1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. 2.Dd September 25, 2025 3.Dt SRC.CONF 5 4.Os 5.Sh NAME 6.Nm src.conf 7.Nd "source build options" 8.Sh DESCRIPTION 9The 10.Nm 11file contains variables that control what components will be generated during 12the build process of the 13.Fx 14source tree; see 15.Xr build 7 . 16.Pp 17The 18.Nm 19file uses the standard makefile syntax. 20However, 21.Nm 22should not specify any dependencies to 23.Xr make 1 . 24Instead, 25.Nm 26is to set 27.Xr make 1 28variables that control the aspects of how the system builds. 29.Pp 30The default location of 31.Nm 32is the top level of the source tree, or 33.Pa /etc/src.conf 34if no 35.Nm 36is found in the source tree itself, 37though an alternative location can be specified in the 38.Xr make 1 39variable 40.Va SRCCONF . 41Overriding the location of 42.Nm 43may be necessary if the system-wide settings are not suitable 44for a particular build. 45For instance, setting 46.Va SRCCONF 47to 48.Pa /dev/null 49effectively resets all build controls to their defaults. 50.Pp 51The only purpose of 52.Nm 53is to control the compilation of the 54.Fx 55source code, which is usually located in 56.Pa /usr/src . 57As a rule, the system administrator creates 58.Nm 59when the values of certain control variables need to be changed 60from their defaults. 61.Pp 62In addition, control variables can be specified 63for a particular build via the 64.Fl D 65option of 66.Xr make 1 67or in its environment; see 68.Xr environ 7 . 69.Pp 70The environment of 71.Xr make 1 72for the build can be controlled via the 73.Va SRC_ENV_CONF 74variable, which defaults to 75.Pa /etc/src-env.conf . 76Some examples that may only be set in this file are 77.Va WITH_DIRDEPS_BUILD , 78and 79.Va WITH_META_MODE , 80and 81.Va MAKEOBJDIRPREFIX 82as they are environment-only variables. 83.Pp 84The values of 85.Va WITH_ 86and 87.Va WITHOUT_ 88variables are ignored regardless of their setting; 89even if they would be set to 90.Dq Li FALSE 91or 92.Dq Li NO . 93The presence of an option causes 94it to be honored by 95.Xr make 1 . 96.Pp 97This list provides a name and short description for variables 98that can be used for source builds. 99.Bl -tag -width indent 100.It Va WITHOUT_ACCT 101Do not build process accounting tools such as 102.Xr accton 8 103and 104.Xr sa 8 . 105.It Va WITHOUT_ACPI 106Do not build 107.Xr acpiconf 8 , 108.Xr acpidump 8 109and related programs. 110.It Va WITHOUT_APM 111Do not build 112.Xr apm 8 , 113.Xr apmd 8 114and related programs. 115.It Va WITH_ASAN 116Build the base system with Address Sanitizer (ASan) to detect 117memory corruption bugs such as buffer overflows or use-after-free. 118Requires that Clang be used as the base system compiler 119and that the runtime support library is available. 120When set, it enforces these options: 121.Pp 122.Bl -item -compact 123.It 124.Va WITH_LLVM_BINUTILS 125.It 126.Va WITH_LLVM_CXXFILT 127.El 128.It Va WITHOUT_ASSERT_DEBUG 129Compile programs and libraries without the 130.Xr assert 3 131checks. 132.It Va WITHOUT_AT 133Do not build 134.Xr at 1 135and related utilities. 136.It Va WITHOUT_AUDIT 137Do not build audit support into system programs. 138.It Va WITHOUT_AUTHPF 139Do not build 140.Xr authpf 8 . 141.It Va WITHOUT_AUTOFS 142Do not build 143.Xr autofs 4 144related programs, libraries, and kernel modules. 145.It Va WITHOUT_AUTO_OBJ 146Disable automatic creation of objdirs. 147This is enabled by default if the wanted OBJDIR is writable by the current user. 148.Pp 149This must be set in the environment, make command line, or 150.Pa /etc/src-env.conf , 151not 152.Pa /etc/src.conf . 153.It Va WITH_BEARSSL 154Build the BearSSL library. 155.Pp 156BearSSL is a tiny SSL library suitable for embedded environments. 157For details see 158.Lk https://www.BearSSL.org/ 159.Pp 160This library is currently only used to perform 161signature verification and related operations 162for Verified Exec and 163.Xr loader 8 . 164.Pp 165Due to size constraints in the BIOS environment on x86, one may need to set 166.Va LOADERSIZE 167larger than the 168default 500000, although often loader is under the 500k limit even with 169this option. 170Setting 171.Va LOADERSIZE 172larger than 500000 may cause 173.Xr pxeboot 8 174to be too large to work. 175Careful testing of the loader in the target environment when built with a larger 176limit to establish safe limits is critical because different BIOS environments 177reserve differing amounts of the low 640k space, making a precise limit for 178everybody impossible. 179.Pp 180See also 181.Va WITH_LOADER_PXEBOOT 182for other considerations. 183When set, these options are also in effect: 184.Pp 185.Bl -inset -compact 186.It Va WITH_LOADER_EFI_SECUREBOOT 187(unless 188.Va WITHOUT_LOADER_EFI_SECUREBOOT 189is set explicitly) 190.It Va WITH_LOADER_VERIEXEC 191(unless 192.Va WITHOUT_LOADER_VERIEXEC 193is set explicitly) 194.It Va WITH_LOADER_VERIEXEC_VECTX 195(unless 196.Va WITHOUT_LOADER_VERIEXEC_VECTX 197is set explicitly) 198.It Va WITH_VERIEXEC 199(unless 200.Va WITHOUT_VERIEXEC 201is set explicitly) 202.El 203.It Va WITHOUT_BHYVE 204Do not build or install 205.Xr bhyve 8 , 206associated utilities, and examples. 207.Pp 208This option only affects amd64/amd64 and arm64/aarch64. 209.It Va WITH_BHYVE_SNAPSHOT 210Include support for save and restore (snapshots) in 211.Xr bhyve 8 212and 213.Xr bhyvectl 8 . 214.Pp 215This option only affects amd64/amd64. 216.It Va WITH_BIND_NOW 217Build all binaries with the 218.Dv DF_BIND_NOW 219flag set to indicate that the run-time loader should perform all relocation 220processing at process startup rather than on demand. 221The combination of the 222.Va BIND_NOW 223and 224.Va RELRO 225options provide "full" Relocation Read-Only (RELRO) support. 226With full RELRO the entire GOT is made read-only after performing relocation at 227startup, avoiding GOT overwrite attacks. 228.It Va WITHOUT_BLACKLIST 229Set this if you do not want to build 230.Xr blacklistd 8 231and 232.Xr blacklistctl 8 . 233When set, these options are also in effect: 234.Pp 235.Bl -inset -compact 236.It Va WITHOUT_BLACKLIST_SUPPORT 237(unless 238.Va WITH_BLACKLIST_SUPPORT 239is set explicitly) 240.El 241.It Va WITHOUT_BLACKLIST_SUPPORT 242Build some programs without 243.Xr libblacklist 3 244support, like 245.Xr fingerd 8 246and 247.Xr sshd 8 . 248.It Va WITHOUT_BLUETOOTH 249Do not build Bluetooth related kernel modules, programs and libraries. 250.It Va WITHOUT_BOOT 251Do not build the boot blocks and loader. 252.It Va WITHOUT_BOOTPARAMD 253Do not build or install 254.Xr bootparamd 8 . 255.It Va WITHOUT_BOOTPD 256Do not build or install 257.Xr bootpd 8 . 258.It Va WITH_BRANCH_PROTECTION 259Build with branch protection enabled. 260On arm64 enable the use of pointer authentication and 261branch target identification instructions on arm64. 