xref: /freebsd/share/man/man5/src.conf.5 (revision 089104e0e01f080c9cd45dc5f34c4f636dea4ca7)
1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
2.Dd April 20, 2023
3.Dt SRC.CONF 5
4.Os
5.Sh NAME
6.Nm src.conf
7.Nd "source build options"
8.Sh DESCRIPTION
9The
10.Nm
11file contains variables that control what components will be generated during
12the build process of the
13.Fx
14source tree; see
15.Xr build 7 .
16.Pp
17The
18.Nm
19file uses the standard makefile syntax.
20However,
21.Nm
22should not specify any dependencies to
23.Xr make 1 .
24Instead,
25.Nm
26is to set
27.Xr make 1
28variables that control the aspects of how the system builds.
29.Pp
30The default location of
31.Nm
32is
33.Pa /etc/src.conf ,
34though an alternative location can be specified in the
35.Xr make 1
36variable
37.Va SRCCONF .
38Overriding the location of
39.Nm
40may be necessary if the system-wide settings are not suitable
41for a particular build.
42For instance, setting
43.Va SRCCONF
44to
45.Pa /dev/null
46effectively resets all build controls to their defaults.
47.Pp
48The only purpose of
49.Nm
50is to control the compilation of the
51.Fx
52source code, which is usually located in
53.Pa /usr/src .
54As a rule, the system administrator creates
55.Nm
56when the values of certain control variables need to be changed
57from their defaults.
58.Pp
59In addition, control variables can be specified
60for a particular build via the
61.Fl D
62option of
63.Xr make 1
64or in its environment; see
65.Xr environ 7 .
66.Pp
67The environment of
68.Xr make 1
69for the build can be controlled via the
70.Va SRC_ENV_CONF
71variable, which defaults to
72.Pa /etc/src-env.conf .
73Some examples that may only be set in this file are
74.Va WITH_DIRDEPS_BUILD ,
75and
76.Va WITH_META_MODE ,
77and
78.Va MAKEOBJDIRPREFIX
79as they are environment-only variables.
80.Pp
81The values of variables are ignored regardless of their setting;
82even if they would be set to
83.Dq Li FALSE
84or
85.Dq Li NO .
86The presence of an option causes
87it to be honored by
88.Xr make 1 .
89.Pp
90This list provides a name and short description for variables
91that can be used for source builds.
92.Bl -tag -width indent
93.It Va WITHOUT_ACCT
94Do not build process accounting tools such as
95.Xr accton 8
96and
97.Xr sa 8 .
98.It Va WITHOUT_ACPI
99Do not build
100.Xr acpiconf 8 ,
101.Xr acpidump 8
102and related programs.
103.It Va WITHOUT_APM
104Do not build
105.Xr apm 8 ,
106.Xr apmd 8
107and related programs.
108.It Va WITH_ASAN
109Build the base system with Address Sanitizer (ASan) to detect
110memory corruption bugs such as buffer overflows or use-after-free.
111Requires that Clang be used as the base system compiler
112and that the runtime support library is available.
113When set, it enforces these options:
114.Pp
115.Bl -item -compact
116.It
117.Va WITH_LLVM_BINUTILS
118.It
119.Va WITH_LLVM_CXXFILT
120.El
121.It Va WITHOUT_ASSERT_DEBUG
122Compile programs and libraries without the
123.Xr assert 3
124checks.
125.It Va WITHOUT_AT
126Do not build
127.Xr at 1
128and related utilities.
129.It Va WITHOUT_AUDIT
130Do not build audit support into system programs.
131.It Va WITHOUT_AUTHPF
132Do not build
133.Xr authpf 8 .
134.It Va WITHOUT_AUTOFS
135Do not build
136.Xr autofs 5
137related programs, libraries, and kernel modules.
138.It Va WITHOUT_AUTO_OBJ
139Disable automatic creation of objdirs.
140This is enabled by default if the wanted OBJDIR is writable by the current user.
141.Pp
142This must be set in the environment, make command line, or
143.Pa /etc/src-env.conf ,
144not
145.Pa /etc/src.conf .
146.It Va WITH_BEARSSL
147Build the BearSSL library.
148.Pp
149BearSSL is a tiny SSL library suitable for embedded environments.
150For details see
151.Lk https://www.BearSSL.org/
152.Pp
153This library is currently only used to perform
154signature verification and related operations
155for Verified Exec and
156.Xr loader 8 .
157When set, these options are also in effect:
158.Pp
159.Bl -inset -compact
160.It Va WITH_LOADER_EFI_SECUREBOOT
161(unless
162.Va WITHOUT_LOADER_EFI_SECUREBOOT
163is set explicitly)
164.It Va WITH_LOADER_VERIEXEC
165(unless
166.Va WITHOUT_LOADER_VERIEXEC
167is set explicitly)
168.It Va WITH_LOADER_VERIEXEC_VECTX
169(unless
170.Va WITHOUT_LOADER_VERIEXEC_VECTX
171is set explicitly)
172.It Va WITH_VERIEXEC
173(unless
174.Va WITHOUT_VERIEXEC
175is set explicitly)
176.El
177.It Va WITHOUT_BHYVE
178Do not build or install
179.Xr bhyve 8 ,
180associated utilities, and examples.
181.Pp
182This option only affects amd64/amd64.
183.It Va WITH_BHYVE_SNAPSHOT
184Include support for save and restore (snapshots) in
185.Xr bhyve 8
186and
187.Xr bhyvectl 8 .
188.Pp
189This option only affects amd64/amd64.
190.It Va WITH_BIND_NOW
191Build all binaries with the
192.Dv DF_BIND_NOW
193flag set to indicate that the run-time loader should perform all relocation
194processing at process startup rather than on demand.
195The combination of the
196.Va BIND_NOW
197and
198.Va RELRO
199options provide "full" Relocation Read-Only (RELRO) support.
200With full RELRO the entire GOT is made read-only after performing relocation at
201startup, avoiding GOT overwrite attacks.
202.It Va WITHOUT_BLACKLIST
203Set this if you do not want to build
204.Xr blacklistd 8
205and
206.Xr blacklistctl 8 .
207When set, these options are also in effect:
208.Pp
209.Bl -inset -compact
210.It Va WITHOUT_BLACKLIST_SUPPORT
211(unless
212.Va WITH_BLACKLIST_SUPPORT
213is set explicitly)
214.El
215.It Va WITHOUT_BLACKLIST_SUPPORT
216Build some programs without
217.Xr libblacklist 3
218support, like
219.Xr fingerd 8 ,
220.Xr ftpd 8 ,
221and
222.Xr sshd 8 .
223.It Va WITHOUT_BLUETOOTH
224Do not build Bluetooth related kernel modules, programs and libraries.
225.It Va WITHOUT_BOOT
226Do not build the boot blocks and loader.
227.It Va WITHOUT_BOOTPARAMD
228Do not build or install
229.Xr bootparamd 8 .
230.It Va WITHOUT_BOOTPD
231Do not build or install
232.Xr bootpd 8 .
233.It Va WITHOUT_BSDINSTALL
234Do not build
235.Xr bsdinstall 8 ,
236.Xr sade 8 ,
237and related programs.
238.It Va WITHOUT_BSD_CPIO
239Do not build the BSD licensed version of cpio based on
240.Xr libarchive 3 .
241.It Va WITHOUT_BSNMP
242Do not build or install
243.Xr bsnmpd 1
244and related libraries and data files.
245.It Va WITHOUT_BZIP2
246Do not build contributed bzip2 software as a part of the base system.
