1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. 2.Dd July 27, 2025 3.Dt SRC.CONF 5 4.Os 5.Sh NAME 6.Nm src.conf 7.Nd "source build options" 8.Sh DESCRIPTION 9The 10.Nm 11file contains variables that control what components will be generated during 12the build process of the 13.Fx 14source tree; see 15.Xr build 7 . 16.Pp 17The 18.Nm 19file uses the standard makefile syntax. 20However, 21.Nm 22should not specify any dependencies to 23.Xr make 1 . 24Instead, 25.Nm 26is to set 27.Xr make 1 28variables that control the aspects of how the system builds. 29.Pp 30The default location of 31.Nm 32is 33.Pa /etc/src.conf , 34though an alternative location can be specified in the 35.Xr make 1 36variable 37.Va SRCCONF . 38Overriding the location of 39.Nm 40may be necessary if the system-wide settings are not suitable 41for a particular build. 42For instance, setting 43.Va SRCCONF 44to 45.Pa /dev/null 46effectively resets all build controls to their defaults. 47.Pp 48The only purpose of 49.Nm 50is to control the compilation of the 51.Fx 52source code, which is usually located in 53.Pa /usr/src . 54As a rule, the system administrator creates 55.Nm 56when the values of certain control variables need to be changed 57from their defaults. 58.Pp 59In addition, control variables can be specified 60for a particular build via the 61.Fl D 62option of 63.Xr make 1 64or in its environment; see 65.Xr environ 7 . 66.Pp 67The environment of 68.Xr make 1 69for the build can be controlled via the 70.Va SRC_ENV_CONF 71variable, which defaults to 72.Pa /etc/src-env.conf . 73Some examples that may only be set in this file are 74.Va WITH_DIRDEPS_BUILD , 75and 76.Va WITH_META_MODE , 77and 78.Va MAKEOBJDIRPREFIX 79as they are environment-only variables. 80.Pp 81The values of 82.Va WITH_ 83and 84.Va WITHOUT_ 85variables are ignored regardless of their setting; 86even if they would be set to 87.Dq Li FALSE 88or 89.Dq Li NO . 90The presence of an option causes 91it to be honored by 92.Xr make 1 . 93.Pp 94This list provides a name and short description for variables 95that can be used for source builds. 96.Bl -tag -width indent 97.It Va WITHOUT_ACCT 98Do not build process accounting tools such as 99.Xr accton 8 100and 101.Xr sa 8 . 102.It Va WITHOUT_ACPI 103Do not build 104.Xr acpiconf 8 , 105.Xr acpidump 8 106and related programs. 107.It Va WITHOUT_APM 108Do not build 109.Xr apm 8 , 110.Xr apmd 8 111and related programs. 112.It Va WITH_ASAN 113Build the base system with Address Sanitizer (ASan) to detect 114memory corruption bugs such as buffer overflows or use-after-free. 115Requires that Clang be used as the base system compiler 116and that the runtime support library is available. 117When set, it enforces these options: 118.Pp 119.Bl -item -compact 120.It 121.Va WITH_LLVM_BINUTILS 122.It 123.Va WITH_LLVM_CXXFILT 124.El 125.It Va WITHOUT_ASSERT_DEBUG 126Compile programs and libraries without the 127.Xr assert 3 128checks. 129.It Va WITHOUT_AT 130Do not build 131.Xr at 1 132and related utilities. 133.It Va WITHOUT_AUDIT 134Do not build audit support into system programs. 135.It Va WITHOUT_AUTHPF 136Do not build 137.Xr authpf 8 . 138.It Va WITHOUT_AUTOFS 139Do not build 140.Xr autofs 4 141related programs, libraries, and kernel modules. 142.It Va WITHOUT_AUTO_OBJ 143Disable automatic creation of objdirs. 144This is enabled by default if the wanted OBJDIR is writable by the current user. 145.Pp 146This must be set in the environment, make command line, or 147.Pa /etc/src-env.conf , 148not 149.Pa /etc/src.conf . 150.It Va WITH_BEARSSL 151Build the BearSSL library. 152.Pp 153BearSSL is a tiny SSL library suitable for embedded environments. 154For details see 155.Lk https://www.BearSSL.org/ 156.Pp 157This library is currently only used to perform 158signature verification and related operations 159for Verified Exec and 160.Xr loader 8 . 161.Pp 162Due to size constraints in the BIOS environment on x86, one may need to set 163.Va LOADERSIZE 164larger than the 165default 500000, although often loader is under the 500k limit even with 166this option. 167Setting 168.Va LOADERSIZE 169larger than 500000 may cause 170.Xr pxeboot 8 171to be too large to work. 172Careful testing of the loader in the target environment when built with a larger 173limit to establish safe limits is critical because different BIOS environments 174reserve differing amounts of the low 640k space, making a precise limit for 175everybody impossible. 176.Pp 177See also 178.Va WITH_LOADER_PXEBOOT 179for other considerations. 180When set, these options are also in effect: 181.Pp 182.Bl -inset -compact 183.It Va WITH_LOADER_EFI_SECUREBOOT 184(unless 185.Va WITHOUT_LOADER_EFI_SECUREBOOT 186is set explicitly) 187.It Va WITH_LOADER_VERIEXEC 188(unless 189.Va WITHOUT_LOADER_VERIEXEC 190is set explicitly) 191.It Va WITH_LOADER_VERIEXEC_VECTX 192(unless 193.Va WITHOUT_LOADER_VERIEXEC_VECTX 194is set explicitly) 195.It Va WITH_VERIEXEC 196(unless 197.Va WITHOUT_VERIEXEC 198is set explicitly) 199.El 200.It Va WITHOUT_BHYVE 201Do not build or install 202.Xr bhyve 8 , 203associated utilities, and examples. 204.Pp 205This option only affects amd64/amd64 and arm64/aarch64. 206.It Va WITH_BHYVE_SNAPSHOT 207Include support for save and restore (snapshots) in 208.Xr bhyve 8 209and 210.Xr bhyvectl 8 . 211.Pp 212This option only affects amd64/amd64. 213.It Va WITH_BIND_NOW 214Build all binaries with the 215.Dv DF_BIND_NOW 216flag set to indicate that the run-time loader should perform all relocation 217processing at process startup rather than on demand. 218The combination of the 219.Va BIND_NOW 220and 221.Va RELRO 222options provide "full" Relocation Read-Only (RELRO) support. 223With full RELRO the entire GOT is made read-only after performing relocation at 224startup, avoiding GOT overwrite attacks. 225.It Va WITHOUT_BLACKLIST 226Set this if you do not want to build 227.Xr blacklistd 8 228and 229.Xr blacklistctl 8 . 230When set, these options are also in effect: 231.Pp 232.Bl -inset -compact 233.It Va WITHOUT_BLACKLIST_SUPPORT 234(unless 235.Va WITH_BLACKLIST_SUPPORT 236is set explicitly) 237.El 238.It Va WITHOUT_BLACKLIST_SUPPORT 239Build some programs without 240.Xr libblacklist 3 241support, like 242.Xr fingerd 8 , 243.Xr ftpd 8 , 244and 245.Xr sshd 8 . 246.It Va WITHOUT_BLUETOOTH 247Do not build Bluetooth related kernel modules, programs and libraries. 248.It Va WITHOUT_BOOT 249Do not build the boot blocks and loader. 250.It Va WITHOUT_BOOTPARAMD 251Do not build or install 252.Xr bootparamd 8 . 253.It Va WITHOUT_BOOTPD 254Do not build or install 255.Xr bootpd 8 . 256.It Va WITH_BRANCH_PROTECTION 257Build with branch protection enabled. 258On arm64 enable the use of pointer authentication and 259branch target identification instructions on arm64. 260These can be used to help mitigate some exploit techniques. 