262These can be used to help mitigate some exploit techniques. 263.It Va WITHOUT_BSDINSTALL 264Do not build 265.Xr bsdinstall 8 , 266.Xr sade 8 , 267and related programs. 268.It Va WITHOUT_BSD_CPIO 269Do not build the BSD licensed version of cpio based on 270.Xr libarchive 3 . 271.It Va WITHOUT_BSNMP 272Do not build or install 273.Xr bsnmpd 1 274and related libraries and data files. 275.It Va WITHOUT_BZIP2 276Do not build contributed bzip2 software as a part of the base system. 277.Bf -symbolic 278The option has no effect yet. 279.Ef 280When set, these options are also in effect: 281.Pp 282.Bl -inset -compact 283.It Va WITHOUT_BZIP2_SUPPORT 284(unless 285.Va WITH_BZIP2_SUPPORT 286is set explicitly) 287.El 288.It Va WITHOUT_BZIP2_SUPPORT 289Build some programs without optional bzip2 support. 290.It Va WITHOUT_CALENDAR 291Do not build 292.Xr calendar 1 . 293.It Va WITHOUT_CAROOT 294Do not add the trusted certificates from the Mozilla NSS bundle to 295base. 296.It Va WITHOUT_CASPER 297This option has no effect. 298.It Va WITH_CCACHE_BUILD 299Use 300.Xr ccache 1 301for the build. 302No configuration is required except to install the 303.Sy devel/ccache 304or 305.Sy devel/sccache 306package. 307When using with 308.Xr distcc 1 , 309set 310.Sy CCACHE_PREFIX=/usr/local/bin/distcc . 311When using with sccache 312set 313.Sy CCACHE_NAME=sccache 314in 315.Xr src.conf 5 . 316The default cache directory of 317.Pa $HOME/.ccache 318will be used, which can be overridden by setting 319.Sy CCACHE_DIR . 320The 321.Sy CCACHE_COMPILERCHECK 322option defaults to 323.Sy content 324when using the in-tree bootstrap compiler, 325and 326.Sy mtime 327when using an external compiler. 328The 329.Sy CCACHE_CPP2 330option is used for Clang but not GCC. 331.Pp 332Sharing a cache between multiple work directories requires using a layout 333similar to 334.Pa /some/prefix/src 335.Pa /some/prefix/obj 336and an environment such as: 337.Bd -literal -offset indent 338CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' 339.Ed 340.Pp 341See 342.Xr ccache 1 343for more configuration options. 344.It Va WITHOUT_CCD 345Do not build 346.Xr geom_ccd 4 347and related utilities. 348.It Va WITHOUT_CDDL 349Do not build code licensed under Sun's CDDL. 350When set, it enforces these options: 351.Pp 352.Bl -item -compact 353.It 354.Va WITHOUT_CTF 355.It 356.Va WITHOUT_DTRACE 357.It 358.Va WITHOUT_LOADER_ZFS 359.It 360.Va WITHOUT_ZFS 361.It 362.Va WITHOUT_ZFS_TESTS 363.El 364.It Va WITHOUT_CLANG 365Do not build the Clang C/C++ compiler during the regular phase of the build. 366When set, it enforces these options: 367.Pp 368.Bl -item -compact 369.It 370.Va WITHOUT_CLANG_EXTRAS 371.It 372.Va WITHOUT_CLANG_FORMAT 373.It 374.Va WITHOUT_CLANG_FULL 375.It 376.Va WITHOUT_LLVM_COV 377.El 378.Pp 379When set, these options are also in effect: 380.Pp 381.Bl -inset -compact 382.It Va WITHOUT_LLVM_TARGET_AARCH64 383(unless 384.Va WITH_LLVM_TARGET_AARCH64 385is set explicitly) 386.It Va WITHOUT_LLVM_TARGET_ALL 387(unless 388.Va WITH_LLVM_TARGET_ALL 389is set explicitly) 390.It Va WITHOUT_LLVM_TARGET_ARM 391(unless 392.Va WITH_LLVM_TARGET_ARM 393is set explicitly) 394.It Va WITHOUT_LLVM_TARGET_POWERPC 395(unless 396.Va WITH_LLVM_TARGET_POWERPC 397is set explicitly) 398.It Va WITHOUT_LLVM_TARGET_RISCV 399(unless 400.Va WITH_LLVM_TARGET_RISCV 401is set explicitly) 402.El 403.It Va WITHOUT_CLANG_BOOTSTRAP 404Do not build the Clang C/C++ compiler during the bootstrap phase of 405the build. 406To be able to build the system, either gcc or clang bootstrap must be 407enabled unless an alternate compiler is provided via XCC. 408.It Va WITH_CLANG_EXTRAS 409Build additional clang and llvm tools, such as bugpoint and 410clang-format. 411.It Va WITH_CLANG_FORMAT 412Build clang-format. 413.It Va WITHOUT_CLANG_FULL 414Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of 415the Clang C/C++ compiler. 416.It Va WITH_CLEAN 417Clean before building world and/or kernel. 418Note that recording a new epoch in 419.Pa .clean_build_epoch 420in the root of the source tree will also force a clean world build. 421.It Va WITHOUT_CPP 422Do not build 423.Xr cpp 1 . 424.It Va WITHOUT_CROSS_COMPILER 425Do not build any cross compiler in the cross-tools stage of buildworld. 426When compiling a different version of 427.Fx 428than what is installed on the system, provide an alternate 429compiler with XCC to ensure success. 430When compiling with an identical version of 431.Fx 432to the host, this option may be safely used. 433This option may also be safe when the host version of 434.Fx 435is close to the sources being built, but all bets are off if there have 436been any changes to the toolchain between the versions. 437When set, it enforces these options: 438.Pp 439.Bl -item -compact 440.It 441.Va WITHOUT_CLANG_BOOTSTRAP 442.It 443.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 444.It 445.Va WITHOUT_LLD_BOOTSTRAP 446.El 447.It Va WITHOUT_CRYPT 448Do not build any crypto code. 449When set, it enforces these options: 450.Pp 451.Bl -item -compact 452.It 453.Va WITHOUT_DMAGENT 454.It 455.Va WITHOUT_KERBEROS 456.It 457.Va WITHOUT_LDNS 458.It 459.Va WITHOUT_LDNS_UTILS 460.It 461.Va WITHOUT_LOADER_ZFS 462.It 463.Va WITHOUT_MITKRB5 464.It 465.Va WITHOUT_OPENSSH 466.It 467.Va WITHOUT_OPENSSL 468.It 469.Va WITHOUT_OPENSSL_KTLS 470.It 471.Va WITHOUT_PKGBOOTSTRAP 472.It 473.Va WITHOUT_UNBOUND 474.It 475.Va WITHOUT_ZFS 476.It 477.Va WITHOUT_ZFS_TESTS 478.El 479.Pp 480When set, these options are also in effect: 481.Pp 482.Bl -inset -compact 483.It Va WITHOUT_KERBEROS_SUPPORT 484(unless 485.Va WITH_KERBEROS_SUPPORT 486is set explicitly) 487.El 488.It Va WITH_CTF 489Compile with CTF (Compact C Type Format) data. 490CTF data encapsulates a reduced form of debugging information 491similar to DWARF and the venerable stabs and is required for DTrace. 492.It Va WITHOUT_CUSE 493Do not build CUSE-related programs and libraries. 494.It Va WITHOUT_CXGBETOOL 495Do not build 496.Xr cxgbetool 8 497.Pp 498This is a default setting on 499arm/armv7 and riscv/riscv64. 500.It Va WITH_CXGBETOOL 501Build 502.Xr cxgbetool 8 503.Pp 504This is a default setting on 505amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 506.It Va WITHOUT_DEBUG_FILES 507Avoid building or installing standalone debug files for each 508executable binary and shared library. 509.It Va WITH_DETECT_TZ_CHANGES 510Make the time handling code detect changes to the timezone files. 511.It Va WITH_DIALOG 512Do build 513.Xr dialog 1 , 514.Xr dialog 3 , 515.Xr dpv 1 , 516and 517.Xr dpv 3 . 518.It Va WITHOUT_DICT 519Do not build the Webster dictionary files. 520.It Va WITH_DIRDEPS_BUILD 521This is an alternate build system. 522For details see 523https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. 524Build commands can be seen from the top-level with: 525.Dl make show-valid-targets 526The build is driven by dirdeps.mk using 527.Va DIRDEPS 528stored in 529Makefile.depend files found in each directory. 