247.Bf -symbolic
248The option has no effect yet.
249.Ef
250When set, these options are also in effect:
251.Pp
252.Bl -inset -compact
253.It Va WITHOUT_BZIP2_SUPPORT
254(unless
255.Va WITH_BZIP2_SUPPORT
256is set explicitly)
257.El
258.It Va WITHOUT_BZIP2_SUPPORT
259Build some programs without optional bzip2 support.
260.It Va WITHOUT_CALENDAR
261Do not build
262.Xr calendar 1 .
263.It Va WITHOUT_CAPSICUM
264Do not build Capsicum support into system programs.
265When set, it enforces these options:
266.Pp
267.Bl -item -compact
268.It
269.Va WITHOUT_CASPER
270.El
271.It Va WITHOUT_CAROOT
272Do not add the trusted certificates from the Mozilla NSS bundle to
273base.
274.It Va WITHOUT_CASPER
275Do not build Casper program and related libraries.
276.It Va WITH_CCACHE_BUILD
277Use
278.Xr ccache 1
279for the build.
280No configuration is required except to install the
281.Sy devel/ccache
282package.
283When using with
284.Xr distcc 1 ,
285set
286.Sy CCACHE_PREFIX=/usr/local/bin/distcc .
287The default cache directory of
288.Pa $HOME/.ccache
289will be used, which can be overridden by setting
290.Sy CCACHE_DIR .
291The
292.Sy CCACHE_COMPILERCHECK
293option defaults to
294.Sy content
295when using the in-tree bootstrap compiler,
296and
297.Sy mtime
298when using an external compiler.
299The
300.Sy CCACHE_CPP2
301option is used for Clang but not GCC.
302.Pp
303Sharing a cache between multiple work directories requires using a layout
304similar to
305.Pa /some/prefix/src
306.Pa /some/prefix/obj
307and an environment such as:
308.Bd -literal -offset indent
309CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj'
310.Ed
311.Pp
312See
313.Xr ccache 1
314for more configuration options.
315.It Va WITHOUT_CCD
316Do not build
317.Xr geom_ccd 4
318and related utilities.
319.It Va WITHOUT_CDDL
320Do not build code licensed under Sun's CDDL.
321When set, it enforces these options:
322.Pp
323.Bl -item -compact
324.It
325.Va WITHOUT_CTF
326.It
327.Va WITHOUT_DTRACE
328.It
329.Va WITHOUT_LOADER_ZFS
330.It
331.Va WITHOUT_ZFS
332.El
333.It Va WITHOUT_CLANG
334Do not build the Clang C/C++ compiler during the regular phase of the build.
335When set, it enforces these options:
336.Pp
337.Bl -item -compact
338.It
339.Va WITHOUT_CLANG_EXTRAS
340.It
341.Va WITHOUT_CLANG_FORMAT
342.It
343.Va WITHOUT_CLANG_FULL
344.It
345.Va WITHOUT_LLVM_COV
346.El
347.Pp
348When set, these options are also in effect:
349.Pp
350.Bl -inset -compact
351.It Va WITHOUT_LLVM_TARGET_AARCH64
352(unless
353.Va WITH_LLVM_TARGET_AARCH64
354is set explicitly)
355.It Va WITHOUT_LLVM_TARGET_ALL
356(unless
357.Va WITH_LLVM_TARGET_ALL
358is set explicitly)
359.It Va WITHOUT_LLVM_TARGET_ARM
360(unless
361.Va WITH_LLVM_TARGET_ARM
362is set explicitly)
363.It Va WITHOUT_LLVM_TARGET_POWERPC
364(unless
365.Va WITH_LLVM_TARGET_POWERPC
366is set explicitly)
367.It Va WITHOUT_LLVM_TARGET_RISCV
368(unless
369.Va WITH_LLVM_TARGET_RISCV
370is set explicitly)
371.El
372.It Va WITHOUT_CLANG_BOOTSTRAP
373Do not build the Clang C/C++ compiler during the bootstrap phase of
374the build.
375To be able to build the system, either gcc or clang bootstrap must be
376enabled unless an alternate compiler is provided via XCC.
377.It Va WITH_CLANG_EXTRAS
378Build additional clang and llvm tools, such as bugpoint and
379clang-format.
380.It Va WITH_CLANG_FORMAT
381Build clang-format.
382.It Va WITHOUT_CLANG_FULL
383Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of
384the Clang C/C++ compiler.
385.It Va WITHOUT_CLEAN
386Do not clean before building world and/or kernel.
387.It Va WITHOUT_CPP
388Do not build
389.Xr cpp 1 .
390.It Va WITHOUT_CROSS_COMPILER
391Do not build any cross compiler in the cross-tools stage of buildworld.
392When compiling a different version of
393.Fx
394than what is installed on the system, provide an alternate
395compiler with XCC to ensure success.
396When compiling with an identical version of
397.Fx
398to the host, this option may be safely used.
399This option may also be safe when the host version of
400.Fx
401is close to the sources being built, but all bets are off if there have
402been any changes to the toolchain between the versions.
403When set, it enforces these options:
404.Pp
405.Bl -item -compact
406.It
407.Va WITHOUT_CLANG_BOOTSTRAP
408.It
409.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP
410.It
411.Va WITHOUT_LLD_BOOTSTRAP
412.El
413.It Va WITHOUT_CRYPT
414Do not build any crypto code.
415When set, it enforces these options:
416.Pp
417.Bl -item -compact
418.It
419.Va WITHOUT_DMAGENT
420.It
421.Va WITHOUT_KERBEROS
422.It
423.Va WITHOUT_KERBEROS_SUPPORT
424.It
425.Va WITHOUT_LDNS
426.It
427.Va WITHOUT_LDNS_UTILS
428.It
429.Va WITHOUT_LOADER_ZFS
430.It
431.Va WITHOUT_OPENSSH
432.It
433.Va WITHOUT_OPENSSL
434.It
435.Va WITHOUT_OPENSSL_KTLS
436.It
437.Va WITHOUT_PKGBOOTSTRAP
438.It
439.Va WITHOUT_UNBOUND
440.It
441.Va WITHOUT_ZFS
442.El
443.Pp
444When set, these options are also in effect:
445.Pp
446.Bl -inset -compact
447.It Va WITHOUT_GSSAPI
448(unless
449.Va WITH_GSSAPI
450is set explicitly)
451.El
452.It Va WITH_CTF
453Compile with CTF (Compact C Type Format) data.
454CTF data encapsulates a reduced form of debugging information
455similar to DWARF and the venerable stabs and is required for DTrace.
456.It Va WITHOUT_CUSE
457Do not build CUSE-related programs and libraries.
458.It Va WITHOUT_CXGBETOOL
459Do not build
460.Xr cxgbetool 8
461.Pp
462This is a default setting on
463arm/armv6, arm/armv7, powerpc/powerpc and riscv/riscv64.
464.It Va WITH_CXGBETOOL
465Build
466.Xr cxgbetool 8
467.Pp
468This is a default setting on
469amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
470.It Va WITHOUT_DEBUG_FILES
471Avoid building or installing standalone debug files for each
472executable binary and shared library.
473.It Va WITH_DETECT_TZ_CHANGES
474Make the time handling code detect changes to the timezone files.
475.It Va WITHOUT_DIALOG
476Do not build
477.Xr dialog 1 ,
478.Xr dialog 3 ,
479.Xr dpv 1 ,
480and
481.Xr dpv 3 .
482When set, it enforces these options:
483.Pp
484.Bl -item -compact
485.It
486.Va WITHOUT_BSDINSTALL
487.El
488.It Va WITHOUT_DICT
489Do not build the Webster dictionary files.