261.It Va WITHOUT_BSDINSTALL 262Do not build 263.Xr bsdinstall 8 , 264.Xr sade 8 , 265and related programs. 266.It Va WITHOUT_BSD_CPIO 267Do not build the BSD licensed version of cpio based on 268.Xr libarchive 3 . 269.It Va WITHOUT_BSNMP 270Do not build or install 271.Xr bsnmpd 1 272and related libraries and data files. 273.It Va WITHOUT_BZIP2 274Do not build contributed bzip2 software as a part of the base system. 275.Bf -symbolic 276The option has no effect yet. 277.Ef 278When set, these options are also in effect: 279.Pp 280.Bl -inset -compact 281.It Va WITHOUT_BZIP2_SUPPORT 282(unless 283.Va WITH_BZIP2_SUPPORT 284is set explicitly) 285.El 286.It Va WITHOUT_BZIP2_SUPPORT 287Build some programs without optional bzip2 support. 288.It Va WITHOUT_CALENDAR 289Do not build 290.Xr calendar 1 . 291.It Va WITHOUT_CAROOT 292Do not add the trusted certificates from the Mozilla NSS bundle to 293base. 294.It Va WITHOUT_CASPER 295This option has no effect. 296.It Va WITH_CCACHE_BUILD 297Use 298.Xr ccache 1 299for the build. 300No configuration is required except to install the 301.Sy devel/ccache 302or 303.Sy devel/sccache 304package. 305When using with 306.Xr distcc 1 , 307set 308.Sy CCACHE_PREFIX=/usr/local/bin/distcc . 309When using with sccache 310set 311.Sy CCACHE_NAME=sccache 312in 313.Xr src.conf 5 . 314The default cache directory of 315.Pa $HOME/.ccache 316will be used, which can be overridden by setting 317.Sy CCACHE_DIR . 318The 319.Sy CCACHE_COMPILERCHECK 320option defaults to 321.Sy content 322when using the in-tree bootstrap compiler, 323and 324.Sy mtime 325when using an external compiler. 326The 327.Sy CCACHE_CPP2 328option is used for Clang but not GCC. 329.Pp 330Sharing a cache between multiple work directories requires using a layout 331similar to 332.Pa /some/prefix/src 333.Pa /some/prefix/obj 334and an environment such as: 335.Bd -literal -offset indent 336CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' 337.Ed 338.Pp 339See 340.Xr ccache 1 341for more configuration options. 342.It Va WITHOUT_CCD 343Do not build 344.Xr geom_ccd 4 345and related utilities. 346.It Va WITHOUT_CDDL 347Do not build code licensed under Sun's CDDL. 348When set, it enforces these options: 349.Pp 350.Bl -item -compact 351.It 352.Va WITHOUT_CTF 353.It 354.Va WITHOUT_DTRACE 355.It 356.Va WITHOUT_LOADER_ZFS 357.It 358.Va WITHOUT_ZFS 359.It 360.Va WITHOUT_ZFS_TESTS 361.El 362.It Va WITHOUT_CLANG 363Do not build the Clang C/C++ compiler during the regular phase of the build. 364When set, it enforces these options: 365.Pp 366.Bl -item -compact 367.It 368.Va WITHOUT_CLANG_EXTRAS 369.It 370.Va WITHOUT_CLANG_FORMAT 371.It 372.Va WITHOUT_CLANG_FULL 373.It 374.Va WITHOUT_LLVM_COV 375.El 376.Pp 377When set, these options are also in effect: 378.Pp 379.Bl -inset -compact 380.It Va WITHOUT_LLVM_TARGET_AARCH64 381(unless 382.Va WITH_LLVM_TARGET_AARCH64 383is set explicitly) 384.It Va WITHOUT_LLVM_TARGET_ALL 385(unless 386.Va WITH_LLVM_TARGET_ALL 387is set explicitly) 388.It Va WITHOUT_LLVM_TARGET_ARM 389(unless 390.Va WITH_LLVM_TARGET_ARM 391is set explicitly) 392.It Va WITHOUT_LLVM_TARGET_POWERPC 393(unless 394.Va WITH_LLVM_TARGET_POWERPC 395is set explicitly) 396.It Va WITHOUT_LLVM_TARGET_RISCV 397(unless 398.Va WITH_LLVM_TARGET_RISCV 399is set explicitly) 400.El 401.It Va WITHOUT_CLANG_BOOTSTRAP 402Do not build the Clang C/C++ compiler during the bootstrap phase of 403the build. 404To be able to build the system, either gcc or clang bootstrap must be 405enabled unless an alternate compiler is provided via XCC. 406.It Va WITH_CLANG_EXTRAS 407Build additional clang and llvm tools, such as bugpoint and 408clang-format. 409.It Va WITH_CLANG_FORMAT 410Build clang-format. 411.It Va WITHOUT_CLANG_FULL 412Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of 413the Clang C/C++ compiler. 414.It Va WITH_CLEAN 415Clean before building world and/or kernel. 416.It Va WITHOUT_CPP 417Do not build 418.Xr cpp 1 . 419.It Va WITHOUT_CROSS_COMPILER 420Do not build any cross compiler in the cross-tools stage of buildworld. 421When compiling a different version of 422.Fx 423than what is installed on the system, provide an alternate 424compiler with XCC to ensure success. 425When compiling with an identical version of 426.Fx 427to the host, this option may be safely used. 428This option may also be safe when the host version of 429.Fx 430is close to the sources being built, but all bets are off if there have 431been any changes to the toolchain between the versions. 432When set, it enforces these options: 433.Pp 434.Bl -item -compact 435.It 436.Va WITHOUT_CLANG_BOOTSTRAP 437.It 438.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 439.It 440.Va WITHOUT_LLD_BOOTSTRAP 441.El 442.It Va WITHOUT_CRYPT 443Do not build any crypto code. 444When set, it enforces these options: 445.Pp 446.Bl -item -compact 447.It 448.Va WITHOUT_DMAGENT 449.It 450.Va WITHOUT_KERBEROS 451.It 452.Va WITHOUT_KERBEROS_SUPPORT 453.It 454.Va WITHOUT_LDNS 455.It 456.Va WITHOUT_LDNS_UTILS 457.It 458.Va WITHOUT_LOADER_ZFS 459.It 460.Va WITHOUT_MITKRB5 461.It 462.Va WITHOUT_OPENSSH 463.It 464.Va WITHOUT_OPENSSL 465.It 466.Va WITHOUT_OPENSSL_KTLS 467.It 468.Va WITHOUT_PKGBOOTSTRAP 469.It 470.Va WITHOUT_UNBOUND 471.It 472.Va WITHOUT_ZFS 473.It 474.Va WITHOUT_ZFS_TESTS 475.El 476.Pp 477When set, these options are also in effect: 478.Pp 479.Bl -inset -compact 480.It Va WITHOUT_GSSAPI 481(unless 482.Va WITH_GSSAPI 483is set explicitly) 484.El 485.It Va WITH_CTF 486Compile with CTF (Compact C Type Format) data. 487CTF data encapsulates a reduced form of debugging information 488similar to DWARF and the venerable stabs and is required for DTrace. 489.It Va WITHOUT_CUSE 490Do not build CUSE-related programs and libraries. 491.It Va WITHOUT_CXGBETOOL 492Do not build 493.Xr cxgbetool 8 494.Pp 495This is a default setting on 496arm/armv7 and riscv/riscv64. 497.It Va WITH_CXGBETOOL 498Build 499.Xr cxgbetool 8 500.Pp 501This is a default setting on 502amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 503.It Va WITHOUT_DEBUG_FILES 504Avoid building or installing standalone debug files for each 505executable binary and shared library. 506.It Va WITH_DETECT_TZ_CHANGES 507Make the time handling code detect changes to the timezone files. 508.It Va WITH_DIALOG 509Do build 510.Xr dialog 1 , 511.Xr dialog 3 , 512.Xr dpv 1 , 513and 514.Xr dpv 3 . 515.It Va WITHOUT_DICT 516Do not build the Webster dictionary files. 517.It Va WITH_DIRDEPS_BUILD 518This is an alternate build system. 519For details see 520https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. 521Build commands can be seen from the top-level with: 522.Dl make show-valid-targets 523The build is driven by dirdeps.mk using 524.Va DIRDEPS 525stored in 526Makefile.depend files found in each directory. 527.Pp 528The build can be started from anywhere, and behaves the same. 529The initial instance of 530.Xr make 1 531recursively reads 532.Va DIRDEPS 533from 534.Pa Makefile.depend , 535computing a graph of tree dependencies from the current origin. 