530.Pp 531The build can be started from anywhere, and behaves the same. 532The initial instance of 533.Xr make 1 534recursively reads 535.Va DIRDEPS 536from 537.Pa Makefile.depend , 538computing a graph of tree dependencies from the current origin. 539Setting 540.Va NO_DIRDEPS 541skips checking dirdep dependencies and will only build in the current 542and child directories. 543.Va NO_DIRDEPS_BELOW 544skips building any dirdeps and only build the current directory. 545.Pp 546This also utilizes the 547.Va WITH_META_MODE 548logic for incremental builds. 549.Pp 550The build hides commands executed unless 551.Va NO_SILENT 552is defined. 553.Pp 554Note that there is currently no mass install feature for this. 555This build is designed for producing packages, that can then be installed 556on a target system. 557.Pp 558The implementation in 559.Fx 560is incomplete. 561Completion would require leaf directories for building each kernel 562and package so that their dependencies can be tracked. 563When set, it enforces these options: 564.Pp 565.Bl -item -compact 566.It 567.Va WITH_INSTALL_AS_USER 568.El 569.Pp 570When set, these options are also in effect: 571.Pp 572.Bl -inset -compact 573.It Va WITH_META_ERROR_TARGET 574(unless 575.Va WITHOUT_META_ERROR_TARGET 576is set explicitly) 577.It Va WITH_META_MODE 578(unless 579.Va WITHOUT_META_MODE 580is set explicitly) 581.It Va WITH_STAGING 582(unless 583.Va WITHOUT_STAGING 584is set explicitly) 585.It Va WITH_STAGING_MAN 586(unless 587.Va WITHOUT_STAGING_MAN 588is set explicitly) 589.It Va WITH_STAGING_PROG 590(unless 591.Va WITHOUT_STAGING_PROG 592is set explicitly) 593.It Va WITH_SYSROOT 594(unless 595.Va WITHOUT_SYSROOT 596is set explicitly) 597.El 598.Pp 599This must be set in the environment, make command line, or 600.Pa /etc/src-env.conf , 601not 602.Pa /etc/src.conf . 603.It Va WITH_DIRDEPS_CACHE 604Cache result of dirdeps.mk which can save significant time 605for subsequent builds. 606Depends on 607.Va WITH_DIRDEPS_BUILD . 608.Pp 609This must be set in the environment, make command line, or 610.Pa /etc/src-env.conf , 611not 612.Pa /etc/src.conf . 613.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP 614Build 615.Xr etdump 1 , 616.Xr makefs 8 617and 618.Xr mkimg 1 619as bootstrap tools. 620.It Va WITHOUT_DMAGENT 621Do not build dma Mail Transport Agent. 622.It Va WITHOUT_DOCCOMPRESS 623Do not install compressed system documentation. 624Only the uncompressed version will be installed. 625.It Va WITHOUT_DTRACE 626Do not build DTrace framework kernel modules, libraries, and user commands. 627When set, it enforces these options: 628.Pp 629.Bl -item -compact 630.It 631.Va WITHOUT_CTF 632.El 633.It Va WITH_DTRACE_ASAN 634Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1)) 635with address and undefined behavior sanitizers. 636Requires that Clang be used as the base system compiler 637and that the runtime support library is available. 638.It Va WITH_DTRACE_TESTS 639Build and install the DTrace test suite in 640.Pa /usr/tests/cddl/usr.sbin/dtrace . 641This test suite is considered experimental on architectures other than 642amd64/amd64 and running it may cause system instability. 643.It Va WITHOUT_DYNAMICROOT 644Set this if you do not want to link 645.Pa /bin 646and 647.Pa /sbin 648dynamically. 649.It Va WITHOUT_EE 650Do not build and install 651.Xr edit 1 , 652.Xr ee 1 , 653and related programs. 654.It Va WITHOUT_EFI 655Set not to build 656.Xr efivar 3 657and 658.Xr efivar 8 . 659.Pp 660This is a default setting on 661i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 662.It Va WITH_EFI 663Build 664.Xr efivar 3 665and 666.Xr efivar 8 . 667.Pp 668This is a default setting on 669amd64/amd64, arm/armv7, arm64/aarch64 and riscv/riscv64. 670.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 671Do not build ELF Tool Chain tools 672(addr2line, nm, size, strings and strip) 673as part of the bootstrap process. 674.Bf -symbolic 675An alternate bootstrap tool chain must be provided. 676.Ef 677.It Va WITHOUT_EXAMPLES 678Avoid installing examples to 679.Pa /usr/share/examples/ . 680.It Va WITH_EXPERIMENTAL 681Include experimental features in the build. 682.It Va WITHOUT_FDT 683Do not build Flattened Device Tree support as part of the base system. 684This includes the device tree compiler (dtc) and libfdt support library. 685.Pp 686This is a default setting on 687amd64/amd64 and i386/i386. 688.It Va WITH_FDT 689Build Flattened Device Tree support as part of the base system. 690This includes the device tree compiler (dtc) and libfdt support library. 691.Pp 692This is a default setting on 693arm/armv7, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 694.It Va WITHOUT_FILE 695Do not build 696.Xr file 1 697and related programs. 698.It Va WITHOUT_FINGER 699Do not build or install 700.Xr finger 1 701and 702.Xr fingerd 8 . 703.It Va WITHOUT_FLOPPY 704Do not build or install programs 705for operating floppy disk driver. 706.It Va WITHOUT_FORMAT_EXTENSIONS 707Do not enable 708.Fl fformat-extensions 709when compiling the kernel. 710Also disables all format checking. 711.It Va WITHOUT_FORTH 712Build bootloaders without Forth support. 713.It Va WITHOUT_FP_LIBC 714Build 715.Nm libc 716without floating-point support. 717.It Va WITHOUT_FREEBSD_UPDATE 718Do not build 719.Xr freebsd-update 8 . 720.It Va WITHOUT_FTP 721Do not build or install 722.Xr ftp 1 . 723.It Va WITHOUT_GAMES 724Do not build games. 725.It Va WITHOUT_GNU_DIFF 726Do not build GNU 727.Xr diff3 1 ; 728build BSD 729.Xr diff3 1 730instead. 731.It Va WITHOUT_GOOGLETEST 732Neither build nor install 733.Lb libgmock , 734.Lb libgtest , 735and dependent tests. 736.It Va WITHOUT_GPIO 737Do not build 738.Xr gpioctl 8 739as part of the base system. 740.It Va WITHOUT_HAST 741Do not build 742.Xr hastd 8 743and related utilities. 744.It Va WITH_HESIOD 745Build Hesiod support. 746.It Va WITHOUT_HTML 747Do not build HTML docs. 748.It Va WITHOUT_HYPERV 749Do not build or install HyperV utilities. 750.Pp 751This is a default setting on 752arm/armv7, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 753.It Va WITH_HYPERV 754Build or install HyperV utilities. 755.Pp 756This is a default setting on 757amd64/amd64, arm64/aarch64 and i386/i386. 758.It Va WITHOUT_ICONV 759Do not build iconv as part of libc. 760.It Va WITHOUT_INCLUDES 761Do not install header files. 762This option used to be spelled 763.Va NO_INCS . 764.Bf -symbolic 765The option does not work for build targets. 766.Ef 767.It Va WITHOUT_INET 768Do not build programs and libraries related to IPv4 networking. 769When set, it enforces these options: 770.Pp 771.Bl -item -compact 772.It 773.Va WITHOUT_INET_SUPPORT 774.El 775.It Va WITHOUT_INET6 776Do not build 777programs and libraries related to IPv6 networking. 