490.It Va WITH_DIRDEPS_BUILD
491This is an experimental build system.
492For details see
493https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm.
494Build commands can be seen from the top-level with:
495.Dl make show-valid-targets
496The build is driven by dirdeps.mk using
497.Va DIRDEPS
498stored in
499Makefile.depend files found in each directory.
500.Pp
501The build can be started from anywhere, and behaves the same.
502The initial instance of
503.Xr make 1
504recursively reads
505.Va DIRDEPS
506from
507.Pa Makefile.depend ,
508computing a graph of tree dependencies from the current origin.
509Setting
510.Va NO_DIRDEPS
511skips checking dirdep dependencies and will only build in the current
512and child directories.
513.Va NO_DIRDEPS_BELOW
514skips building any dirdeps and only build the current directory.
515.Pp
516This also utilizes the
517.Va WITH_META_MODE
518logic for incremental builds.
519.Pp
520The build hides commands executed unless
521.Va NO_SILENT
522is defined.
523.Pp
524Note that there is currently no mass install feature for this.
525.Pp
526When set, it enforces these options:
527.Pp
528.Bl -item -compact
529.It
530.Va WITH_INSTALL_AS_USER
531.El
532.Pp
533When set, these options are also in effect:
534.Pp
535.Bl -inset -compact
536.It Va WITH_META_MODE
537(unless
538.Va WITHOUT_META_MODE
539is set explicitly)
540.It Va WITH_STAGING
541(unless
542.Va WITHOUT_STAGING
543is set explicitly)
544.It Va WITH_STAGING_MAN
545(unless
546.Va WITHOUT_STAGING_MAN
547is set explicitly)
548.It Va WITH_STAGING_PROG
549(unless
550.Va WITHOUT_STAGING_PROG
551is set explicitly)
552.It Va WITH_SYSROOT
553(unless
554.Va WITHOUT_SYSROOT
555is set explicitly)
556.El
557.Pp
558This must be set in the environment, make command line, or
559.Pa /etc/src-env.conf ,
560not
561.Pa /etc/src.conf .
562.It Va WITH_DIRDEPS_CACHE
563Cache result of dirdeps.mk which can save significant time
564for subsequent builds.
565Depends on
566.Va WITH_DIRDEPS_BUILD .
567.Pp
568This must be set in the environment, make command line, or
569.Pa /etc/src-env.conf ,
570not
571.Pa /etc/src.conf .
572.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP
573Build
574.Xr etdump 1 ,
575.Xr makefs 8
576and
577.Xr mkimg 1
578as bootstrap tools.
579.It Va WITHOUT_DMAGENT
580Do not build dma Mail Transport Agent.
581.It Va WITHOUT_DOCCOMPRESS
582Do not install compressed system documentation.
583Only the uncompressed version will be installed.
584.It Va WITHOUT_DTRACE
585Do not build DTrace framework kernel modules, libraries, and user commands.
586When set, it enforces these options:
587.Pp
588.Bl -item -compact
589.It
590.Va WITHOUT_CTF
591.El
592.It Va WITH_DTRACE_TESTS
593Build and install the DTrace test suite in
594.Pa /usr/tests/cddl/usr.sbin/dtrace .
595This test suite is considered experimental on architectures other than
596amd64/amd64 and running it may cause system instability.
597.It Va WITHOUT_DYNAMICROOT
598Set this if you do not want to link
599.Pa /bin
600and
601.Pa /sbin
602dynamically.
603.It Va WITHOUT_EE
604Do not build and install
605.Xr edit 1 ,
606.Xr ee 1 ,
607and related programs.
608.It Va WITHOUT_EFI
609Set not to build
610.Xr efivar 3
611and
612.Xr efivar 8 .
613.Pp
614This is a default setting on
615powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
616.It Va WITH_EFI
617Build
618.Xr efivar 3
619and
620.Xr efivar 8 .
621.Pp
622This is a default setting on
623amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64 and i386/i386.
624.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP
625Do not build ELF Tool Chain tools
626(addr2line, nm, size, strings and strip)
627as part of the bootstrap process.
628.Bf -symbolic
629An alternate bootstrap tool chain must be provided.
630.Ef
631.It Va WITHOUT_EXAMPLES
632Avoid installing examples to
633.Pa /usr/share/examples/ .
634.It Va WITH_EXPERIMENTAL
635Include experimental features in the build.
636.It Va WITH_EXTRA_TCP_STACKS
637Build extra TCP stack modules.
638.It Va WITHOUT_FDT
639Do not build Flattened Device Tree support as part of the base system.
640This includes the device tree compiler (dtc) and libfdt support library.
641.Pp
642This is a default setting on
643amd64/amd64 and i386/i386.
644.It Va WITH_FDT
645Build Flattened Device Tree support as part of the base system.
646This includes the device tree compiler (dtc) and libfdt support library.
647.Pp
648This is a default setting on
649arm/armv6, arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
650.It Va WITHOUT_FILE
651Do not build
652.Xr file 1
653and related programs.
654.It Va WITHOUT_FINGER
655Do not build or install
656.Xr finger 1
657and
658.Xr fingerd 8 .
659.It Va WITHOUT_FLOPPY
660Do not build or install programs
661for operating floppy disk driver.
662.It Va WITHOUT_FORMAT_EXTENSIONS
663Do not enable
664.Fl fformat-extensions
665when compiling the kernel.
666Also disables all format checking.
667.It Va WITHOUT_FORTH
668Build bootloaders without Forth support.
669.It Va WITHOUT_FP_LIBC
670Build
671.Nm libc
672without floating-point support.
673.It Va WITHOUT_FREEBSD_UPDATE
674Do not build
675.Xr freebsd-update 8 .
676.It Va WITHOUT_FTP
677Do not build or install
678.Xr ftp 1
679and
680.Xr ftpd 8 .
681.It Va WITHOUT_GAMES
682Do not build games.
683.It Va WITHOUT_GH_BC
684Install the traditional FreeBSD
685.Xr bc 1
686and
687.Xr dc 1
688programs instead of the enhanced versions.
689.It Va WITHOUT_GNU_DIFF
690Do not build GNU
691.Xr diff3 1 .
692.It Va WITHOUT_GOOGLETEST
693Neither build nor install
694.Lb libgmock ,
695.Lb libgtest ,
696and dependent tests.
697.It Va WITHOUT_GPIO
698Do not build
699.Xr gpioctl 8
700as part of the base system.
701.It Va WITHOUT_GSSAPI
702Do not build libgssapi.
703.It Va WITHOUT_HAST
704Do not build
705.Xr hastd 8
706and related utilities.
707.It Va WITH_HESIOD
708Build Hesiod support.
709.It Va WITHOUT_HTML
710Do not build HTML docs.
711.It Va WITHOUT_HYPERV
712Do not build or install HyperV utilities.
713.Pp
714This is a default setting on
715arm/armv6, arm/armv7, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
716.It Va WITH_HYPERV
717Build or install HyperV utilities.
718.Pp
719This is a default setting on
720amd64/amd64, arm64/aarch64 and i386/i386.
721.It Va WITHOUT_ICONV
722Do not build iconv as part of libc.
723.It Va WITHOUT_INCLUDES
724Do not install header files.
725This option used to be spelled
726.Va NO_INCS .
727.Bf -symbolic
728The option does not work for build targets.
729.Ef
730.It Va WITHOUT_INET
731Do not build programs and libraries related to IPv4 networking.
