 1719for more details. 1720This also disables the build of all test-related dependencies, including ATF. 1721When set, it enforces these options: 1722.Pp 1723.Bl -item -compact 1724.It 1725.Va WITHOUT_DTRACE_TESTS 1726.It 1727.Va WITHOUT_ZFS_TESTS 1728.El 1729.Pp 1730When set, these options are also in effect: 1731.Pp 1732.Bl -inset -compact 1733.It Va WITHOUT_GOOGLETEST 1734(unless 1735.Va WITH_GOOGLETEST 1736is set explicitly) 1737.It Va WITHOUT_TESTS_SUPPORT 1738(unless 1739.Va WITH_TESTS_SUPPORT 1740is set explicitly) 1741.El 1742.It Va WITHOUT_TESTS_SUPPORT 1743Disable the build of all test-related dependencies, including ATF. 1744When set, it enforces these options: 1745.Pp 1746.Bl -item -compact 1747.It 1748.Va WITHOUT_GOOGLETEST 1749.El 1750.It Va WITHOUT_TEXTPROC 1751Do not build 1752programs used for text processing. 1753.It Va WITHOUT_TFTP 1754Do not build or install 1755.Xr tftp 1 1756and 1757.Xr tftpd 8 . 1758.It Va WITHOUT_TOOLCHAIN 1759Do not install 1760programs used for program development, 1761compilers, debuggers etc. 1762When set, it enforces these options: 1763.Pp 1764.Bl -item -compact 1765.It 1766.Va WITHOUT_CLANG 1767.It 1768.Va WITHOUT_CLANG_EXTRAS 1769.It 1770.Va WITHOUT_CLANG_FORMAT 1771.It 1772.Va WITHOUT_CLANG_FULL 1773.It 1774.Va WITHOUT_LLD 1775.It 1776.Va WITHOUT_LLDB 1777.It 1778.Va WITHOUT_LLVM_COV 1779.El 1780.Pp 1781When set, these options are also in effect: 1782.Pp 1783.Bl -inset -compact 1784.It Va WITHOUT_LLVM_BINUTILS 1785(unless 1786.Va WITH_LLVM_BINUTILS 1787is set explicitly) 1788.El 1789.It Va WITH_UBSAN 1790Build the base system with Undefined Behavior Sanitizer (UBSan) to detect 1791various kinds of undefined behavior at runtime. 1792Requires that Clang be used as the base system compiler 1793and that the runtime support library is available 1794.It Va WITHOUT_UNBOUND 1795Do not build 1796.Xr unbound 8 1797and related programs. 1798.It Va WITH_UNDEFINED_VERSION 1799Link libraries with --undefined-version which permits version maps to 1800contain symbols that are not present in the library. 1801If this is necessary to build a particular configuration, a bug is 1802present and the configuration should be reported. 1803.It Va WITHOUT_UNIFIED_OBJDIR 1804Use the historical object directory format for 1805.Xr build 7 1806targets. 1807For native-builds and builds done directly in sub-directories the format of 1808.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} 1809is used, 1810while for cross-builds 1811.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} 1812is used. 1813.Pp 1814This option is transitional and will be removed in a future version of 1815.Fx , 1816at which time 1817.Va WITH_UNIFIED_OBJDIR 1818will be enabled permanently. 1819.Pp 1820This must be set in the environment, make command line, or 1821.Pa /etc/src-env.conf , 1822not 1823.Pa /etc/src.conf . 1824.It Va WITHOUT_USB 1825Do not build USB-related programs and libraries. 1826.It Va WITHOUT_USB_GADGET_EXAMPLES 1827Do not build USB gadget kernel modules. 1828.It Va WITHOUT_UTMPX 1829Do not build user accounting tools such as 1830.Xr last 1 , 1831.Xr users 1 , 1832.Xr who 1 , 1833.Xr ac 8 , 1834.Xr lastlogin 8 1835and 1836.Xr utx 8 . 1837.It Va WITH_VERIEXEC 1838Enable building 1839.Xr veriexec 8 1840which loads the contents of verified manifests into the kernel 1841for use by 1842.Xr mac_veriexec 4 1843.Pp 1844Depends on 1845.Va WITH_BEARSSL . 1846.It Va WITHOUT_VI 1847Do not build and install vi, view, ex and related programs. 1848.It Va WITHOUT_VT 1849Do not build 1850.Xr vt 4 1851support files (fonts and keymaps). 1852.It Va WITHOUT_WARNS 1853Set this to not add warning flags to the compiler invocations. 1854Useful as a temporary workaround when code enters the tree 1855which triggers warnings in environments that differ from the 1856original developer. 