778When set, it enforces these options: 779.Pp 780.Bl -item -compact 781.It 782.Va WITHOUT_INET6_SUPPORT 783.El 784.It Va WITHOUT_INET6_SUPPORT 785Build libraries, programs, and kernel modules without IPv6 support. 786.It Va WITHOUT_INETD 787Do not build 788.Xr inetd 8 . 789.It Va WITHOUT_INET_SUPPORT 790Build libraries, programs, and kernel modules without IPv4 support. 791.It Va WITHOUT_INSTALLLIB 792Set this to not install optional libraries. 793For example, when creating a 794.Xr nanobsd 8 795image. 796.Bf -symbolic 797The option does not work for build targets. 798.Ef 799.It Va WITH_INSTALL_AS_USER 800Make install targets succeed for non-root users by installing 801files with owner and group attributes set to that of the user running 802the 803.Xr make 1 804command. 805The user still must set the 806.Va DESTDIR 807variable to point to a directory where the user has write permissions. 808.It Va WITHOUT_IPFILTER 809Do not build IP Filter package. 810.It Va WITHOUT_IPFW 811Do not build IPFW tools. 812.It Va WITHOUT_IPSEC_SUPPORT 813Do not build the kernel with 814.Xr ipsec 4 815support. 816This option is needed for 817.Xr ipsec 4 818and 819.Xr tcpmd5 4 . 820.It Va WITHOUT_ISCSI 821Do not build 822.Xr iscsid 8 823and related utilities. 824.It Va WITHOUT_JAIL 825Do not build tools for the support of jails; e.g., 826.Xr jail 8 . 827.It Va WITHOUT_JEMALLOC_LG_VADDR_WIDE 828Disallow programs to use more than 48 address bits on amd64. 829Incompatible with LA57 mode. 830Enabling this option might result in a slight reduction in memory 831consumption for jemalloc metadata, but also requires disabling LA57 832(if hardware supports it). 833.It Va WITHOUT_KDUMP 834Do not build 835.Xr kdump 1 836and 837.Xr truss 1 . 838.It Va WITHOUT_KERBEROS 839Set this to not build Kerberos. 840When set, these options are also in effect: 841.Pp 842.Bl -inset -compact 843.It Va WITHOUT_KERBEROS_SUPPORT 844(unless 845.Va WITH_KERBEROS_SUPPORT 846is set explicitly) 847.El 848.It Va WITHOUT_KERBEROS_SUPPORT 849Build some programs without Kerberos support, like 850.Xr ssh 1 , 851.Xr telnet 1 , 852and 853.Xr sshd 8 . 854.It Va WITH_KERNEL_BIN 855Generate and install kernel.bin from kernel as part of the normal build and 856install processes for the kernel. Available only on arm and arm64. 857 858Usually this will be added to the kernel config file with: 859 860makeoptions WITH_KERNEL_BIN=1 861 862though it can also be used on the command line. 863.It Va WITH_KERNEL_RETPOLINE 864Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel 865build. 866.It Va WITHOUT_KERNEL_SYMBOLS 867Do not install standalone kernel debug symbol files. 868This option has no effect at build time. 869.It Va WITHOUT_KVM 870Do not build the 871.Nm libkvm 872library as a part of the base system. 873.Bf -symbolic 874The option has no effect yet. 875.Ef 876When set, these options are also in effect: 877.Pp 878.Bl -inset -compact 879.It Va WITHOUT_KVM_SUPPORT 880(unless 881.Va WITH_KVM_SUPPORT 882is set explicitly) 883.El 884.It Va WITHOUT_KVM_SUPPORT 885Build some programs without optional 886.Nm libkvm 887support. 888.It Va WITHOUT_LDNS 889Setting this variable will prevent the LDNS library from being built. 890When set, it enforces these options: 891.Pp 892.Bl -item -compact 893.It 894.Va WITHOUT_LDNS_UTILS 895.It 896.Va WITHOUT_UNBOUND 897.El 898.It Va WITHOUT_LDNS_UTILS 899Setting this variable will prevent building the LDNS utilities 900.Xr drill 1 901and 902.Xr host 1 . 903.It Va WITHOUT_LEGACY_CONSOLE 904Do not build programs that support a legacy PC console; e.g., 905.Xr kbdcontrol 1 906and 907.Xr vidcontrol 1 . 908.It Va WITHOUT_LIB32 909On 64-bit platforms, do not build 32-bit library set and a 910.Nm ld-elf32.so.1 911runtime linker. 912.Pp 913This is a default setting on 914arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 915.It Va WITH_LIB32 916On 64-bit platforms, build the 32-bit library set and a 917.Nm ld-elf32.so.1 918runtime linker. 919.Pp 920This is a default setting on 921amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 922.It Va WITHOUT_LLD 923Do not build LLVM's lld linker. 924.It Va WITHOUT_LLDB 925Do not build the LLDB debugger. 926.Pp 927This is a default setting on 928arm/armv7 and riscv/riscv64. 929.It Va WITH_LLDB 930Build the LLDB debugger. 931.Pp 932This is a default setting on 933amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 934.It Va WITHOUT_LLD_BOOTSTRAP 935Do not build the LLD linker during the bootstrap phase of 936the build. 937To be able to build the system an alternate linker must be provided via XLD. 938.It Va WITHOUT_LLVM_ASSERTIONS 939Disable debugging assertions in LLVM. 940.It Va WITHOUT_LLVM_BINUTILS 941Install ELF Tool Chain's binary utilities instead of LLVM's. 942This includes 943.Xr addr2line 1 , 944.Xr ar 1 , 945.Xr nm 1 , 946.Xr objcopy 1 , 947.Xr ranlib 1 , 948.Xr readelf 1 , 949.Xr size 1 , 950and 951.Xr strip 1 . 952Regardless of this setting, LLVM tools are used for 953.Xr c++filt 1 954and 955.Xr objdump 1 . 956.Xr strings 1 957is always provided by ELF Tool Chain. 958.It Va WITHOUT_LLVM_COV 959Do not build the 960.Xr llvm-cov 1 961tool. 962.It Va WITHOUT_LLVM_CXXFILT 963Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. 964.It Va WITH_LLVM_FULL_DEBUGINFO 965Generate full debug information for LLVM libraries and tools, which uses 966more disk space and build resources, but allows for easier debugging. 967.It Va WITHOUT_LLVM_TARGET_AARCH64 968Do not build LLVM target support for AArch64. 969The 970.Va LLVM_TARGET_ALL 971option should be used rather than this in most cases. 972.It Va WITHOUT_LLVM_TARGET_ALL 973Only build the required LLVM target support. 974This option is preferred to specific target support options. 975When set, these options are also in effect: 976.Pp 977.Bl -inset -compact 978.It Va WITHOUT_LLVM_TARGET_AARCH64 979(unless 980.Va WITH_LLVM_TARGET_AARCH64 981is set explicitly) 982.It Va WITHOUT_LLVM_TARGET_ARM 983(unless 984.Va WITH_LLVM_TARGET_ARM 985is set explicitly) 986.It Va WITHOUT_LLVM_TARGET_POWERPC 987(unless 988.Va WITH_LLVM_TARGET_POWERPC 989is set explicitly) 990.It Va WITHOUT_LLVM_TARGET_RISCV 991(unless 992.Va WITH_LLVM_TARGET_RISCV 993is set explicitly) 994.El 995.It Va WITHOUT_LLVM_TARGET_ARM 996Do not build LLVM target support for ARM. 997The 998.Va LLVM_TARGET_ALL 999option should be used rather than this in most cases. 1000.It Va WITH_LLVM_TARGET_BPF 1001Build LLVM target support for BPF. 1002The 1003.Va LLVM_TARGET_ALL 1004option should be used rather than this in most cases. 1005.It Va WITH_LLVM_TARGET_MIPS 1006Build LLVM target support for MIPS. 1007The 1008.Va LLVM_TARGET_ALL 1009option should be used rather than this in most cases. 1010.It Va WITHOUT_LLVM_TARGET_POWERPC 1011Do not build LLVM target support for PowerPC. 1012The 1013.Va LLVM_TARGET_ALL 1014option should be used rather than this in most cases. 