732When set, it enforces these options:
733.Pp
734.Bl -item -compact
735.It
736.Va WITHOUT_INET_SUPPORT
737.El
738.It Va WITHOUT_INET6
739Do not build
740programs and libraries related to IPv6 networking.
741When set, it enforces these options:
742.Pp
743.Bl -item -compact
744.It
745.Va WITHOUT_INET6_SUPPORT
746.El
747.It Va WITHOUT_INET6_SUPPORT
748Build libraries, programs, and kernel modules without IPv6 support.
749.It Va WITHOUT_INETD
750Do not build
751.Xr inetd 8 .
752.It Va WITHOUT_INET_SUPPORT
753Build libraries, programs, and kernel modules without IPv4 support.
754.It Va WITH_INIT_ALL_PATTERN
755Build the base system or kernel with stack variables initialized to
756.Pq compiler defined
757debugging patterns on function entry.
758This option requires the clang compiler.
759.It Va WITH_INIT_ALL_ZERO
760Build the base system or kernel with stack variables initialized
761to zero on function entry.
762This option requires that the clang compiler be used.
763.It Va WITHOUT_INSTALLLIB
764Set this to not install optional libraries.
765For example, when creating a
766.Xr nanobsd 8
767image.
768.Bf -symbolic
769The option does not work for build targets.
770.Ef
771.It Va WITH_INSTALL_AS_USER
772Make install targets succeed for non-root users by installing
773files with owner and group attributes set to that of the user running
774the
775.Xr make 1
776command.
777The user still must set the
778.Va DESTDIR
779variable to point to a directory where the user has write permissions.
780.It Va WITHOUT_IPFILTER
781Do not build IP Filter package.
782.It Va WITHOUT_IPFW
783Do not build IPFW tools.
784.It Va WITHOUT_IPSEC_SUPPORT
785Do not build the kernel with
786.Xr ipsec 4
787support.
788This option is needed for
789.Xr ipsec 4
790and
791.Xr tcpmd5 4 .
792.It Va WITHOUT_ISCSI
793Do not build
794.Xr iscsid 8
795and related utilities.
796.It Va WITHOUT_JAIL
797Do not build tools for the support of jails; e.g.,
798.Xr jail 8 .
799.It Va WITHOUT_KDUMP
800Do not build
801.Xr kdump 1
802and
803.Xr truss 1 .
804.It Va WITHOUT_KERBEROS
805Set this to not build Kerberos 5 (KTH Heimdal).
806When set, these options are also in effect:
807.Pp
808.Bl -inset -compact
809.It Va WITHOUT_GSSAPI
810(unless
811.Va WITH_GSSAPI
812is set explicitly)
813.It Va WITHOUT_KERBEROS_SUPPORT
814(unless
815.Va WITH_KERBEROS_SUPPORT
816is set explicitly)
817.El
818.It Va WITHOUT_KERBEROS_SUPPORT
819Build some programs without Kerberos support, like
820.Xr ssh 1 ,
821.Xr telnet 1 ,
822and
823.Xr sshd 8 .
824.It Va WITH_KERNEL_RETPOLINE
825Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel
826build.
827.It Va WITHOUT_KERNEL_SYMBOLS
828Do not install standalone kernel debug symbol files.
829This option has no effect at build time.
830.It Va WITHOUT_KVM
831Do not build the
832.Nm libkvm
833library as a part of the base system.
834.Bf -symbolic
835The option has no effect yet.
836.Ef
837When set, these options are also in effect:
838.Pp
839.Bl -inset -compact
840.It Va WITHOUT_KVM_SUPPORT
841(unless
842.Va WITH_KVM_SUPPORT
843is set explicitly)
844.El
845.It Va WITHOUT_KVM_SUPPORT
846Build some programs without optional
847.Nm libkvm
848support.
849.It Va WITHOUT_LDNS
850Setting this variable will prevent the LDNS library from being built.
851When set, it enforces these options:
852.Pp
853.Bl -item -compact
854.It
855.Va WITHOUT_LDNS_UTILS
856.It
857.Va WITHOUT_UNBOUND
858.El
859.It Va WITHOUT_LDNS_UTILS
860Setting this variable will prevent building the LDNS utilities
861.Xr drill 1
862and
863.Xr host 1 .
864.It Va WITHOUT_LEGACY_CONSOLE
865Do not build programs that support a legacy PC console; e.g.,
866.Xr kbdcontrol 1
867and
868.Xr vidcontrol 1 .
869.It Va WITHOUT_LIB32
870On 64-bit platforms, do not build 32-bit library set and a
871.Nm ld-elf32.so.1
872runtime linker.
873.Pp
874This is a default setting on
875arm/armv6, arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64.
876.It Va WITH_LIB32
877On 64-bit platforms, build the 32-bit library set and a
878.Nm ld-elf32.so.1
879runtime linker.
880.Pp
881This is a default setting on
882amd64/amd64 and powerpc/powerpc64.
883.It Va WITHOUT_LLD
884Do not build LLVM's lld linker.
885.It Va WITHOUT_LLDB
886Do not build the LLDB debugger.
887.Pp
888This is a default setting on
889arm/armv6, arm/armv7 and riscv/riscv64.
890.It Va WITH_LLDB
891Build the LLDB debugger.
892.Pp
893This is a default setting on
894amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
895.It Va WITHOUT_LLD_BOOTSTRAP
896Do not build the LLD linker during the bootstrap phase of
897the build.
898To be able to build the system an alternate linker must be provided via XLD.
899.It Va WITHOUT_LLD_IS_LD
900Do not install a
901.Pa /usr/bin/ld symlink
902to
903.Pa ld.lld .
904The system will not have a usable tool chain unless a linker is provided
905some other way.
906.It Va WITHOUT_LLVM_ASSERTIONS
907Disable debugging assertions in LLVM.
908.It Va WITH_LLVM_BINUTILS
909Install LLVM's binutils (without an llvm- prefix),
910instead of ELF Tool Chain's tools.
911This includes
912.Xr addr2line 1 ,
913.Xr ar 1 ,
914.Xr nm 1 ,
915.Xr objcopy 1 ,
916.Xr ranlib 1 ,
917.Xr readelf 1 ,
918.Xr size 1 ,
919and
920.Xr strip 1 .
921Regardless of this setting, LLVM tools are used for
922.Xr c++filt 1
923and
924.Xr objdump 1 .
925.Xr strings 1
926is always provided by ELF Tool Chain.
927.It Va WITHOUT_LLVM_COV
928Do not build the
929.Xr llvm-cov 1
930tool.
931.It Va WITHOUT_LLVM_CXXFILT
932Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt.
933.It Va WITHOUT_LLVM_TARGET_AARCH64
934Do not build LLVM target support for AArch64.
935The
936.Va LLVM_TARGET_ALL
937option should be used rather than this in most cases.
938.It Va WITHOUT_LLVM_TARGET_ALL
939Only build the required LLVM target support.
940This option is preferred to specific target support options.
941When set, these options are also in effect:
942.Pp
943.Bl -inset -compact
944.It Va WITHOUT_LLVM_TARGET_AARCH64
945(unless
946.Va WITH_LLVM_TARGET_AARCH64
947is set explicitly)
948.It Va WITHOUT_LLVM_TARGET_ARM
949(unless
950.Va WITH_LLVM_TARGET_ARM
951is set explicitly)
952.It Va WITHOUT_LLVM_TARGET_POWERPC
953(unless
954.Va WITH_LLVM_TARGET_POWERPC
955is set explicitly)
956.It Va WITHOUT_LLVM_TARGET_RISCV
957(unless
958.Va WITH_LLVM_TARGET_RISCV
959is set explicitly)
960.El
961.It Va WITHOUT_LLVM_TARGET_ARM
962Do not build LLVM target support for ARM.