536Setting 537.Va NO_DIRDEPS 538skips checking dirdep dependencies and will only build in the current 539and child directories. 540.Va NO_DIRDEPS_BELOW 541skips building any dirdeps and only build the current directory. 542.Pp 543This also utilizes the 544.Va WITH_META_MODE 545logic for incremental builds. 546.Pp 547The build hides commands executed unless 548.Va NO_SILENT 549is defined. 550.Pp 551Note that there is currently no mass install feature for this. 552This build is designed for producing packages, that can then be installed 553on a target system. 554.Pp 555The implementation in 556.Fx 557is incomplete. 558Completion would require leaf directories for building each kernel 559and package so that their dependencies can be tracked. 560When set, it enforces these options: 561.Pp 562.Bl -item -compact 563.It 564.Va WITH_INSTALL_AS_USER 565.El 566.Pp 567When set, these options are also in effect: 568.Pp 569.Bl -inset -compact 570.It Va WITH_META_ERROR_TARGET 571(unless 572.Va WITHOUT_META_ERROR_TARGET 573is set explicitly) 574.It Va WITH_META_MODE 575(unless 576.Va WITHOUT_META_MODE 577is set explicitly) 578.It Va WITH_STAGING 579(unless 580.Va WITHOUT_STAGING 581is set explicitly) 582.It Va WITH_STAGING_MAN 583(unless 584.Va WITHOUT_STAGING_MAN 585is set explicitly) 586.It Va WITH_STAGING_PROG 587(unless 588.Va WITHOUT_STAGING_PROG 589is set explicitly) 590.It Va WITH_SYSROOT 591(unless 592.Va WITHOUT_SYSROOT 593is set explicitly) 594.El 595.Pp 596This must be set in the environment, make command line, or 597.Pa /etc/src-env.conf , 598not 599.Pa /etc/src.conf . 600.It Va WITH_DIRDEPS_CACHE 601Cache result of dirdeps.mk which can save significant time 602for subsequent builds. 603Depends on 604.Va WITH_DIRDEPS_BUILD . 605.Pp 606This must be set in the environment, make command line, or 607.Pa /etc/src-env.conf , 608not 609.Pa /etc/src.conf . 610.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP 611Build 612.Xr etdump 1 , 613.Xr makefs 8 614and 615.Xr mkimg 1 616as bootstrap tools. 617.It Va WITHOUT_DMAGENT 618Do not build dma Mail Transport Agent. 619.It Va WITHOUT_DOCCOMPRESS 620Do not install compressed system documentation. 621Only the uncompressed version will be installed. 622.It Va WITHOUT_DTRACE 623Do not build DTrace framework kernel modules, libraries, and user commands. 624When set, it enforces these options: 625.Pp 626.Bl -item -compact 627.It 628.Va WITHOUT_CTF 629.El 630.It Va WITH_DTRACE_ASAN 631Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1)) 632with address and undefined behavior sanitizers. 633Requires that Clang be used as the base system compiler 634and that the runtime support library is available. 635.It Va WITH_DTRACE_TESTS 636Build and install the DTrace test suite in 637.Pa /usr/tests/cddl/usr.sbin/dtrace . 638This test suite is considered experimental on architectures other than 639amd64/amd64 and running it may cause system instability. 640.It Va WITHOUT_DYNAMICROOT 641Set this if you do not want to link 642.Pa /bin 643and 644.Pa /sbin 645dynamically. 646.It Va WITHOUT_EE 647Do not build and install 648.Xr edit 1 , 649.Xr ee 1 , 650and related programs. 651.It Va WITHOUT_EFI 652Set not to build 653.Xr efivar 3 654and 655.Xr efivar 8 . 656.Pp 657This is a default setting on 658i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 659.It Va WITH_EFI 660Build 661.Xr efivar 3 662and 663.Xr efivar 8 . 664.Pp 665This is a default setting on 666amd64/amd64, arm/armv7, arm64/aarch64 and riscv/riscv64. 667.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 668Do not build ELF Tool Chain tools 669(addr2line, nm, size, strings and strip) 670as part of the bootstrap process. 671.Bf -symbolic 672An alternate bootstrap tool chain must be provided. 673.Ef 674.It Va WITHOUT_EXAMPLES 675Avoid installing examples to 676.Pa /usr/share/examples/ . 677.It Va WITH_EXPERIMENTAL 678Include experimental features in the build. 679.It Va WITHOUT_FDT 680Do not build Flattened Device Tree support as part of the base system. 681This includes the device tree compiler (dtc) and libfdt support library. 682.Pp 683This is a default setting on 684amd64/amd64 and i386/i386. 685.It Va WITH_FDT 686Build Flattened Device Tree support as part of the base system. 687This includes the device tree compiler (dtc) and libfdt support library. 688.Pp 689This is a default setting on 690arm/armv7, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 691.It Va WITHOUT_FILE 692Do not build 693.Xr file 1 694and related programs. 695.It Va WITHOUT_FINGER 696Do not build or install 697.Xr finger 1 698and 699.Xr fingerd 8 . 700.It Va WITHOUT_FLOPPY 701Do not build or install programs 702for operating floppy disk driver. 703.It Va WITHOUT_FORMAT_EXTENSIONS 704Do not enable 705.Fl fformat-extensions 706when compiling the kernel. 707Also disables all format checking. 708.It Va WITHOUT_FORTH 709Build bootloaders without Forth support. 710.It Va WITHOUT_FP_LIBC 711Build 712.Nm libc 713without floating-point support. 714.It Va WITHOUT_FREEBSD_UPDATE 715Do not build 716.Xr freebsd-update 8 . 717.It Va WITHOUT_FTP 718Do not build or install 719.Xr ftp 1 720and 721.Xr ftpd 8 . 722.It Va WITHOUT_GAMES 723Do not build games. 724.It Va WITHOUT_GNU_DIFF 725Do not build GNU 726.Xr diff3 1 ; 727build BSD 728.Xr diff3 1 729instead. 730.It Va WITHOUT_GOOGLETEST 731Neither build nor install 732.Lb libgmock , 733.Lb libgtest , 734and dependent tests. 735.It Va WITHOUT_GPIO 736Do not build 737.Xr gpioctl 8 738as part of the base system. 739.It Va WITHOUT_GSSAPI 740Do not build libgssapi. 741.It Va WITHOUT_HAST 742Do not build 743.Xr hastd 8 744and related utilities. 745.It Va WITH_HESIOD 746Build Hesiod support. 747.It Va WITHOUT_HTML 748Do not build HTML docs. 749.It Va WITHOUT_HYPERV 750Do not build or install HyperV utilities. 751.Pp 752This is a default setting on 753arm/armv7, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 754.It Va WITH_HYPERV 755Build or install HyperV utilities. 756.Pp 757This is a default setting on 758amd64/amd64, arm64/aarch64 and i386/i386. 759.It Va WITHOUT_ICONV 760Do not build iconv as part of libc. 761.It Va WITHOUT_INCLUDES 762Do not install header files. 763This option used to be spelled 764.Va NO_INCS . 765.Bf -symbolic 766The option does not work for build targets. 767.Ef 768.It Va WITHOUT_INET 769Do not build programs and libraries related to IPv4 networking. 770When set, it enforces these options: 771.Pp 772.Bl -item -compact 773.It 774.Va WITHOUT_INET_SUPPORT 775.El 776.It Va WITHOUT_INET6 777Do not build 778programs and libraries related to IPv6 networking. 779When set, it enforces these options: 780.Pp 781.Bl -item -compact 782.It 783.Va WITHOUT_INET6_SUPPORT 784.El 785.It Va WITHOUT_INET6_SUPPORT 786Build libraries, programs, and kernel modules without IPv6 support. 