1015.It Va WITHOUT_LLVM_TARGET_RISCV 1016Do not build LLVM target support for RISC-V. 1017The 1018.Va LLVM_TARGET_ALL 1019option should be used rather than this in most cases. 1020.It Va WITHOUT_LLVM_TARGET_X86 1021Do not build LLVM target support for X86. 1022The 1023.Va LLVM_TARGET_ALL 1024option should be used rather than this in most cases. 1025.It Va WITHOUT_LOADER_BIOS_TEXTONLY 1026Include graphics, font and video mode support in the i386 and amd64 BIOS 1027boot loader. 1028.It Va WITH_LOADER_EFI_SECUREBOOT 1029Enable building 1030.Xr loader 8 1031with support for verification based on certificates obtained from UEFI. 1032.It Va WITHOUT_LOADER_GELI 1033Disable inclusion of GELI crypto support in the boot chain binaries. 1034.Pp 1035This is a default setting on 1036powerpc/powerpc64 and powerpc/powerpc64le. 1037.It Va WITH_LOADER_GELI 1038Build GELI bootloader support. 1039.Pp 1040This is a default setting on 1041amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1042.It Va WITHOUT_LOADER_IA32 1043Do not build the 32-bit UEFI loader. 1044.Pp 1045This is a default setting on 1046arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1047.It Va WITH_LOADER_IA32 1048Build the 32-bit UEFI loader. 1049.Pp 1050This is a default setting on 1051amd64/amd64. 1052.It Va WITHOUT_LOADER_KBOOT 1053Do not build kboot, a linuxboot environment loader 1054.Pp 1055This is a default setting on 1056arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1057.It Va WITH_LOADER_KBOOT 1058Build kboot, a linuxboot environment loader 1059.Pp 1060This is a default setting on 1061amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 1062.It Va WITHOUT_LOADER_LUA 1063Do not build LUA bindings for the boot loader. 1064.Pp 1065This is a default setting on 1066powerpc/powerpc64 and powerpc/powerpc64le. 1067.It Va WITH_LOADER_LUA 1068Build LUA bindings for the boot loader. 1069.Pp 1070This is a default setting on 1071amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1072.It Va WITHOUT_LOADER_OFW 1073Disable building of openfirmware bootloader components. 1074.Pp 1075This is a default setting on 1076amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1077.It Va WITH_LOADER_OFW 1078Build openfirmware bootloader components. 1079.Pp 1080This is a default setting on 1081powerpc/powerpc64 and powerpc/powerpc64le. 1082.It Va WITHOUT_LOADER_PXEBOOT 1083Do not build pxeboot on i386/amd64. 1084When the pxeboot is too large, or unneeded, it may be disabled with this option. 1085See 1086.Va WITH_LOADER_PXEBOOT 1087for how to adjust the defaults when you need both a larger 1088.Pa /boot/loader 1089and 1090.Pa /boot/pxeboot 1091.Pp 1092This option only has an effect on x86. 1093.It Va WITHOUT_LOADER_UBOOT 1094Disable building of ubldr. 1095.Pp 1096This is a default setting on 1097amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1098.It Va WITH_LOADER_UBOOT 1099Build ubldr. 1100.Pp 1101This is a default setting on 1102arm/armv7 and powerpc/powerpc64. 1103.It Va WITH_LOADER_VERBOSE 1104Build with extra verbose debugging in the loader. 1105May explode already nearly too large loader over the limit. 1106Use with care. 1107.It Va WITH_LOADER_VERIEXEC 1108Enable building 1109.Xr loader 8 1110with support for verification similar to Verified Exec. 1111.Pp 1112Depends on 1113.Va WITH_BEARSSL . 1114May require a larger 1115.Va LOADERSIZE . 1116When set, these options are also in effect: 1117.Pp 1118.Bl -inset -compact 1119.It Va WITH_LOADER_EFI_SECUREBOOT 1120(unless 1121.Va WITHOUT_LOADER_EFI_SECUREBOOT 1122is set explicitly) 1123.It Va WITH_LOADER_VERIEXEC_VECTX 1124(unless 1125.Va WITHOUT_LOADER_VERIEXEC_VECTX 1126is set explicitly) 1127.El 1128.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST 1129Enable building 1130.Xr loader 8 1131with support to pass a verified manifest to the kernel. 1132The kernel has to be built with a module to parse the manifest. 1133.Pp 1134Depends on 1135.Va WITH_LOADER_VERIEXEC . 1136.It Va WITH_LOADER_VERIEXEC_VECTX 1137Enable building 1138.Xr loader 8 1139with support for hashing and verifying kernel and modules as a side effect 1140of loading. 1141.Pp 1142Depends on 1143.Va WITH_LOADER_VERIEXEC . 1144.It Va WITHOUT_LOADER_ZFS 1145Do not build ZFS file system boot loader support. 1146.It Va WITHOUT_LOCALES 1147Do not build localization files; see 1148.Xr locale 1 . 1149.It Va WITHOUT_LOCATE 1150Do not build 1151.Xr locate 1 1152and related programs. 1153.It Va WITHOUT_LPR 1154Do not build 1155.Xr lpr 1 1156and related programs. 1157.It Va WITHOUT_LS_COLORS 1158Build 1159.Xr ls 1 1160without support for colors to distinguish file types. 1161.It Va WITHOUT_MACHDEP_OPTIMIZATIONS 1162Prefer machine-independent non-assembler code in libc and libm. 1163.It Va WITHOUT_MAIL 1164Do not build any mail support (MUA or MTA). 1165When set, it enforces these options: 1166.Pp 1167.Bl -item -compact 1168.It 1169.Va WITHOUT_DMAGENT 1170.It 1171.Va WITHOUT_MAILWRAPPER 1172.It 1173.Va WITHOUT_SENDMAIL 1174.El 1175.It Va WITHOUT_MAILWRAPPER 1176Do not build the 1177.Xr mailwrapper 8 1178MTA selector. 1179.It Va WITHOUT_MAKE 1180Do not install 1181.Xr make 1 1182and related support files. 1183.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX 1184Do not execute 1185.Dq Li "make check" 1186in limited sandbox mode. 1187This option should be paired with 1188.Va WITH_INSTALL_AS_USER 1189if executed as an unprivileged user. 1190See 1191.Xr tests 7 1192for more details. 1193.It Va WITH_MALLOC_PRODUCTION 1194Disable assertions and statistics gathering in 1195.Xr malloc 3 . 1196The run-time options 1197.Dv opt.abort , 1198.Dv opt.abort_conf , 1199and 1200.Dv opt.junk 1201also default to false. 1202.It Va WITHOUT_MAN 1203Do not build manual pages. 1204When set, these options are also in effect: 1205.Pp 1206.Bl -inset -compact 1207.It Va WITHOUT_MAN_UTILS 1208(unless 1209.Va WITH_MAN_UTILS 1210is set explicitly) 1211.El 1212.It Va WITHOUT_MANCOMPRESS 1213Do not install compressed man pages. 1214Only the uncompressed versions will be installed. 1215.It Va WITH_MANSPLITPKG 1216Split man pages into their own packages during make package. 1217.It Va WITHOUT_MAN_UTILS 1218Do not build utilities for manual pages, 1219.Xr apropos 1 , 1220.Xr makewhatis 1 , 1221.Xr man 1 , 1222.Xr whatis 1 , 1223.Xr manctl 8 , 1224and related support files. 1225.It Va WITH_META_ERROR_TARGET 1226Enable the META_MODE .ERROR target. 1227.Pp 1228This target will copy the meta file of a failed target 1229to 1230.Va ERROR_LOGDIR 1231(default is 1232.Ql ${SRCTOP:H}/error ) 1233to help with failure analysis. 1234Depends on 1235.Va WITH_META_MODE . 1236This default when 1237.Va WITH_DIRDEPS_BUILD 1238is set. 1239.Pp 1240This must be set in the environment, make command line, or 1241.Pa /etc/src-env.conf , 1242not 1243.Pa /etc/src.conf . 