963The
964.Va LLVM_TARGET_ALL
965option should be used rather than this in most cases.
966.It Va WITH_LLVM_TARGET_BPF
967Build LLVM target support for BPF.
968The
969.Va LLVM_TARGET_ALL
970option should be used rather than this in most cases.
971.It Va WITH_LLVM_TARGET_MIPS
972Build LLVM target support for MIPS.
973The
974.Va LLVM_TARGET_ALL
975option should be used rather than this in most cases.
976.It Va WITHOUT_LLVM_TARGET_POWERPC
977Do not build LLVM target support for PowerPC.
978The
979.Va LLVM_TARGET_ALL
980option should be used rather than this in most cases.
981.It Va WITHOUT_LLVM_TARGET_RISCV
982Do not build LLVM target support for RISC-V.
983The
984.Va LLVM_TARGET_ALL
985option should be used rather than this in most cases.
986.It Va WITHOUT_LLVM_TARGET_X86
987Do not build LLVM target support for X86.
988The
989.Va LLVM_TARGET_ALL
990option should be used rather than this in most cases.
991.It Va WITH_LOADER_EFI_SECUREBOOT
992Enable building
993.Xr loader 8
994with support for verification based on certificates obtained from UEFI.
995.It Va WITHOUT_LOADER_GELI
996Disable inclusion of GELI crypto support in the boot chain binaries.
997.Pp
998This is a default setting on
999powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
1000.It Va WITH_LOADER_GELI
1001Build GELI bootloader support.
1002.Pp
1003This is a default setting on
1004amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
1005.It Va WITHOUT_LOADER_KBOOT
1006Do not build kboot, a linuxboot environment loader
1007.Pp
1008This is a default setting on
1009arm/armv6, arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64.
1010.It Va WITH_LOADER_KBOOT
1011Build kboot, a linuxboot environment loader
1012.Pp
1013This is a default setting on
1014amd64/amd64, arm64/aarch64 and powerpc/powerpc64.
1015.It Va WITHOUT_LOADER_LUA
1016Do not build LUA bindings for the boot loader.
1017.Pp
1018This is a default setting on
1019powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
1020.It Va WITH_LOADER_LUA
1021Build LUA bindings for the boot loader.
1022.Pp
1023This is a default setting on
1024amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
1025.It Va WITHOUT_LOADER_OFW
1026Disable building of openfirmware bootloader components.
1027.Pp
1028This is a default setting on
1029amd64/amd64, arm/armv6, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
1030.It Va WITH_LOADER_OFW
1031Build openfirmware bootloader components.
1032.Pp
1033This is a default setting on
1034powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
1035.It Va WITHOUT_LOADER_UBOOT
1036Disable building of ubldr.
1037.Pp
1038This is a default setting on
1039amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64.
1040.It Va WITH_LOADER_UBOOT
1041Build ubldr.
1042.Pp
1043This is a default setting on
1044arm/armv6, arm/armv7, powerpc/powerpc and powerpc/powerpc64.
1045.It Va WITH_LOADER_VERBOSE
1046Build with extra verbose debugging in the loader.
1047May explode already nearly too large loader over the limit.
1048Use with care.
1049.It Va WITH_LOADER_VERIEXEC
1050Enable building
1051.Xr loader 8
1052with support for verification similar to Verified Exec.
1053.Pp
1054Depends on
1055.Va WITH_BEARSSL .
1056When set, these options are also in effect:
1057.Pp
1058.Bl -inset -compact
1059.It Va WITH_LOADER_EFI_SECUREBOOT
1060(unless
1061.Va WITHOUT_LOADER_EFI_SECUREBOOT
1062is set explicitly)
1063.It Va WITH_LOADER_VERIEXEC_VECTX
1064(unless
1065.Va WITHOUT_LOADER_VERIEXEC_VECTX
1066is set explicitly)
1067.El
1068.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST
1069Enable building
1070.Xr loader 8
1071with support to pass a verified manifest to the kernel.
1072The kernel has to be built with a module to parse the manifest.
1073.Pp
1074Depends on
1075.Va WITH_LOADER_VERIEXEC .
1076.It Va WITH_LOADER_VERIEXEC_VECTX
1077Enable building
1078.Xr loader 8
1079with support for hashing and verifying kernel and modules as a side effect
1080of loading.
1081.Pp
1082Depends on
1083.Va WITH_LOADER_VERIEXEC .
1084.It Va WITHOUT_LOADER_ZFS
1085Do not build ZFS file system boot loader support.
1086.It Va WITHOUT_LOCALES
1087Do not build localization files; see
1088.Xr locale 1 .
1089.It Va WITHOUT_LOCATE
1090Do not build
1091.Xr locate 1
1092and related programs.
1093.It Va WITHOUT_LPR
1094Do not build
1095.Xr lpr 1
1096and related programs.
1097.It Va WITHOUT_LS_COLORS
1098Build
1099.Xr ls 1
1100without support for colors to distinguish file types.
1101.It Va WITHOUT_MACHDEP_OPTIMIZATIONS
1102Prefer machine-independent non-assembler code in libc and libm.
1103.It Va WITHOUT_MAIL
1104Do not build any mail support (MUA or MTA).
1105When set, it enforces these options:
1106.Pp
1107.Bl -item -compact
1108.It
1109.Va WITHOUT_DMAGENT
1110.It
1111.Va WITHOUT_MAILWRAPPER
1112.It
1113.Va WITHOUT_SENDMAIL
1114.El
1115.It Va WITHOUT_MAILWRAPPER
1116Do not build the
1117.Xr mailwrapper 8
1118MTA selector.
1119.It Va WITHOUT_MAKE
1120Do not install
1121.Xr make 1
1122and related support files.
1123.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX
1124Do not execute
1125.Dq Li "make check"
1126in limited sandbox mode.
1127This option should be paired with
1128.Va WITH_INSTALL_AS_USER
1129if executed as an unprivileged user.
1130See
1131.Xr tests 7
1132for more details.
1133.It Va WITH_MALLOC_PRODUCTION
1134Disable assertions and statistics gathering in
1135.Xr malloc 3 .
1136It also defaults the A and J runtime options to off.
1137.It Va WITHOUT_MAN
1138Do not build manual pages.
1139When set, these options are also in effect:
1140.Pp
1141.Bl -inset -compact
1142.It Va WITHOUT_MAN_UTILS
1143(unless
1144.Va WITH_MAN_UTILS
1145is set explicitly)
1146.El
1147.It Va WITHOUT_MANCOMPRESS
1148Do not install compressed man pages.
1149Only the uncompressed versions will be installed.
1150.It Va WITH_MANSPLITPKG
1151Split man pages into their own packages during make package.
1152.It Va WITHOUT_MAN_UTILS
1153Do not build utilities for manual pages,
1154.Xr apropos 1 ,
1155.Xr makewhatis 1 ,
1156.Xr man 1 ,
1157.Xr whatis 1 ,
1158.Xr manctl 8 ,
1159and related support files.
1160.It Va WITH_META_MODE
1161Create
1162.Xr make 1
1163meta files when building, which can provide a reliable incremental build when
1164using
1165.Xr filemon 4 .
1166The meta file is created in OBJDIR as
1167.Pa target.meta .
1168These meta files track the command that was executed, its output, and the
1169current directory.