787.It Va WITHOUT_INETD 788Do not build 789.Xr inetd 8 . 790.It Va WITHOUT_INET_SUPPORT 791Build libraries, programs, and kernel modules without IPv4 support. 792.It Va WITHOUT_INSTALLLIB 793Set this to not install optional libraries. 794For example, when creating a 795.Xr nanobsd 8 796image. 797.Bf -symbolic 798The option does not work for build targets. 799.Ef 800.It Va WITH_INSTALL_AS_USER 801Make install targets succeed for non-root users by installing 802files with owner and group attributes set to that of the user running 803the 804.Xr make 1 805command. 806The user still must set the 807.Va DESTDIR 808variable to point to a directory where the user has write permissions. 809.It Va WITHOUT_IPFILTER 810Do not build IP Filter package. 811.It Va WITHOUT_IPFW 812Do not build IPFW tools. 813.It Va WITHOUT_IPSEC_SUPPORT 814Do not build the kernel with 815.Xr ipsec 4 816support. 817This option is needed for 818.Xr ipsec 4 819and 820.Xr tcpmd5 4 . 821.It Va WITHOUT_ISCSI 822Do not build 823.Xr iscsid 8 824and related utilities. 825.It Va WITHOUT_JAIL 826Do not build tools for the support of jails; e.g., 827.Xr jail 8 . 828.It Va WITHOUT_JEMALLOC_LG_VADDR_WIDE 829Disallow programs to use more than 48 address bits on amd64. 830Incompatible with LA57 mode. 831Enabling this option might result in a slight reduction in memory 832consumption for jemalloc metadata, but also requires disabling LA57 833(if hardware supports it). 834.It Va WITHOUT_KDUMP 835Do not build 836.Xr kdump 1 837and 838.Xr truss 1 . 839.It Va WITHOUT_KERBEROS 840Set this to not build Kerberos 5 (KTH Heimdal). 841When set, these options are also in effect: 842.Pp 843.Bl -inset -compact 844.It Va WITHOUT_GSSAPI 845(unless 846.Va WITH_GSSAPI 847is set explicitly) 848.It Va WITHOUT_KERBEROS_SUPPORT 849(unless 850.Va WITH_KERBEROS_SUPPORT 851is set explicitly) 852.El 853.It Va WITHOUT_KERBEROS_SUPPORT 854Build some programs without Kerberos support, like 855.Xr ssh 1 , 856.Xr telnet 1 , 857and 858.Xr sshd 8 . 859.It Va WITH_KERNEL_BIN 860Generate and install kernel.bin from kernel as part of the normal build and 861install processes for the kernel. Available only on arm and arm64. 862 863Usually this will be added to the kernel config file with: 864 865makeoptions WITH_KERNEL_BIN=1 866 867though it can also be used on the command line. 868.It Va WITH_KERNEL_RETPOLINE 869Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel 870build. 871.It Va WITHOUT_KERNEL_SYMBOLS 872Do not install standalone kernel debug symbol files. 873This option has no effect at build time. 874.It Va WITHOUT_KVM 875Do not build the 876.Nm libkvm 877library as a part of the base system. 878.Bf -symbolic 879The option has no effect yet. 880.Ef 881When set, these options are also in effect: 882.Pp 883.Bl -inset -compact 884.It Va WITHOUT_KVM_SUPPORT 885(unless 886.Va WITH_KVM_SUPPORT 887is set explicitly) 888.El 889.It Va WITHOUT_KVM_SUPPORT 890Build some programs without optional 891.Nm libkvm 892support. 893.It Va WITHOUT_LDNS 894Setting this variable will prevent the LDNS library from being built. 895When set, it enforces these options: 896.Pp 897.Bl -item -compact 898.It 899.Va WITHOUT_LDNS_UTILS 900.It 901.Va WITHOUT_UNBOUND 902.El 903.It Va WITHOUT_LDNS_UTILS 904Setting this variable will prevent building the LDNS utilities 905.Xr drill 1 906and 907.Xr host 1 . 908.It Va WITHOUT_LEGACY_CONSOLE 909Do not build programs that support a legacy PC console; e.g., 910.Xr kbdcontrol 1 911and 912.Xr vidcontrol 1 . 913.It Va WITHOUT_LIB32 914On 64-bit platforms, do not build 32-bit library set and a 915.Nm ld-elf32.so.1 916runtime linker. 917.Pp 918This is a default setting on 919arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 920.It Va WITH_LIB32 921On 64-bit platforms, build the 32-bit library set and a 922.Nm ld-elf32.so.1 923runtime linker. 924.Pp 925This is a default setting on 926amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 927.It Va WITHOUT_LLD 928Do not build LLVM's lld linker. 929.It Va WITHOUT_LLDB 930Do not build the LLDB debugger. 931.Pp 932This is a default setting on 933arm/armv7 and riscv/riscv64. 934.It Va WITH_LLDB 935Build the LLDB debugger. 936.Pp 937This is a default setting on 938amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 939.It Va WITHOUT_LLD_BOOTSTRAP 940Do not build the LLD linker during the bootstrap phase of 941the build. 942To be able to build the system an alternate linker must be provided via XLD. 943.It Va WITH_LLVM_ASSERTIONS 944Enable debugging assertions in LLVM. 945Use when working on or requesting help with LLVM components. 946.It Va WITHOUT_LLVM_BINUTILS 947Install ELF Tool Chain's binary utilities instead of LLVM's. 948This includes 949.Xr addr2line 1 , 950.Xr ar 1 , 951.Xr nm 1 , 952.Xr objcopy 1 , 953.Xr ranlib 1 , 954.Xr readelf 1 , 955.Xr size 1 , 956and 957.Xr strip 1 . 958Regardless of this setting, LLVM tools are used for 959.Xr c++filt 1 960and 961.Xr objdump 1 . 962.Xr strings 1 963is always provided by ELF Tool Chain. 964.It Va WITHOUT_LLVM_COV 965Do not build the 966.Xr llvm-cov 1 967tool. 968.It Va WITHOUT_LLVM_CXXFILT 969Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. 970.It Va WITH_LLVM_FULL_DEBUGINFO 971Generate full debug information for LLVM libraries and tools, which uses 972more disk space and build resources, but allows for easier debugging. 973.It Va WITHOUT_LLVM_TARGET_AARCH64 974Do not build LLVM target support for AArch64. 975The 976.Va LLVM_TARGET_ALL 977option should be used rather than this in most cases. 978.It Va WITHOUT_LLVM_TARGET_ALL 979Only build the required LLVM target support. 980This option is preferred to specific target support options. 981When set, these options are also in effect: 982.Pp 983.Bl -inset -compact 984.It Va WITHOUT_LLVM_TARGET_AARCH64 985(unless 986.Va WITH_LLVM_TARGET_AARCH64 987is set explicitly) 988.It Va WITHOUT_LLVM_TARGET_ARM 989(unless 990.Va WITH_LLVM_TARGET_ARM 991is set explicitly) 992.It Va WITHOUT_LLVM_TARGET_POWERPC 993(unless 994.Va WITH_LLVM_TARGET_POWERPC 995is set explicitly) 996.It Va WITHOUT_LLVM_TARGET_RISCV 997(unless 998.Va WITH_LLVM_TARGET_RISCV 999is set explicitly) 1000.El 1001.It Va WITHOUT_LLVM_TARGET_ARM 1002Do not build LLVM target support for ARM. 1003The 1004.Va LLVM_TARGET_ALL 1005option should be used rather than this in most cases. 1006.It Va WITH_LLVM_TARGET_BPF 1007Build LLVM target support for BPF. 1008The 1009.Va LLVM_TARGET_ALL 1010option should be used rather than this in most cases. 1011.It Va WITH_LLVM_TARGET_MIPS 1012Build LLVM target support for MIPS. 1013The 1014.Va LLVM_TARGET_ALL 1015option should be used rather than this in most cases. 1016.It Va WITHOUT_LLVM_TARGET_POWERPC 1017Do not build LLVM target support for PowerPC. 1018The 1019.Va LLVM_TARGET_ALL 1020option should be used rather than this in most cases. 