1244.It Va WITH_META_MODE 1245Create 1246.Xr make 1 1247meta files when building, which can provide a reliable incremental build when 1248using 1249.Xr filemon 4 . 1250The meta file is created in OBJDIR as 1251.Pa target.meta . 1252These meta files track the command that was executed, its output, and the 1253current directory. 1254The 1255.Xr filemon 4 1256module is required unless 1257.Va NO_FILEMON 1258is defined. 1259When the module is loaded, any files used by the commands executed are 1260tracked as dependencies for the target in its meta file. 1261The target is considered out-of-date and rebuilt if any of these 1262conditions are true compared to the last build: 1263.Bl -bullet -compact 1264.It 1265The command to execute changes. 1266.It 1267The current working directory changes. 1268.It 1269The target's meta file is missing. 1270.It 1271The target's meta file is missing filemon data when filemon is loaded 1272and a previous run did not have it loaded. 1273.It 1274[requires 1275.Xr filemon 4 ] 1276Files read, executed or linked to are newer than the target. 1277.It 1278[requires 1279.Xr filemon 4 ] 1280Files read, written, executed or linked are missing. 1281.El 1282The meta files can also be useful for debugging. 1283.Pp 1284The build hides commands that are executed unless 1285.Va NO_SILENT 1286is defined. 1287Errors cause 1288.Xr make 1 1289to show some of its environment for further debugging. 1290.Pp 1291The build operates as it normally would otherwise. 1292This option originally invoked a different build system but that was renamed 1293to 1294.Va WITH_DIRDEPS_BUILD . 1295.Pp 1296This must be set in the environment, make command line, or 1297.Pa /etc/src-env.conf , 1298not 1299.Pa /etc/src.conf . 1300.It Va WITHOUT_MITKRB5 1301Set this to build KTH Heimdal instead of MIT Kerberos 5. 1302.It Va WITHOUT_MLX5TOOL 1303Do not build 1304.Xr mlx5tool 8 1305.Pp 1306This is a default setting on 1307arm/armv7 and riscv/riscv64. 1308.It Va WITH_MLX5TOOL 1309Build 1310.Xr mlx5tool 8 1311.Pp 1312This is a default setting on 1313amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 1314.It Va WITHOUT_NETCAT 1315Do not build 1316.Xr nc 1 1317utility. 1318.It Va WITHOUT_NETGRAPH 1319Do not build applications to support 1320.Xr netgraph 4 . 1321When set, it enforces these options: 1322.Pp 1323.Bl -item -compact 1324.It 1325.Va WITHOUT_BLUETOOTH 1326.El 1327.Pp 1328When set, these options are also in effect: 1329.Pp 1330.Bl -inset -compact 1331.It Va WITHOUT_NETGRAPH_SUPPORT 1332(unless 1333.Va WITH_NETGRAPH_SUPPORT 1334is set explicitly) 1335.El 1336.It Va WITHOUT_NETGRAPH_SUPPORT 1337Build libraries, programs, and kernel modules without netgraph support. 1338.It Va WITHOUT_NETLINK 1339Do not build 1340.Xr genl 1 1341utility. 1342.It Va WITHOUT_NETLINK_SUPPORT 1343Make libraries and programs use rtsock and 1344.Xr sysctl 3 1345interfaces instead of 1346.Xr snl 3 . 1347.It Va WITHOUT_NIS 1348Do not build 1349.Xr NIS 8 1350support and related programs. 1351If set, you might need to adopt your 1352.Xr nsswitch.conf 5 1353and remove 1354.Sq nis 1355entries. 1356.It Va WITHOUT_NLS 1357Do not build NLS catalogs. 1358When set, it enforces these options: 1359.Pp 1360.Bl -item -compact 1361.It 1362.Va WITHOUT_NLS_CATALOGS 1363.El 1364.It Va WITHOUT_NLS_CATALOGS 1365Do not build NLS catalog support for 1366.Xr csh 1 . 1367.It Va WITHOUT_NS_CACHING 1368Disable name caching in the 1369.Pa nsswitch 1370subsystem. 1371The generic caching daemon, 1372.Xr nscd 8 , 1373will not be built either if this option is set. 1374.It Va WITHOUT_NTP 1375Do not build 1376.Xr ntpd 8 1377and related programs. 1378.It Va WITHOUT_NUAGEINIT 1379Do not install the limited cloud init support scripts. 1380.It Va WITHOUT_OFED 1381Do not build the 1382.Dq "OpenFabrics Enterprise Distribution" 1383InfiniBand software stack, including kernel modules and userspace libraries. 1384.Pp 1385This is a default setting on 1386arm/armv7. 1387When set, it enforces these options: 1388.Pp 1389.Bl -item -compact 1390.It 1391.Va WITHOUT_OFED_EXTRA 1392.El 1393.It Va WITH_OFED 1394Build the 1395.Dq "OpenFabrics Enterprise Distribution" 1396InfiniBand software stack, including kernel modules and userspace libraries. 1397.Pp 1398This is a default setting on 1399amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1400.It Va WITH_OFED_EXTRA 1401Build the non-essential components of the 1402.Dq "OpenFabrics Enterprise Distribution" 1403Infiniband software stack, mostly examples. 1404.It Va WITH_OPENLDAP 1405Enable building LDAP support for kerberos using an openldap client from ports. 1406.It Va WITHOUT_OPENMP 1407Do not build LLVM's OpenMP runtime. 1408.Pp 1409This is a default setting on 1410arm/armv7. 1411.It Va WITH_OPENMP 1412Build LLVM's OpenMP runtime. 1413.Pp 1414This is a default setting on 1415amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1416.It Va WITHOUT_OPENSSH 1417Do not build OpenSSH. 1418.It Va WITHOUT_OPENSSL 1419Do not build OpenSSL. 1420When set, it enforces these options: 1421.Pp 1422.Bl -item -compact 1423.It 1424.Va WITHOUT_DMAGENT 1425.It 1426.Va WITHOUT_KERBEROS 1427.It 1428.Va WITHOUT_LDNS 1429.It 1430.Va WITHOUT_LDNS_UTILS 1431.It 1432.Va WITHOUT_LOADER_ZFS 1433.It 1434.Va WITHOUT_MITKRB5 1435.It 1436.Va WITHOUT_OPENSSH 1437.It 1438.Va WITHOUT_OPENSSL_KTLS 1439.It 1440.Va WITHOUT_PKGBOOTSTRAP 1441.It 1442.Va WITHOUT_UNBOUND 1443.It 1444.Va WITHOUT_ZFS 1445.It 1446.Va WITHOUT_ZFS_TESTS 1447.El 1448.Pp 1449When set, these options are also in effect: 1450.Pp 1451.Bl -inset -compact 1452.It Va WITHOUT_KERBEROS_SUPPORT 1453(unless 1454.Va WITH_KERBEROS_SUPPORT 1455is set explicitly) 1456.El 1457.It Va WITHOUT_OPENSSL_KTLS 1458Do not include kernel TLS support in OpenSSL. 1459.Pp 1460This is a default setting on 1461arm/armv7, i386/i386 and riscv/riscv64. 1462.It Va WITH_OPENSSL_KTLS 1463Include kernel TLS support in OpenSSL. 1464.Pp 1465This is a default setting on 1466amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. 1467.It Va WITHOUT_PAM 1468Do not build PAM library and modules. 1469.Bf -symbolic 1470This option is deprecated and does nothing. 1471.Ef 1472When set, these options are also in effect: 1473.Pp 1474.Bl -inset -compact 1475.It Va WITHOUT_PAM_SUPPORT 1476(unless 1477.Va WITH_PAM_SUPPORT 1478is set explicitly) 1479.El 1480.It Va WITHOUT_PAM_SUPPORT 1481Build 1482.Xr ppp 8 1483without PAM support. 1484.It Va WITHOUT_PF 1485Do not build PF firewall package. 1486When set, it enforces these options: 1487.Pp 1488.Bl -item -compact 1489.It 1490.Va WITHOUT_AUTHPF 1491.El 1492.It Va WITHOUT_PIE 1493Do not build dynamically linked binaries as 1494Position-Independent Executable (PIE). 1495.Pp 1496This is a default setting on 1497arm/armv7 and i386/i386. 1498.It Va WITH_PIE 1499Build dynamically linked binaries as 1500Position-Independent Executable (PIE). 