1170The
1171.Xr filemon 4
1172module is required unless
1173.Va NO_FILEMON
1174is defined.
1175When the module is loaded, any files used by the commands executed are
1176tracked as dependencies for the target in its meta file.
1177The target is considered out-of-date and rebuilt if any of these
1178conditions are true compared to the last build:
1179.Bl -bullet -compact
1180.It
1181The command to execute changes.
1182.It
1183The current working directory changes.
1184.It
1185The target's meta file is missing.
1186.It
1187The target's meta file is missing filemon data when filemon is loaded
1188and a previous run did not have it loaded.
1189.It
1190[requires
1191.Xr filemon 4 ]
1192Files read, executed or linked to are newer than the target.
1193.It
1194[requires
1195.Xr filemon 4 ]
1196Files read, written, executed or linked are missing.
1197.El
1198The meta files can also be useful for debugging.
1199.Pp
1200The build hides commands that are executed unless
1201.Va NO_SILENT
1202is defined.
1203Errors cause
1204.Xr make 1
1205to show some of its environment for further debugging.
1206.Pp
1207The build operates as it normally would otherwise.
1208This option originally invoked a different build system but that was renamed
1209to
1210.Va WITH_DIRDEPS_BUILD .
1211.Pp
1212This must be set in the environment, make command line, or
1213.Pa /etc/src-env.conf ,
1214not
1215.Pa /etc/src.conf .
1216.It Va WITHOUT_MLX5TOOL
1217Do not build
1218.Xr mlx5tool 8
1219.Pp
1220This is a default setting on
1221arm/armv6, arm/armv7, powerpc/powerpc and riscv/riscv64.
1222.It Va WITH_MLX5TOOL
1223Build
1224.Xr mlx5tool 8
1225.Pp
1226This is a default setting on
1227amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
1228.It Va WITHOUT_NETCAT
1229Do not build
1230.Xr nc 1
1231utility.
1232.It Va WITHOUT_NETGRAPH
1233Do not build applications to support
1234.Xr netgraph 4 .
1235When set, it enforces these options:
1236.Pp
1237.Bl -item -compact
1238.It
1239.Va WITHOUT_BLUETOOTH
1240.El
1241.Pp
1242When set, these options are also in effect:
1243.Pp
1244.Bl -inset -compact
1245.It Va WITHOUT_NETGRAPH_SUPPORT
1246(unless
1247.Va WITH_NETGRAPH_SUPPORT
1248is set explicitly)
1249.El
1250.It Va WITHOUT_NETGRAPH_SUPPORT
1251Build libraries, programs, and kernel modules without netgraph support.
1252.It Va WITHOUT_NETLINK_SUPPORT
1253Make libraries and programs use rtsock and
1254.Xr sysctl 3
1255interfaces instead of
1256.Xr snl 3 .
1257.Pp
1258This is a default setting on
1259arm/armv6, arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1260.It Va WITH_NETLINK_SUPPORT
1261Make libraries and programs use
1262.Xr snl 3
1263interfaces instead of rtsock and
1264.Xr sysctl 3 .
1265.Pp
1266This is a default setting on
1267amd64/amd64 and i386/i386.
1268.It Va WITHOUT_NIS
1269Do not build
1270.Xr NIS 8
1271support and related programs.
1272If set, you might need to adopt your
1273.Xr nsswitch.conf 5
1274and remove
1275.Sq nis
1276entries.
1277.It Va WITHOUT_NLS
1278Do not build NLS catalogs.
1279When set, it enforces these options:
1280.Pp
1281.Bl -item -compact
1282.It
1283.Va WITHOUT_NLS_CATALOGS
1284.El
1285.It Va WITHOUT_NLS_CATALOGS
1286Do not build NLS catalog support for
1287.Xr csh 1 .
1288.It Va WITHOUT_NS_CACHING
1289Disable name caching in the
1290.Pa nsswitch
1291subsystem.
1292The generic caching daemon,
1293.Xr nscd 8 ,
1294will not be built either if this option is set.
1295.It Va WITHOUT_NTP
1296Do not build
1297.Xr ntpd 8
1298and related programs.
1299.It Va WITHOUT_NVME
1300Do not build nvme related tools and kernel modules.
1301.Pp
1302This is a default setting on
1303arm/armv6, arm/armv7, powerpc/powerpc and riscv/riscv64.
1304.It Va WITH_NVME
1305Build nvme related tools and kernel modules.
1306.Pp
1307This is a default setting on
1308amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
1309.It Va WITHOUT_OFED
1310Do not build the
1311.Dq "OpenFabrics Enterprise Distribution"
1312InfiniBand software stack, including kernel modules and userspace libraries.
1313.Pp
1314This is a default setting on
1315arm/armv6 and arm/armv7.
1316When set, it enforces these options:
1317.Pp
1318.Bl -item -compact
1319.It
1320.Va WITHOUT_OFED_EXTRA
1321.El
1322.It Va WITH_OFED
1323Build the
1324.Dq "OpenFabrics Enterprise Distribution"
1325InfiniBand software stack, including kernel modules and userspace libraries.
1326.Pp
1327This is a default setting on
1328amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1329.It Va WITH_OFED_EXTRA
1330Build the non-essential components of the
1331.Dq "OpenFabrics Enterprise Distribution"
1332Infiniband software stack, mostly examples.
1333.It Va WITH_OPENLDAP
1334Enable building LDAP support for kerberos using an openldap client from ports.
1335.It Va WITHOUT_OPENMP
1336Do not build LLVM's OpenMP runtime.
1337.Pp
1338This is a default setting on
1339arm/armv6, arm/armv7 and powerpc/powerpc.
1340.It Va WITH_OPENMP
1341Build LLVM's OpenMP runtime.
1342.Pp
1343This is a default setting on
1344amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1345.It Va WITHOUT_OPENSSH
1346Do not build OpenSSH.
1347.It Va WITHOUT_OPENSSL
1348Do not build OpenSSL.
1349When set, it enforces these options:
1350.Pp
1351.Bl -item -compact
1352.It
1353.Va WITHOUT_DMAGENT
1354.It
1355.Va WITHOUT_KERBEROS
1356.It
1357.Va WITHOUT_KERBEROS_SUPPORT
1358.It
1359.Va WITHOUT_LDNS
1360.It
1361.Va WITHOUT_LDNS_UTILS
1362.It
1363.Va WITHOUT_LOADER_ZFS
1364.It
1365.Va WITHOUT_OPENSSH
1366.It
1367.Va WITHOUT_OPENSSL_KTLS
1368.It
1369.Va WITHOUT_PKGBOOTSTRAP
1370.It
1371.Va WITHOUT_UNBOUND
1372.It
1373.Va WITHOUT_ZFS
1374.El
1375.Pp
1376When set, these options are also in effect:
1377.Pp
1378.Bl -inset -compact
1379.It Va WITHOUT_GSSAPI
1380(unless
1381.Va WITH_GSSAPI
1382is set explicitly)
1383.El
1384.It Va WITHOUT_OPENSSL_KTLS
1385Do not include kernel TLS support in OpenSSL.
1386.Pp
1387This is a default setting on
1388arm/armv6, arm/armv7, i386/i386, powerpc/powerpc and riscv/riscv64.
1389.It Va WITH_OPENSSL_KTLS
1390Include kernel TLS support in OpenSSL.
1391.Pp
1392This is a default setting on
1393amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le.
1394.It Va WITHOUT_PAM
1395Do not build PAM library and modules.
1396.Bf -symbolic
1397This option is deprecated and does nothing.