1021.It Va WITHOUT_LLVM_TARGET_RISCV 1022Do not build LLVM target support for RISC-V. 1023The 1024.Va LLVM_TARGET_ALL 1025option should be used rather than this in most cases. 1026.It Va WITHOUT_LLVM_TARGET_X86 1027Do not build LLVM target support for X86. 1028The 1029.Va LLVM_TARGET_ALL 1030option should be used rather than this in most cases. 1031.It Va WITHOUT_LOADER_BIOS_TEXTONLY 1032Include graphics, font and video mode support in the i386 and amd64 BIOS 1033boot loader. 1034.It Va WITH_LOADER_EFI_SECUREBOOT 1035Enable building 1036.Xr loader 8 1037with support for verification based on certificates obtained from UEFI. 1038.It Va WITHOUT_LOADER_GELI 1039Disable inclusion of GELI crypto support in the boot chain binaries. 1040.Pp 1041This is a default setting on 1042powerpc/powerpc64 and powerpc/powerpc64le. 1043.It Va WITH_LOADER_GELI 1044Build GELI bootloader support. 1045.Pp 1046This is a default setting on 1047amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1048.It Va WITHOUT_LOADER_IA32 1049Do not build the 32-bit UEFI loader. 1050.Pp 1051This is a default setting on 1052arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1053.It Va WITH_LOADER_IA32 1054Build the 32-bit UEFI loader. 1055.Pp 1056This is a default setting on 1057amd64/amd64. 1058.It Va WITHOUT_LOADER_KBOOT 1059Do not build kboot, a linuxboot environment loader 1060.Pp 1061This is a default setting on 1062arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1063.It Va WITH_LOADER_KBOOT 1064Build kboot, a linuxboot environment loader 1065.Pp 1066This is a default setting on 1067amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 1068.It Va WITHOUT_LOADER_LUA 1069Do not build LUA bindings for the boot loader. 1070.Pp 1071This is a default setting on 1072powerpc/powerpc64 and powerpc/powerpc64le. 1073.It Va WITH_LOADER_LUA 1074Build LUA bindings for the boot loader. 1075.Pp 1076This is a default setting on 1077amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1078.It Va WITHOUT_LOADER_OFW 1079Disable building of openfirmware bootloader components. 1080.Pp 1081This is a default setting on 1082amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1083.It Va WITH_LOADER_OFW 1084Build openfirmware bootloader components. 1085.Pp 1086This is a default setting on 1087powerpc/powerpc64 and powerpc/powerpc64le. 1088.It Va WITHOUT_LOADER_PXEBOOT 1089Do not build pxeboot on i386/amd64. 1090When the pxeboot is too large, or unneeded, it may be disabled with this option. 1091See 1092.Va WITH_LOADER_PXEBOOT 1093for how to adjust the defaults when you need both a larger 1094.Pa /boot/loader 1095and 1096.Pa /boot/pxeboot 1097.Pp 1098This option only has an effect on x86. 1099.It Va WITHOUT_LOADER_UBOOT 1100Disable building of ubldr. 1101.Pp 1102This is a default setting on 1103amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1104.It Va WITH_LOADER_UBOOT 1105Build ubldr. 1106.Pp 1107This is a default setting on 1108arm/armv7 and powerpc/powerpc64. 1109.It Va WITH_LOADER_VERBOSE 1110Build with extra verbose debugging in the loader. 1111May explode already nearly too large loader over the limit. 1112Use with care. 1113.It Va WITH_LOADER_VERIEXEC 1114Enable building 1115.Xr loader 8 1116with support for verification similar to Verified Exec. 1117.Pp 1118Depends on 1119.Va WITH_BEARSSL . 1120May require a larger 1121.Va LOADERSIZE . 1122When set, these options are also in effect: 1123.Pp 1124.Bl -inset -compact 1125.It Va WITH_LOADER_EFI_SECUREBOOT 1126(unless 1127.Va WITHOUT_LOADER_EFI_SECUREBOOT 1128is set explicitly) 1129.It Va WITH_LOADER_VERIEXEC_VECTX 1130(unless 1131.Va WITHOUT_LOADER_VERIEXEC_VECTX 1132is set explicitly) 1133.El 1134.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST 1135Enable building 1136.Xr loader 8 1137with support to pass a verified manifest to the kernel. 1138The kernel has to be built with a module to parse the manifest. 1139.Pp 1140Depends on 1141.Va WITH_LOADER_VERIEXEC . 1142.It Va WITH_LOADER_VERIEXEC_VECTX 1143Enable building 1144.Xr loader 8 1145with support for hashing and verifying kernel and modules as a side effect 1146of loading. 1147.Pp 1148Depends on 1149.Va WITH_LOADER_VERIEXEC . 1150.It Va WITHOUT_LOADER_ZFS 1151Do not build ZFS file system boot loader support. 1152.It Va WITHOUT_LOCALES 1153Do not build localization files; see 1154.Xr locale 1 . 1155.It Va WITHOUT_LOCATE 1156Do not build 1157.Xr locate 1 1158and related programs. 1159.It Va WITHOUT_LPR 1160Do not build 1161.Xr lpr 1 1162and related programs. 1163.It Va WITHOUT_LS_COLORS 1164Build 1165.Xr ls 1 1166without support for colors to distinguish file types. 1167.It Va WITHOUT_MACHDEP_OPTIMIZATIONS 1168Prefer machine-independent non-assembler code in libc and libm. 1169.It Va WITHOUT_MAIL 1170Do not build any mail support (MUA or MTA). 1171When set, it enforces these options: 1172.Pp 1173.Bl -item -compact 1174.It 1175.Va WITHOUT_DMAGENT 1176.It 1177.Va WITHOUT_MAILWRAPPER 1178.It 1179.Va WITHOUT_SENDMAIL 1180.El 1181.It Va WITHOUT_MAILWRAPPER 1182Do not build the 1183.Xr mailwrapper 8 1184MTA selector. 1185.It Va WITHOUT_MAKE 1186Do not install 1187.Xr make 1 1188and related support files. 1189.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX 1190Do not execute 1191.Dq Li "make check" 1192in limited sandbox mode. 1193This option should be paired with 1194.Va WITH_INSTALL_AS_USER 1195if executed as an unprivileged user. 1196See 1197.Xr tests 7 1198for more details. 1199.It Va WITH_MALLOC_PRODUCTION 1200Disable assertions and statistics gathering in 1201.Xr malloc 3 . 1202The run-time options 1203.Dv opt.abort , 1204.Dv opt.abort_conf , 1205and 1206.Dv opt.junk 1207also default to false. 1208.It Va WITHOUT_MAN 1209Do not build manual pages. 1210When set, these options are also in effect: 1211.Pp 1212.Bl -inset -compact 1213.It Va WITHOUT_MAN_UTILS 1214(unless 1215.Va WITH_MAN_UTILS 1216is set explicitly) 1217.El 1218.It Va WITHOUT_MANCOMPRESS 1219Do not install compressed man pages. 1220Only the uncompressed versions will be installed. 1221.It Va WITHOUT_MANSPLITPKG 1222Do not split man pages into their own packages during make package. 1223.It Va WITHOUT_MAN_UTILS 1224Do not build utilities for manual pages, 1225.Xr apropos 1 , 1226.Xr makewhatis 1 , 1227.Xr man 1 , 1228.Xr whatis 1 , 1229.Xr manctl 8 , 1230and related support files. 1231.It Va WITH_META_ERROR_TARGET 1232Enable the META_MODE .ERROR target. 1233.Pp 1234This target will copy the meta file of a failed target 1235to 1236.Va ERROR_LOGDIR 1237(default is 1238.Ql ${SRCTOP:H}/error ) 1239to help with failure analysis. 1240Depends on 1241.Va WITH_META_MODE . 1242This default when 1243.Va WITH_DIRDEPS_BUILD 1244is set. 1245.Pp 1246This must be set in the environment, make command line, or 1247.Pa /etc/src-env.conf , 1248not 1249.Pa /etc/src.conf . 