1501.Pp 1502This is a default setting on 1503amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1504.It Va WITHOUT_PKGBOOTSTRAP 1505Do not build 1506.Xr pkg 7 1507bootstrap tool. 1508.It Va WITHOUT_PMC 1509Do not build 1510.Xr pmccontrol 8 1511and related programs. 1512.It Va WITHOUT_PPP 1513Do not build 1514.Xr ppp 8 1515and related programs. 1516.It Va WITHOUT_PTHREADS_ASSERTIONS 1517Disable debugging assertions in pthreads library. 1518.It Va WITHOUT_QUOTAS 1519Do not build 1520.Xr quota 1 1521and related programs. 1522.It Va WITHOUT_RADIUS_SUPPORT 1523Do not build radius support into various applications, like 1524.Xr pam_radius 8 1525and 1526.Xr ppp 8 . 1527.It Va WITH_RATELIMIT 1528Build the system with rate limit support. 1529.Pp 1530This makes 1531.Dv SO_MAX_PACING_RATE 1532effective in 1533.Xr getsockopt 2 , 1534and 1535.Ar txrlimit 1536support in 1537.Xr ifconfig 8 , 1538by proxy. 1539.It Va WITHOUT_RBOOTD 1540Do not build or install 1541.Xr rbootd 8 . 1542.It Va WITHOUT_RELRO 1543Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. 1544See also the 1545.Va BIND_NOW 1546option. 1547.It Va WITH_REPRODUCIBLE_BUILD 1548Exclude build metadata (such as the build time, user, or host) 1549from the kernel, boot loaders, and uname output, so that builds produce 1550bit-for-bit identical output. 1551.It Va WITHOUT_RESCUE 1552Do not build 1553.Xr rescue 8 . 1554.It Va WITH_RETPOLINE 1555Build the base system with the retpoline speculative execution 1556vulnerability mitigation for CVE-2017-5715. 1557.It Va WITHOUT_ROUTED 1558Do not build 1559.Xr routed 8 1560utility. 1561.It Va WITH_RPCBIND_WARMSTART_SUPPORT 1562Build 1563.Xr rpcbind 8 1564with warmstart support. 1565.It Va WITH_RUN_TESTS 1566Run tests as part of the build. 1567.It Va WITHOUT_SCTP_SUPPORT 1568Disable support in the kernel for the 1569.Xr sctp 4 1570Stream Control Transmission Protocol 1571loadable kernel module. 1572.It Va WITHOUT_SENDMAIL 1573Do not build 1574.Xr sendmail 8 1575and related programs. 1576.It Va WITHOUT_SERVICESDB 1577Do not install 1578.Pa /var/db/services.db . 1579.It Va WITHOUT_SETUID_LOGIN 1580Set this to disable the installation of 1581.Xr login 1 1582as a set-user-ID root program. 1583.It Va WITHOUT_SHAREDOCS 1584Do not build the 1585.Bx 4.4 1586legacy docs. 1587.It Va WITH_SORT_THREADS 1588Enable threads in 1589.Xr sort 1 . 1590.It Va WITHOUT_SOURCELESS 1591Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). 1592When set, it enforces these options: 1593.Pp 1594.Bl -item -compact 1595.It 1596.Va WITHOUT_SOURCELESS_HOST 1597.It 1598.Va WITHOUT_SOURCELESS_UCODE 1599.El 1600.It Va WITHOUT_SOURCELESS_HOST 1601Do not build kernel modules that include sourceless native code for host CPU. 1602.It Va WITHOUT_SOURCELESS_UCODE 1603Do not build kernel modules that include sourceless microcode. 1604.It Va WITHOUT_SPLIT_KERNEL_DEBUG 1605Do not build standalone kernel debug files. 1606Debug data (if enabled by the kernel configuration file) 1607will be included in the kernel and modules. 1608When set, it enforces these options: 1609.Pp 1610.Bl -item -compact 1611.It 1612.Va WITHOUT_KERNEL_SYMBOLS 1613.El 1614.It Va WITHOUT_SSP 1615Do not build world with stack smashing protection. 1616See 1617.Xr mitigations 7 1618for more information. 1619.It Va WITH_STAGING 1620Enable staging of files to a stage tree. 1621This can be best thought of as auto-install to 1622.Va DESTDIR 1623with some extra meta data to ensure dependencies can be tracked. 1624Depends on 1625.Va WITH_DIRDEPS_BUILD . 1626When set, these options are also in effect: 1627.Pp 1628.Bl -inset -compact 1629.It Va WITH_STAGING_MAN 1630(unless 1631.Va WITHOUT_STAGING_MAN 1632is set explicitly) 1633.It Va WITH_STAGING_PROG 1634(unless 1635.Va WITHOUT_STAGING_PROG 1636is set explicitly) 1637.El 1638.Pp 1639This must be set in the environment, make command line, or 1640.Pa /etc/src-env.conf , 1641not 1642.Pa /etc/src.conf . 1643.It Va WITH_STAGING_MAN 1644Enable staging of man pages to stage tree. 1645.It Va WITH_STAGING_PROG 1646Enable staging of PROGs to stage tree. 1647.It Va WITH_STALE_STAGED 1648Check staged files are not stale. 1649.It Va WITHOUT_STATS 1650Neither build nor install 1651.Lb libstats 1652and dependent binaries. 1653.It Va WITHOUT_SYSCONS 1654Do not build 1655.Xr syscons 4 1656support files such as keyboard maps, fonts, and screen output maps. 1657.It Va WITH_SYSROOT 1658Enable use of sysroot during build. 1659Depends on 1660.Va WITH_DIRDEPS_BUILD . 1661.Pp 1662This must be set in the environment, make command line, or 1663.Pa /etc/src-env.conf , 1664not 1665.Pa /etc/src.conf . 1666.It Va WITHOUT_SYSTEM_COMPILER 1667Do not opportunistically skip building a cross-compiler during the 1668bootstrap phase of the build. 1669Normally, if the currently installed compiler matches the planned bootstrap 1670compiler type and revision, then it will not be built. 1671This does not prevent a compiler from being built for installation though, 1672only for building one for the build itself. 1673The 1674.Va WITHOUT_CLANG 1675option controls that. 1676.It Va WITHOUT_SYSTEM_LINKER 1677Do not opportunistically skip building a cross-linker during the 1678bootstrap phase of the build. 1679Normally, if the currently installed linker matches the planned bootstrap 1680linker type and revision, then it will not be built. 1681This does not prevent a linker from being built for installation though, 1682only for building one for the build itself. 1683The 1684.Va WITHOUT_LLD 1685option controls that. 1686.Pp 1687This option is only relevant when 1688.Va WITH_LLD_BOOTSTRAP 1689is set. 1690.It Va WITHOUT_TALK 1691Do not build or install 1692.Xr talk 1 1693and 1694.Xr talkd 8 . 1695.It Va WITHOUT_TCP_WRAPPERS 1696Do not build or install 1697.Xr tcpd 8 , 1698and related utilities. 1699.It Va WITHOUT_TCSH 1700Do not build and install 1701.Pa /bin/csh 1702(which is 1703.Xr tcsh 1 ) . 1704.It Va WITHOUT_TELNET 1705Do not build 1706.Xr telnet 1 1707and related programs. 1708.It Va WITHOUT_TESTS 1709Do not build nor install the 1710.Fx 1711Test Suite in 1712.Pa /usr/tests/ . 1713See 1714.Xr tests 7 1715for more details. 1716This also disables the build of all test-related dependencies, including ATF. 1717When set, it enforces these options: 1718.Pp 1719.Bl -item -compact 1720.It 1721.Va WITHOUT_DTRACE_TESTS 1722.It 1723.Va WITHOUT_ZFS_TESTS 1724.El 1725.Pp 1726When set, these options are also in effect: 1727.Pp 1728.Bl -inset -compact 1729.It Va WITHOUT_GOOGLETEST 1730(unless 1731.Va WITH_GOOGLETEST 1732is set explicitly) 1733.It Va WITHOUT_TESTS_SUPPORT 1734(unless 1735.Va WITH_TESTS_SUPPORT 1736is set explicitly) 1737.El 1738.It Va WITHOUT_TESTS_SUPPORT 1739Disable the build of all test-related dependencies, including ATF. 1740When set, it enforces these options: 1741.Pp 1742.Bl -item -compact 1743.It 1744.Va WITHOUT_GOOGLETEST 1745.El 1746.It Va WITHOUT_TEXTPROC 1747Do not build 1748programs used for text processing. 