1857.It Va WITHOUT_WERROR 1858Set this to not treat compiler warnings as errors. 1859Useful as a temporary workaround when working on fixing compiler warnings. 1860When set, warnings are still printed in the build log but do not fail the build. 1861.It Va WITHOUT_WIRELESS 1862Do not build programs used for 802.11 wireless networks; especially 1863.Xr wpa_supplicant 8 1864and 1865.Xr hostapd 8 . 1866When set, these options are also in effect: 1867.Pp 1868.Bl -inset -compact 1869.It Va WITHOUT_WIRELESS_SUPPORT 1870(unless 1871.Va WITH_WIRELESS_SUPPORT 1872is set explicitly) 1873.El 1874.It Va WITHOUT_WIRELESS_SUPPORT 1875Build libraries, programs, and kernel modules without 1876802.11 wireless support. 1877.It Va WITHOUT_WPA_SUPPLICANT_EAPOL 1878Build 1879.Xr wpa_supplicant 8 1880without support for the IEEE 802.1X protocol and without 1881support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS 1882protocols (usable only via 802.1X). 1883.It Va WITH_ZEROREGS 1884Build the basesystem with code to zero caller-used register contents 1885on function return. 1886This prevents leaking temporary values for side channel attacks. 1887Additionally this reduces the number of usable ROP gadgets for attackers. 1888.It Va WITHOUT_ZFS 1889Do not build the ZFS file system kernel module, libraries such as 1890.Xr libbe 3 , 1891and user commands such as 1892.Xr zpool 8 1893or 1894.Xr zfs 8 . 1895Also disable ZFS support in utilities and libraries which implement 1896ZFS-specific functionality. 1897When set, it enforces these options: 1898.Pp 1899.Bl -item -compact 1900.It 1901.Va WITHOUT_ZFS_TESTS 1902.El 1903.It Va WITHOUT_ZFS_TESTS 1904Do not build and install the legacy ZFS test suite. 1905.It Va WITHOUT_ZONEINFO 1906Do not build the timezone database. 1907When set, it enforces these options: 1908.Pp 1909.Bl -item -compact 1910.It 1911.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT 1912.El 1913.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT 1914Build leapsecond information in to the timezone database. 1915This option violates 1916.St -p1003.1 1917and all other applicable standards, and is known to cause unexpected 1918issues with date/time handling in many applications and programming 1919languages. 1920.El 1921.Pp 1922The following options accept a single value from a list of valid values. 1923.Bl -tag -width indent 1924.It Va INIT_ALL 1925Control default initialization of stack variables in C and C++ code. 1926Options other than 1927.Li none 1928require the Clang compiler or GCC 12.0 or later. 1929The default value is 1930.Li none . 1931Valid values are: 1932.Bl -tag -width indent 1933.It Li none 1934Do not initialize stack variables (standard C/C++ behavior). 1935.It Li pattern 1936Build the base system or kernel with stack variables initialized to 1937.Pq compiler defined 1938debugging patterns on function entry. 1939.It Li zero 1940Build the base system or kernel with stack variables initialized 1941to zero on function entry. 1942This value is converted to 1943.Li none 1944for amd64 kernel builds due to incompatability with ifunc memset. 1945.El 1946.It Va LIBC_MALLOC 1947Specify the 1948.Xr malloc 3 1949implementation used by libc. 1950The default value is 1951.Li jemalloc . 1952Valid values are: 1953.Bl -tag -width indent 1954.It Li jemalloc 1955.El 1956.Pp 1957Other implementations are expected in the future in both 1958.Fx 1959and downstream consumers. 1960.El 1961.Sh FILES 1962.Bl -tag -compact -width Pa 1963.It Pa /etc/src.conf 1964.It Pa /etc/src-env.conf 1965.It Pa /usr/share/mk/bsd.own.mk 1966.El 1967.Sh SEE ALSO 1968.Xr make 1 , 1969.Xr make.conf 5 , 1970.Xr build 7 , 1971.Xr ports 7 1972.Sh HISTORY 1973The 1974.Nm 1975file appeared in 1976.Fx 7.0 . 1977.Sh AUTHORS 1978This manual page was autogenerated by 1979.An tools/build/options/makeman . 1980