1250.It Va WITH_META_MODE 1251Create 1252.Xr make 1 1253meta files when building, which can provide a reliable incremental build when 1254using 1255.Xr filemon 4 . 1256The meta file is created in OBJDIR as 1257.Pa target.meta . 1258These meta files track the command that was executed, its output, and the 1259current directory. 1260The 1261.Xr filemon 4 1262module is required unless 1263.Va NO_FILEMON 1264is defined. 1265When the module is loaded, any files used by the commands executed are 1266tracked as dependencies for the target in its meta file. 1267The target is considered out-of-date and rebuilt if any of these 1268conditions are true compared to the last build: 1269.Bl -bullet -compact 1270.It 1271The command to execute changes. 1272.It 1273The current working directory changes. 1274.It 1275The target's meta file is missing. 1276.It 1277The target's meta file is missing filemon data when filemon is loaded 1278and a previous run did not have it loaded. 1279.It 1280[requires 1281.Xr filemon 4 ] 1282Files read, executed or linked to are newer than the target. 1283.It 1284[requires 1285.Xr filemon 4 ] 1286Files read, written, executed or linked are missing. 1287.El 1288The meta files can also be useful for debugging. 1289.Pp 1290The build hides commands that are executed unless 1291.Va NO_SILENT 1292is defined. 1293Errors cause 1294.Xr make 1 1295to show some of its environment for further debugging. 1296.Pp 1297The build operates as it normally would otherwise. 1298This option originally invoked a different build system but that was renamed 1299to 1300.Va WITH_DIRDEPS_BUILD . 1301.Pp 1302This must be set in the environment, make command line, or 1303.Pa /etc/src-env.conf , 1304not 1305.Pa /etc/src.conf . 1306.It Va WITH_MITKRB5 1307Set this to build MIT Kerberos 5 instead of KTH Heimdal. 1308.It Va WITHOUT_MLX5TOOL 1309Do not build 1310.Xr mlx5tool 8 1311.Pp 1312This is a default setting on 1313arm/armv7 and riscv/riscv64. 1314.It Va WITH_MLX5TOOL 1315Build 1316.Xr mlx5tool 8 1317.Pp 1318This is a default setting on 1319amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 1320.It Va WITHOUT_NETCAT 1321Do not build 1322.Xr nc 1 1323utility. 1324.It Va WITHOUT_NETGRAPH 1325Do not build applications to support 1326.Xr netgraph 4 . 1327When set, it enforces these options: 1328.Pp 1329.Bl -item -compact 1330.It 1331.Va WITHOUT_BLUETOOTH 1332.El 1333.Pp 1334When set, these options are also in effect: 1335.Pp 1336.Bl -inset -compact 1337.It Va WITHOUT_NETGRAPH_SUPPORT 1338(unless 1339.Va WITH_NETGRAPH_SUPPORT 1340is set explicitly) 1341.El 1342.It Va WITHOUT_NETGRAPH_SUPPORT 1343Build libraries, programs, and kernel modules without netgraph support. 1344.It Va WITHOUT_NETLINK 1345Do not build 1346.Xr genl 1 1347utility. 1348.It Va WITHOUT_NETLINK_SUPPORT 1349Make libraries and programs use rtsock and 1350.Xr sysctl 3 1351interfaces instead of 1352.Xr snl 3 . 1353.It Va WITHOUT_NIS 1354Do not build 1355.Xr NIS 8 1356support and related programs. 1357If set, you might need to adopt your 1358.Xr nsswitch.conf 5 1359and remove 1360.Sq nis 1361entries. 1362.It Va WITHOUT_NLS 1363Do not build NLS catalogs. 1364When set, it enforces these options: 1365.Pp 1366.Bl -item -compact 1367.It 1368.Va WITHOUT_NLS_CATALOGS 1369.El 1370.It Va WITHOUT_NLS_CATALOGS 1371Do not build NLS catalog support for 1372.Xr csh 1 . 1373.It Va WITHOUT_NS_CACHING 1374Disable name caching in the 1375.Pa nsswitch 1376subsystem. 1377The generic caching daemon, 1378.Xr nscd 8 , 1379will not be built either if this option is set. 1380.It Va WITHOUT_NTP 1381Do not build 1382.Xr ntpd 8 1383and related programs. 1384.It Va WITHOUT_NUAGEINIT 1385Do not install the limited cloud init support scripts. 1386.It Va WITHOUT_OFED 1387Do not build the 1388.Dq "OpenFabrics Enterprise Distribution" 1389InfiniBand software stack, including kernel modules and userspace libraries. 1390.Pp 1391This is a default setting on 1392arm/armv7. 1393When set, it enforces these options: 1394.Pp 1395.Bl -item -compact 1396.It 1397.Va WITHOUT_OFED_EXTRA 1398.El 1399.It Va WITH_OFED 1400Build the 1401.Dq "OpenFabrics Enterprise Distribution" 1402InfiniBand software stack, including kernel modules and userspace libraries. 1403.Pp 1404This is a default setting on 1405amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1406.It Va WITH_OFED_EXTRA 1407Build the non-essential components of the 1408.Dq "OpenFabrics Enterprise Distribution" 1409Infiniband software stack, mostly examples. 1410.It Va WITH_OPENLDAP 1411Enable building LDAP support for kerberos using an openldap client from ports. 1412.It Va WITHOUT_OPENMP 1413Do not build LLVM's OpenMP runtime. 1414.Pp 1415This is a default setting on 1416arm/armv7. 1417.It Va WITH_OPENMP 1418Build LLVM's OpenMP runtime. 1419.Pp 1420This is a default setting on 1421amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1422.It Va WITHOUT_OPENSSH 1423Do not build OpenSSH. 1424.It Va WITHOUT_OPENSSL 1425Do not build OpenSSL. 1426When set, it enforces these options: 1427.Pp 1428.Bl -item -compact 1429.It 1430.Va WITHOUT_DMAGENT 1431.It 1432.Va WITHOUT_KERBEROS 1433.It 1434.Va WITHOUT_KERBEROS_SUPPORT 1435.It 1436.Va WITHOUT_LDNS 1437.It 1438.Va WITHOUT_LDNS_UTILS 1439.It 1440.Va WITHOUT_LOADER_ZFS 1441.It 1442.Va WITHOUT_MITKRB5 1443.It 1444.Va WITHOUT_OPENSSH 1445.It 1446.Va WITHOUT_OPENSSL_KTLS 1447.It 1448.Va WITHOUT_PKGBOOTSTRAP 1449.It 1450.Va WITHOUT_UNBOUND 1451.It 1452.Va WITHOUT_ZFS 1453.It 1454.Va WITHOUT_ZFS_TESTS 1455.El 1456.Pp 1457When set, these options are also in effect: 1458.Pp 1459.Bl -inset -compact 1460.It Va WITHOUT_GSSAPI 1461(unless 1462.Va WITH_GSSAPI 1463is set explicitly) 1464.El 1465.It Va WITHOUT_OPENSSL_KTLS 1466Do not include kernel TLS support in OpenSSL. 1467.Pp 1468This is a default setting on 1469arm/armv7, i386/i386 and riscv/riscv64. 1470.It Va WITH_OPENSSL_KTLS 1471Include kernel TLS support in OpenSSL. 1472.Pp 1473This is a default setting on 1474amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. 1475.It Va WITHOUT_PAM 1476Do not build PAM library and modules. 1477.Bf -symbolic 1478This option is deprecated and does nothing. 1479.Ef 1480When set, these options are also in effect: 1481.Pp 1482.Bl -inset -compact 1483.It Va WITHOUT_PAM_SUPPORT 1484(unless 1485.Va WITH_PAM_SUPPORT 1486is set explicitly) 1487.El 1488.It Va WITHOUT_PAM_SUPPORT 1489Build some programs without PAM support, particularly 1490.Xr ftpd 8 1491and 1492.Xr ppp 8 . 1493.It Va WITHOUT_PF 1494Do not build PF firewall package. 1495When set, it enforces these options: 1496.Pp 1497.Bl -item -compact 1498.It 1499.Va WITHOUT_AUTHPF 1500.El 1501.It Va WITHOUT_PIE 1502Do not build dynamically linked binaries as 1503Position-Independent Executable (PIE). 1504.Pp 1505This is a default setting on 1506arm/armv7 and i386/i386. 1507.It Va WITH_PIE 1508Build dynamically linked binaries as 1509Position-Independent Executable (PIE). 