1398.Ef
1399When set, these options are also in effect:
1400.Pp
1401.Bl -inset -compact
1402.It Va WITHOUT_PAM_SUPPORT
1403(unless
1404.Va WITH_PAM_SUPPORT
1405is set explicitly)
1406.El
1407.It Va WITHOUT_PAM_SUPPORT
1408Build some programs without PAM support, particularly
1409.Xr ftpd 8
1410and
1411.Xr ppp 8 .
1412.It Va WITHOUT_PF
1413Do not build PF firewall package.
1414When set, it enforces these options:
1415.Pp
1416.Bl -item -compact
1417.It
1418.Va WITHOUT_AUTHPF
1419.El
1420.It Va WITHOUT_PIE
1421Do not build dynamically linked binaries as
1422Position-Independent Executable (PIE).
1423.Pp
1424This is a default setting on
1425arm/armv6, arm/armv7, i386/i386 and powerpc/powerpc.
1426.It Va WITH_PIE
1427Build dynamically linked binaries as
1428Position-Independent Executable (PIE).
1429.Pp
1430This is a default setting on
1431amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1432.It Va WITHOUT_PKGBOOTSTRAP
1433Do not build
1434.Xr pkg 7
1435bootstrap tool.
1436.It Va WITHOUT_PMC
1437Do not build
1438.Xr pmccontrol 8
1439and related programs.
1440.It Va WITHOUT_PPP
1441Do not build
1442.Xr ppp 8
1443and related programs.
1444.It Va WITH_PROFILE
1445Build profiled libraries for use with
1446.Xr gprof 8 .
1447This option is deprecated and may not be present in a future version of
1448.Fx .
1449.It Va WITHOUT_QUOTAS
1450Do not build
1451.Xr quota 1
1452and related programs.
1453.It Va WITHOUT_RADIUS_SUPPORT
1454Do not build radius support into various applications, like
1455.Xr pam_radius 8
1456and
1457.Xr ppp 8 .
1458.It Va WITH_RATELIMIT
1459Build the system with rate limit support.
1460.Pp
1461This makes
1462.Dv SO_MAX_PACING_RATE
1463effective in
1464.Xr getsockopt 2 ,
1465and
1466.Ar txrlimit
1467support in
1468.Xr ifconfig 8 ,
1469by proxy.
1470.It Va WITHOUT_RBOOTD
1471Do not build or install
1472.Xr rbootd 8 .
1473.It Va WITHOUT_RELRO
1474Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation.
1475See also the
1476.Va BIND_NOW
1477option.
1478.It Va WITH_REPRODUCIBLE_BUILD
1479Exclude build metadata (such as the build time, user, or host)
1480from the kernel, boot loaders, and uname output, so that builds produce
1481bit-for-bit identical output.
1482.It Va WITHOUT_RESCUE
1483Do not build
1484.Xr rescue 8 .
1485.It Va WITH_RETPOLINE
1486Build the base system with the retpoline speculative execution
1487vulnerability mitigation for CVE-2017-5715.
1488.It Va WITHOUT_ROUTED
1489Do not build
1490.Xr routed 8
1491utility.
1492.It Va WITH_RPCBIND_WARMSTART_SUPPORT
1493Build
1494.Xr rpcbind 8
1495with warmstart support.
1496.It Va WITHOUT_SCTP_SUPPORT
1497Disable support in the kernel for the
1498.Xr sctp 4
1499Stream Control Transmission Protocol
1500loadable kernel module.
1501.It Va WITHOUT_SENDMAIL
1502Do not build
1503.Xr sendmail 8
1504and related programs.
1505.It Va WITHOUT_SERVICESDB
1506Do not install
1507.Pa /var/db/services.db .
1508.It Va WITHOUT_SETUID_LOGIN
1509Set this to disable the installation of
1510.Xr login 1
1511as a set-user-ID root program.
1512.It Va WITHOUT_SHAREDOCS
1513Do not build the
1514.Bx 4.4
1515legacy docs.
1516.It Va WITHOUT_SHARED_TOOLCHAIN
1517Build the toolchain binaries as statically linked executables.
1518The set includes
1519.Xr cc 1 ,
1520.Xr make 1
1521and necessary utilities like assembler, linker and library archive manager.
1522.It Va WITH_SORT_THREADS
1523Enable threads in
1524.Xr sort 1 .
1525.It Va WITHOUT_SOURCELESS
1526Do not build kernel modules that include sourceless code (either microcode or native code for host CPU).
1527When set, it enforces these options:
1528.Pp
1529.Bl -item -compact
1530.It
1531.Va WITHOUT_SOURCELESS_HOST
1532.It
1533.Va WITHOUT_SOURCELESS_UCODE
1534.El
1535.It Va WITHOUT_SOURCELESS_HOST
1536Do not build kernel modules that include sourceless native code for host CPU.
1537.It Va WITHOUT_SOURCELESS_UCODE
1538Do not build kernel modules that include sourceless microcode.
1539.It Va WITHOUT_SPLIT_KERNEL_DEBUG
1540Do not build standalone kernel debug files.
1541Debug data (if enabled by the kernel configuration file)
1542will be included in the kernel and modules.
1543When set, it enforces these options:
1544.Pp
1545.Bl -item -compact
1546.It
1547.Va WITHOUT_KERNEL_SYMBOLS
1548.El
1549.It Va WITHOUT_SSP
1550Do not build world with propolice stack smashing protection.
1551.It Va WITH_STAGING
1552Enable staging of files to a stage tree.
1553This can be best thought of as auto-install to
1554.Va DESTDIR
1555with some extra meta data to ensure dependencies can be tracked.
1556Depends on
1557.Va WITH_DIRDEPS_BUILD .
1558When set, these options are also in effect:
1559.Pp
1560.Bl -inset -compact
1561.It Va WITH_STAGING_MAN
1562(unless
1563.Va WITHOUT_STAGING_MAN
1564is set explicitly)
1565.It Va WITH_STAGING_PROG
1566(unless
1567.Va WITHOUT_STAGING_PROG
1568is set explicitly)
1569.El
1570.Pp
1571This must be set in the environment, make command line, or
1572.Pa /etc/src-env.conf ,
1573not
1574.Pa /etc/src.conf .
1575.It Va WITH_STAGING_MAN
1576Enable staging of man pages to stage tree.
1577.It Va WITH_STAGING_PROG
1578Enable staging of PROGs to stage tree.
1579.It Va WITH_STALE_STAGED
1580Check staged files are not stale.
1581.It Va WITHOUT_STATS
1582Neither build nor install
1583.Lb libstats
1584and dependent binaries.
1585.It Va WITHOUT_SYSCONS
1586Do not build
1587.Xr syscons 4
1588support files such as keyboard maps, fonts, and screen output maps.
1589.It Va WITH_SYSROOT
1590Enable use of sysroot during build.
1591Depends on
1592.Va WITH_DIRDEPS_BUILD .
1593.Pp
1594This must be set in the environment, make command line, or
1595.Pa /etc/src-env.conf ,
1596not
1597.Pa /etc/src.conf .
1598.It Va WITHOUT_SYSTEM_COMPILER
1599Do not opportunistically skip building a cross-compiler during the
1600bootstrap phase of the build.
1601Normally, if the currently installed compiler matches the planned bootstrap
1602compiler type and revision, then it will not be built.
1603This does not prevent a compiler from being built for installation though,
1604only for building one for the build itself.
1605The
1606.Va WITHOUT_CLANG
1607option controls that.
1608.It Va WITHOUT_SYSTEM_LINKER
1609Do not opportunistically skip building a cross-linker during the
1610bootstrap phase of the build.