1749.It Va WITHOUT_TFTP 1750Do not build or install 1751.Xr tftp 1 1752and 1753.Xr tftpd 8 . 1754.It Va WITHOUT_TOOLCHAIN 1755Do not install 1756programs used for program development, 1757compilers, debuggers etc. 1758When set, it enforces these options: 1759.Pp 1760.Bl -item -compact 1761.It 1762.Va WITHOUT_CLANG 1763.It 1764.Va WITHOUT_CLANG_EXTRAS 1765.It 1766.Va WITHOUT_CLANG_FORMAT 1767.It 1768.Va WITHOUT_CLANG_FULL 1769.It 1770.Va WITHOUT_LLD 1771.It 1772.Va WITHOUT_LLDB 1773.It 1774.Va WITHOUT_LLVM_COV 1775.El 1776.Pp 1777When set, these options are also in effect: 1778.Pp 1779.Bl -inset -compact 1780.It Va WITHOUT_LLVM_BINUTILS 1781(unless 1782.Va WITH_LLVM_BINUTILS 1783is set explicitly) 1784.El 1785.It Va WITH_UBSAN 1786Build the base system with Undefined Behavior Sanitizer (UBSan) to detect 1787various kinds of undefined behavior at runtime. 1788Requires that Clang be used as the base system compiler 1789and that the runtime support library is available 1790.It Va WITHOUT_UNBOUND 1791Do not build 1792.Xr unbound 8 1793and related programs. 1794.It Va WITH_UNDEFINED_VERSION 1795Link libraries with --undefined-version which permits version maps to 1796contain symbols that are not present in the library. 1797If this is necessary to build a particular configuration, a bug is 1798present and the configuration should be reported. 1799.It Va WITHOUT_UNIFIED_OBJDIR 1800Use the historical object directory format for 1801.Xr build 7 1802targets. 1803For native-builds and builds done directly in sub-directories the format of 1804.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} 1805is used, 1806while for cross-builds 1807.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} 1808is used. 1809.Pp 1810This option is transitional and will be removed in a future version of 1811.Fx , 1812at which time 1813.Va WITH_UNIFIED_OBJDIR 1814will be enabled permanently. 1815.Pp 1816This must be set in the environment, make command line, or 1817.Pa /etc/src-env.conf , 1818not 1819.Pa /etc/src.conf . 1820.It Va WITHOUT_USB 1821Do not build USB-related programs and libraries. 1822.It Va WITHOUT_USB_GADGET_EXAMPLES 1823Do not build USB gadget kernel modules. 1824.It Va WITHOUT_UTMPX 1825Do not build user accounting tools such as 1826.Xr last 1 , 1827.Xr users 1 , 1828.Xr who 1 , 1829.Xr ac 8 , 1830.Xr lastlogin 8 1831and 1832.Xr utx 8 . 1833.It Va WITH_VERIEXEC 1834Enable building 1835.Xr veriexec 8 1836which loads the contents of verified manifests into the kernel 1837for use by 1838.Xr mac_veriexec 4 1839.Pp 1840Depends on 1841.Va WITH_BEARSSL . 1842.It Va WITHOUT_VI 1843Do not build and install vi, view, ex and related programs. 1844.It Va WITHOUT_VT 1845Do not build 1846.Xr vt 4 1847support files (fonts and keymaps). 1848.It Va WITHOUT_WARNS 1849Set this to not add warning flags to the compiler invocations. 1850Useful as a temporary workaround when code enters the tree 1851which triggers warnings in environments that differ from the 1852original developer. 1853.It Va WITHOUT_WERROR 1854Set this to not treat compiler warnings as errors. 1855Useful as a temporary workaround when working on fixing compiler warnings. 1856When set, warnings are still printed in the build log but do not fail the build. 1857.It Va WITHOUT_WIRELESS 1858Do not build programs used for 802.11 wireless networks; especially 1859.Xr wpa_supplicant 8 1860and 1861.Xr hostapd 8 . 1862When set, these options are also in effect: 1863.Pp 1864.Bl -inset -compact 1865.It Va WITHOUT_WIRELESS_SUPPORT 1866(unless 1867.Va WITH_WIRELESS_SUPPORT 1868is set explicitly) 1869.El 1870.It Va WITHOUT_WIRELESS_SUPPORT 1871Build libraries, programs, and kernel modules without 1872802.11 wireless support. 1873.It Va WITHOUT_WPA_SUPPLICANT_EAPOL 1874Build 1875.Xr wpa_supplicant 8 1876without support for the IEEE 802.1X protocol and without 1877support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS 1878protocols (usable only via 802.1X). 1879.It Va WITH_ZEROREGS 1880Build the basesystem with code to zero caller-used register contents 1881on function return. 1882This prevents leaking temporary values for side channel attacks. 1883Additionally this reduces the number of usable ROP gadgets for attackers. 1884.It Va WITHOUT_ZFS 1885Do not build the ZFS file system kernel module, libraries such as 1886.Xr libbe 3 , 1887and user commands such as 1888.Xr zpool 8 1889or 1890.Xr zfs 8 . 1891Also disable ZFS support in utilities and libraries which implement 1892ZFS-specific functionality. 1893When set, it enforces these options: 1894.Pp 1895.Bl -item -compact 1896.It 1897.Va WITHOUT_ZFS_TESTS 1898.El 1899.It Va WITHOUT_ZFS_TESTS 1900Do not build and install the legacy ZFS test suite. 1901.It Va WITHOUT_ZONEINFO 1902Do not build the timezone database. 1903When set, it enforces these options: 1904.Pp 1905.Bl -item -compact 1906.It 1907.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT 1908.El 1909.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT 1910Build leapsecond information in to the timezone database. 1911This option violates 1912.St -p1003.1 1913and all other applicable standards, and is known to cause unexpected 1914issues with date/time handling in many applications and programming 1915languages. 1916.El 1917.Pp 1918The following options accept a single value from a list of valid values. 1919.Bl -tag -width indent 1920.It Va INIT_ALL 1921Control default initialization of stack variables in C and C++ code. 1922Options other than 1923.Li none 1924require the Clang compiler or GCC 12.0 or later. 1925The default value is 1926.Li none . 1927Valid values are: 1928.Bl -tag -width indent 1929.It Li none 1930Do not initialize stack variables (standard C/C++ behavior). 1931.It Li pattern 1932Build the base system or kernel with stack variables initialized to 1933.Pq compiler defined 1934debugging patterns on function entry. 1935.It Li zero 1936Build the base system or kernel with stack variables initialized 1937to zero on function entry. 1938This value is converted to 1939.Li none 1940for amd64 kernel builds due to incompatability with ifunc memset. 1941.El 1942.It Va LIBC_MALLOC 1943Specify the 1944.Xr malloc 3 1945implementation used by libc. 1946The default value is 1947.Li jemalloc . 1948Valid values are: 1949.Bl -tag -width indent 1950.It Li jemalloc 1951.El 1952.Pp 1953Other implementations are expected in the future in both 1954.Fx 1955and downstream consumers. 1956.El 1957.Sh FILES 1958.Bl -tag -compact -width Pa 1959.It Pa /etc/src.conf 1960.It Pa /etc/src-env.conf 1961.It Pa /usr/share/mk/bsd.own.mk 1962.El 1963.Sh SEE ALSO 1964.Xr make 1 , 1965.Xr make.conf 5 , 1966.Xr build 7 , 1967.Xr ports 7 1968.Sh HISTORY 1969The 1970.Nm 1971file appeared in 1972.Fx 7.0 . 1973.Sh AUTHORS 1974This manual page was autogenerated by 1975.An tools/build/options/makeman . 1976