1510.Pp 1511This is a default setting on 1512amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1513.It Va WITHOUT_PKGBOOTSTRAP 1514Do not build 1515.Xr pkg 7 1516bootstrap tool. 1517.It Va WITHOUT_PMC 1518Do not build 1519.Xr pmccontrol 8 1520and related programs. 1521.It Va WITHOUT_PPP 1522Do not build 1523.Xr ppp 8 1524and related programs. 1525.It Va WITHOUT_PTHREADS_ASSERTIONS 1526Disable debugging assertions in pthreads library. 1527.It Va WITHOUT_QUOTAS 1528Do not build 1529.Xr quota 1 1530and related programs. 1531.It Va WITHOUT_RADIUS_SUPPORT 1532Do not build radius support into various applications, like 1533.Xr pam_radius 8 1534and 1535.Xr ppp 8 . 1536.It Va WITH_RATELIMIT 1537Build the system with rate limit support. 1538.Pp 1539This makes 1540.Dv SO_MAX_PACING_RATE 1541effective in 1542.Xr getsockopt 2 , 1543and 1544.Ar txrlimit 1545support in 1546.Xr ifconfig 8 , 1547by proxy. 1548.It Va WITHOUT_RBOOTD 1549Do not build or install 1550.Xr rbootd 8 . 1551.It Va WITHOUT_RELRO 1552Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. 1553See also the 1554.Va BIND_NOW 1555option. 1556.It Va WITH_REPRODUCIBLE_BUILD 1557Exclude build metadata (such as the build time, user, or host) 1558from the kernel, boot loaders, and uname output, so that builds produce 1559bit-for-bit identical output. 1560.It Va WITHOUT_RESCUE 1561Do not build 1562.Xr rescue 8 . 1563.It Va WITH_RETPOLINE 1564Build the base system with the retpoline speculative execution 1565vulnerability mitigation for CVE-2017-5715. 1566.It Va WITHOUT_ROUTED 1567Do not build 1568.Xr routed 8 1569utility. 1570.It Va WITH_RPCBIND_WARMSTART_SUPPORT 1571Build 1572.Xr rpcbind 8 1573with warmstart support. 1574.It Va WITH_RUN_TESTS 1575Run tests as part of the build. 1576.It Va WITHOUT_SCTP_SUPPORT 1577Disable support in the kernel for the 1578.Xr sctp 4 1579Stream Control Transmission Protocol 1580loadable kernel module. 1581.It Va WITHOUT_SENDMAIL 1582Do not build 1583.Xr sendmail 8 1584and related programs. 1585.It Va WITHOUT_SERVICESDB 1586Do not install 1587.Pa /var/db/services.db . 1588.It Va WITHOUT_SETUID_LOGIN 1589Set this to disable the installation of 1590.Xr login 1 1591as a set-user-ID root program. 1592.It Va WITHOUT_SHAREDOCS 1593Do not build the 1594.Bx 4.4 1595legacy docs. 1596.It Va WITH_SORT_THREADS 1597Enable threads in 1598.Xr sort 1 . 1599.It Va WITHOUT_SOURCELESS 1600Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). 1601When set, it enforces these options: 1602.Pp 1603.Bl -item -compact 1604.It 1605.Va WITHOUT_SOURCELESS_HOST 1606.It 1607.Va WITHOUT_SOURCELESS_UCODE 1608.El 1609.It Va WITHOUT_SOURCELESS_HOST 1610Do not build kernel modules that include sourceless native code for host CPU. 1611.It Va WITHOUT_SOURCELESS_UCODE 1612Do not build kernel modules that include sourceless microcode. 1613.It Va WITHOUT_SPLIT_KERNEL_DEBUG 1614Do not build standalone kernel debug files. 1615Debug data (if enabled by the kernel configuration file) 1616will be included in the kernel and modules. 1617When set, it enforces these options: 1618.Pp 1619.Bl -item -compact 1620.It 1621.Va WITHOUT_KERNEL_SYMBOLS 1622.El 1623.It Va WITHOUT_SSP 1624Do not build world with stack smashing protection. 1625See 1626.Xr mitigations 7 1627for more information. 1628.It Va WITH_STAGING 1629Enable staging of files to a stage tree. 1630This can be best thought of as auto-install to 1631.Va DESTDIR 1632with some extra meta data to ensure dependencies can be tracked. 1633Depends on 1634.Va WITH_DIRDEPS_BUILD . 1635When set, these options are also in effect: 1636.Pp 1637.Bl -inset -compact 1638.It Va WITH_STAGING_MAN 1639(unless 1640.Va WITHOUT_STAGING_MAN 1641is set explicitly) 1642.It Va WITH_STAGING_PROG 1643(unless 1644.Va WITHOUT_STAGING_PROG 1645is set explicitly) 1646.El 1647.Pp 1648This must be set in the environment, make command line, or 1649.Pa /etc/src-env.conf , 1650not 1651.Pa /etc/src.conf . 1652.It Va WITH_STAGING_MAN 1653Enable staging of man pages to stage tree. 1654.It Va WITH_STAGING_PROG 1655Enable staging of PROGs to stage tree. 1656.It Va WITH_STALE_STAGED 1657Check staged files are not stale. 1658.It Va WITHOUT_STATS 1659Neither build nor install 1660.Lb libstats 1661and dependent binaries. 1662.It Va WITHOUT_SYSCONS 1663Do not build 1664.Xr syscons 4 1665support files such as keyboard maps, fonts, and screen output maps. 1666.It Va WITH_SYSROOT 1667Enable use of sysroot during build. 1668Depends on 1669.Va WITH_DIRDEPS_BUILD . 1670.Pp 1671This must be set in the environment, make command line, or 1672.Pa /etc/src-env.conf , 1673not 1674.Pa /etc/src.conf . 1675.It Va WITHOUT_SYSTEM_COMPILER 1676Do not opportunistically skip building a cross-compiler during the 1677bootstrap phase of the build. 1678Normally, if the currently installed compiler matches the planned bootstrap 1679compiler type and revision, then it will not be built. 1680This does not prevent a compiler from being built for installation though, 1681only for building one for the build itself. 1682The 1683.Va WITHOUT_CLANG 1684option controls that. 1685.It Va WITHOUT_SYSTEM_LINKER 1686Do not opportunistically skip building a cross-linker during the 1687bootstrap phase of the build. 1688Normally, if the currently installed linker matches the planned bootstrap 1689linker type and revision, then it will not be built. 1690This does not prevent a linker from being built for installation though, 1691only for building one for the build itself. 1692The 1693.Va WITHOUT_LLD 1694option controls that. 1695.Pp 1696This option is only relevant when 1697.Va WITH_LLD_BOOTSTRAP 1698is set. 1699.It Va WITHOUT_TALK 1700Do not build or install 1701.Xr talk 1 1702and 1703.Xr talkd 8 . 1704.It Va WITHOUT_TCP_WRAPPERS 1705Do not build or install 1706.Xr tcpd 8 , 1707and related utilities. 1708.It Va WITHOUT_TCSH 1709Do not build and install 1710.Pa /bin/csh 1711(which is 1712.Xr tcsh 1 ) . 1713.It Va WITHOUT_TELNET 1714Do not build 1715.Xr telnet 1 1716and related programs. 1717.It Va WITHOUT_TESTS 1718Do not build nor install the 1719.Fx 1720Test Suite in 1721.Pa /usr/tests/ . 1722See 1723.Xr tests 7 1724for more details. 1725This also disables the build of all test-related dependencies, including ATF. 1726When set, it enforces these options: 1727.Pp 1728.Bl -item -compact 1729.It 1730.Va WITHOUT_DTRACE_TESTS 1731.It 1732.Va WITHOUT_ZFS_TESTS 1733.El 1734.Pp 1735When set, these options are also in effect: 1736.Pp 1737.Bl -inset -compact 1738.It Va WITHOUT_GOOGLETEST 1739(unless 1740.Va WITH_GOOGLETEST 1741is set explicitly) 1742.It Va WITHOUT_TESTS_SUPPORT 1743(unless 1744.Va WITH_TESTS_SUPPORT 1745is set explicitly) 1746.El 1747.It Va WITHOUT_TESTS_SUPPORT 1748Disable the build of all test-related dependencies, including ATF. 1749When set, it enforces these options: 1750.Pp 1751.Bl -item -compact 1752.It 1753.Va WITHOUT_GOOGLETEST 1754.El 1755.It Va WITHOUT_TEXTPROC 1756Do not build 1757programs used for text processing. 