1611Normally, if the currently installed linker matches the planned bootstrap
1612linker type and revision, then it will not be built.
1613This does not prevent a linker from being built for installation though,
1614only for building one for the build itself.
1615The
1616.Va WITHOUT_LLD
1617option controls that.
1618.Pp
1619This option is only relevant when
1620.Va WITH_LLD_BOOTSTRAP
1621is set.
1622.It Va WITHOUT_TALK
1623Do not build or install
1624.Xr talk 1
1625and
1626.Xr talkd 8 .
1627.It Va WITHOUT_TCP_WRAPPERS
1628Do not build or install
1629.Xr tcpd 8 ,
1630and related utilities.
1631.It Va WITHOUT_TCSH
1632Do not build and install
1633.Pa /bin/csh
1634(which is
1635.Xr tcsh 1 ) .
1636.It Va WITHOUT_TELNET
1637Do not build
1638.Xr telnet 1
1639and related programs.
1640.It Va WITHOUT_TESTS
1641Do not build nor install the
1642.Fx
1643Test Suite in
1644.Pa /usr/tests/ .
1645See
1646.Xr tests 7
1647for more details.
1648This also disables the build of all test-related dependencies, including ATF.
1649When set, it enforces these options:
1650.Pp
1651.Bl -item -compact
1652.It
1653.Va WITHOUT_DTRACE_TESTS
1654.El
1655.Pp
1656When set, these options are also in effect:
1657.Pp
1658.Bl -inset -compact
1659.It Va WITHOUT_GOOGLETEST
1660(unless
1661.Va WITH_GOOGLETEST
1662is set explicitly)
1663.It Va WITHOUT_TESTS_SUPPORT
1664(unless
1665.Va WITH_TESTS_SUPPORT
1666is set explicitly)
1667.El
1668.It Va WITHOUT_TESTS_SUPPORT
1669Disable the build of all test-related dependencies, including ATF.
1670When set, it enforces these options:
1671.Pp
1672.Bl -item -compact
1673.It
1674.Va WITHOUT_GOOGLETEST
1675.El
1676.It Va WITHOUT_TEXTPROC
1677Do not build
1678programs used for text processing.
1679.It Va WITHOUT_TFTP
1680Do not build or install
1681.Xr tftp 1
1682and
1683.Xr tftpd 8 .
1684.It Va WITHOUT_TOOLCHAIN
1685Do not install header or
1686programs used for program development,
1687compilers, debuggers etc.
1688When set, it enforces these options:
1689.Pp
1690.Bl -item -compact
1691.It
1692.Va WITHOUT_CLANG
1693.It
1694.Va WITHOUT_CLANG_EXTRAS
1695.It
1696.Va WITHOUT_CLANG_FORMAT
1697.It
1698.Va WITHOUT_CLANG_FULL
1699.It
1700.Va WITHOUT_INCLUDES
1701.It
1702.Va WITHOUT_LLD
1703.It
1704.Va WITHOUT_LLDB
1705.It
1706.Va WITHOUT_LLVM_COV
1707.El
1708.It Va WITH_UBSAN
1709Build the base system with Undefined Behavior Sanitizer (UBSan) to detect
1710various kinds of undefined behavior at runtime.
1711Requires that Clang be used as the base system compiler
1712and that the runtime support library is available
1713.It Va WITHOUT_UNBOUND
1714Do not build
1715.Xr unbound 8
1716and related programs.
1717.It Va WITHOUT_UNIFIED_OBJDIR
1718Use the historical object directory format for
1719.Xr build 7
1720targets.
1721For native-builds and builds done directly in sub-directories the format of
1722.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR}
1723is used,
1724while for cross-builds
1725.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR}
1726is used.
1727.Pp
1728This option is transitional and will be removed in a future version of
1729.Fx ,
1730at which time
1731.Va WITH_UNIFIED_OBJDIR
1732will be enabled permanently.
1733.Pp
1734This must be set in the environment, make command line, or
1735.Pa /etc/src-env.conf ,
1736not
1737.Pa /etc/src.conf .
1738.It Va WITHOUT_USB
1739Do not build USB-related programs and libraries.
1740.It Va WITHOUT_USB_GADGET_EXAMPLES
1741Do not build USB gadget kernel modules.
1742.It Va WITHOUT_UTMPX
1743Do not build user accounting tools such as
1744.Xr last 1 ,
1745.Xr users 1 ,
1746.Xr who 1 ,
1747.Xr ac 8 ,
1748.Xr lastlogin 8
1749and
1750.Xr utx 8 .
1751.It Va WITH_VERIEXEC
1752Enable building
1753.Xr veriexec 8
1754which loads the contents of verified manifests into the kernel
1755for use by
1756.Xr mac_veriexec 4
1757.Pp
1758Depends on
1759.Va WITH_BEARSSL .
1760.It Va WITHOUT_VI
1761Do not build and install vi, view, ex and related programs.
1762.It Va WITHOUT_VT
1763Do not build
1764.Xr vt 4
1765support files (fonts and keymaps).
1766.It Va WITHOUT_WARNS
1767Set this to not add warning flags to the compiler invocations.
1768Useful as a temporary workaround when code enters the tree
1769which triggers warnings in environments that differ from the
1770original developer.
1771.It Va WITHOUT_WERROR
1772Set this to not treat compiler warnings as errors.
1773Useful as a temporary workaround when working on fixing compiler warnings.
1774When set, warnings are still printed in the build log but do not fail the build.
1775.It Va WITHOUT_WIRELESS
1776Do not build programs used for 802.11 wireless networks; especially
1777.Xr wpa_supplicant 8
1778and
1779.Xr hostapd 8 .
1780When set, these options are also in effect:
1781.Pp
1782.Bl -inset -compact
1783.It Va WITHOUT_WIRELESS_SUPPORT
1784(unless
1785.Va WITH_WIRELESS_SUPPORT
1786is set explicitly)
1787.El
1788.It Va WITHOUT_WIRELESS_SUPPORT
1789Build libraries, programs, and kernel modules without
1790802.11 wireless support.
1791.It Va WITHOUT_WPA_SUPPLICANT_EAPOL
1792Build
1793.Xr wpa_supplicant 8
1794without support for the IEEE 802.1X protocol and without
1795support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS
1796protocols (usable only via 802.1X).
1797.It Va WITHOUT_ZFS
1798Do not build the ZFS file system kernel module, libraries such as
1799.Xr libbe 3 ,
1800and user commands such as
1801.Xr zpool 8
1802or
1803.Xr zfs 8 .
1804Also disable ZFS support in utilities and libraries which implement
1805ZFS-specific functionality.
1806.It Va WITHOUT_ZONEINFO
1807Do not build the timezone database.
1808When set, it enforces these options:
1809.Pp
1810.Bl -item -compact
1811.It
1812.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT
1813.El
1814.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT
1815Build leapsecond information in to the timezone database.
1816.El
1817.Sh FILES
1818.Bl -tag -compact -width Pa
1819.It Pa /etc/src.conf
1820.It Pa /etc/src-env.conf
1821.It Pa /usr/share/mk/bsd.own.mk
1822.El
1823.Sh SEE ALSO
1824.Xr make 1 ,
1825.Xr make.conf 5 ,
1826.Xr build 7 ,
1827.Xr ports 7
1828.Sh HISTORY
1829The
1830.Nm
1831file appeared in
1832.Fx 7.0 .
1833.Sh AUTHORS
1834This manual page was autogenerated by
1835.An tools/build/options/makeman .
1836