1758.It Va WITHOUT_TFTP 1759Do not build or install 1760.Xr tftp 1 1761and 1762.Xr tftpd 8 . 1763.It Va WITHOUT_TOOLCHAIN 1764Do not install 1765programs used for program development, 1766compilers, debuggers etc. 1767When set, it enforces these options: 1768.Pp 1769.Bl -item -compact 1770.It 1771.Va WITHOUT_CLANG 1772.It 1773.Va WITHOUT_CLANG_EXTRAS 1774.It 1775.Va WITHOUT_CLANG_FORMAT 1776.It 1777.Va WITHOUT_CLANG_FULL 1778.It 1779.Va WITHOUT_LLD 1780.It 1781.Va WITHOUT_LLDB 1782.It 1783.Va WITHOUT_LLVM_COV 1784.El 1785.Pp 1786When set, these options are also in effect: 1787.Pp 1788.Bl -inset -compact 1789.It Va WITHOUT_LLVM_BINUTILS 1790(unless 1791.Va WITH_LLVM_BINUTILS 1792is set explicitly) 1793.El 1794.It Va WITH_UBSAN 1795Build the base system with Undefined Behavior Sanitizer (UBSan) to detect 1796various kinds of undefined behavior at runtime. 1797Requires that Clang be used as the base system compiler 1798and that the runtime support library is available 1799.It Va WITHOUT_UNBOUND 1800Do not build 1801.Xr unbound 8 1802and related programs. 1803.It Va WITH_UNDEFINED_VERSION 1804Link libraries with --undefined-version which permits version maps to 1805contain symbols that are not present in the library. 1806If this is necessary to build a particular configuration, a bug is 1807present and the configuration should be reported. 1808.It Va WITHOUT_UNIFIED_OBJDIR 1809Use the historical object directory format for 1810.Xr build 7 1811targets. 1812For native-builds and builds done directly in sub-directories the format of 1813.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} 1814is used, 1815while for cross-builds 1816.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} 1817is used. 1818.Pp 1819This option is transitional and will be removed in a future version of 1820.Fx , 1821at which time 1822.Va WITH_UNIFIED_OBJDIR 1823will be enabled permanently. 1824.Pp 1825This must be set in the environment, make command line, or 1826.Pa /etc/src-env.conf , 1827not 1828.Pa /etc/src.conf . 1829.It Va WITHOUT_USB 1830Do not build USB-related programs and libraries. 1831.It Va WITHOUT_USB_GADGET_EXAMPLES 1832Do not build USB gadget kernel modules. 1833.It Va WITHOUT_UTMPX 1834Do not build user accounting tools such as 1835.Xr last 1 , 1836.Xr users 1 , 1837.Xr who 1 , 1838.Xr ac 8 , 1839.Xr lastlogin 8 1840and 1841.Xr utx 8 . 1842.It Va WITH_VERIEXEC 1843Enable building 1844.Xr veriexec 8 1845which loads the contents of verified manifests into the kernel 1846for use by 1847.Xr mac_veriexec 4 1848.Pp 1849Depends on 1850.Va WITH_BEARSSL . 1851.It Va WITHOUT_VI 1852Do not build and install vi, view, ex and related programs. 1853.It Va WITHOUT_VT 1854Do not build 1855.Xr vt 4 1856support files (fonts and keymaps). 1857.It Va WITHOUT_WARNS 1858Set this to not add warning flags to the compiler invocations. 1859Useful as a temporary workaround when code enters the tree 1860which triggers warnings in environments that differ from the 1861original developer. 1862.It Va WITHOUT_WERROR 1863Set this to not treat compiler warnings as errors. 1864Useful as a temporary workaround when working on fixing compiler warnings. 1865When set, warnings are still printed in the build log but do not fail the build. 1866.It Va WITHOUT_WIRELESS 1867Do not build programs used for 802.11 wireless networks; especially 1868.Xr wpa_supplicant 8 1869and 1870.Xr hostapd 8 . 1871When set, these options are also in effect: 1872.Pp 1873.Bl -inset -compact 1874.It Va WITHOUT_WIRELESS_SUPPORT 1875(unless 1876.Va WITH_WIRELESS_SUPPORT 1877is set explicitly) 1878.El 1879.It Va WITHOUT_WIRELESS_SUPPORT 1880Build libraries, programs, and kernel modules without 1881802.11 wireless support. 1882.It Va WITHOUT_WPA_SUPPLICANT_EAPOL 1883Build 1884.Xr wpa_supplicant 8 1885without support for the IEEE 802.1X protocol and without 1886support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS 1887protocols (usable only via 802.1X). 1888.It Va WITH_ZEROREGS 1889Build the basesystem with code to zero caller-used register contents 1890on function return. 1891This prevents leaking temporary values for side channel attacks. 1892Additionally this reduces the number of usable ROP gadgets for attackers. 1893.It Va WITHOUT_ZFS 1894Do not build the ZFS file system kernel module, libraries such as 1895.Xr libbe 3 , 1896and user commands such as 1897.Xr zpool 8 1898or 1899.Xr zfs 8 . 1900Also disable ZFS support in utilities and libraries which implement 1901ZFS-specific functionality. 1902When set, it enforces these options: 1903.Pp 1904.Bl -item -compact 1905.It 1906.Va WITHOUT_ZFS_TESTS 1907.El 1908.It Va WITHOUT_ZFS_TESTS 1909Do not build and install the legacy ZFS test suite. 1910.It Va WITHOUT_ZONEINFO 1911Do not build the timezone database. 1912When set, it enforces these options: 1913.Pp 1914.Bl -item -compact 1915.It 1916.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT 1917.El 1918.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT 1919Build leapsecond information in to the timezone database. 1920This option violates 1921.St -p1003.1 1922and all other applicable standards, and is known to cause unexpected 1923issues with date/time handling in many applications and programming 1924languages. 1925.El 1926.Pp 1927The following options accept a single value from a list of valid values. 1928.Bl -tag -width indent 1929.It Va INIT_ALL 1930Control default initialization of stack variables in C and C++ code. 1931Options other than 1932.Li none 1933require the Clang compiler or GCC 12.0 or later. 1934The default value is 1935.Li none . 1936Valid values are: 1937.Bl -tag -width indent 1938.It Li none 1939Do not initialize stack variables (standard C/C++ behavior). 1940.It Li pattern 1941Build the base system or kernel with stack variables initialized to 1942.Pq compiler defined 1943debugging patterns on function entry. 1944.It Li zero 1945Build the base system or kernel with stack variables initialized 1946to zero on function entry. 1947This value is converted to 1948.Li none 1949for amd64 kernel builds due to incompatability with ifunc memset. 1950.El 1951.It Va LIBC_MALLOC 1952Specify the 1953.Xr malloc 3 1954implementation used by libc. 1955The default value is 1956.Li jemalloc . 1957Valid values are: 1958.Bl -tag -width indent 1959.It Li jemalloc 1960.El 1961.Pp 1962Other implementations are expected in the future in both 1963.Fx 1964and downstream consumers. 1965.El 1966.Sh FILES 1967.Bl -tag -compact -width Pa 1968.It Pa /etc/src.conf 1969.It Pa /etc/src-env.conf 1970.It Pa /usr/share/mk/bsd.own.mk 1971.El 1972.Sh SEE ALSO 1973.Xr make 1 , 1974.Xr make.conf 5 , 1975.Xr build 7 , 1976.Xr ports 7 1977.Sh HISTORY 1978The 1979.Nm 1980file appeared in 1981.Fx 7.0 . 1982.Sh AUTHORS 1983This manual page was autogenerated by 1984.An tools/build/options/makeman . 1985