1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. 2.Dd December 15, 2025 3.Dt SRC.CONF 5 4.Os 5.Sh NAME 6.Nm src.conf 7.Nd "source build options" 8.Sh DESCRIPTION 9The 10.Nm 11file contains variables that control what components will be generated during 12the build process of the 13.Fx 14source tree; see 15.Xr build 7 . 16.Pp 17The 18.Nm 19file uses the standard makefile syntax. 20However, 21.Nm 22should not specify any dependencies to 23.Xr make 1 . 24Instead, 25.Nm 26is to set 27.Xr make 1 28variables that control the aspects of how the system builds. 29.Pp 30The default location of 31.Nm 32is the top level of the source tree, or 33.Pa /etc/src.conf 34if no 35.Nm 36is found in the source tree itself, 37though an alternative location can be specified in the 38.Xr make 1 39variable 40.Va SRCCONF . 41Overriding the location of 42.Nm 43may be necessary if the system-wide settings are not suitable 44for a particular build. 45For instance, setting 46.Va SRCCONF 47to 48.Pa /dev/null 49effectively resets all build controls to their defaults. 50.Pp 51The only purpose of 52.Nm 53is to control the compilation of the 54.Fx 55source code, which is usually located in 56.Pa /usr/src . 57As a rule, the system administrator creates 58.Nm 59when the values of certain control variables need to be changed 60from their defaults. 61.Pp 62In addition, control variables can be specified 63for a particular build via the 64.Fl D 65option of 66.Xr make 1 67or in its environment; see 68.Xr environ 7 . 69.Pp 70The environment of 71.Xr make 1 72for the build can be controlled via the 73.Va SRC_ENV_CONF 74variable, which defaults to 75.Pa /etc/src-env.conf . 76Some examples that may only be set in this file are 77.Va WITH_DIRDEPS_BUILD , 78and 79.Va WITH_META_MODE , 80and 81.Va MAKEOBJDIRPREFIX 82as they are environment-only variables. 83.Pp 84The values of 85.Va WITH_ 86and 87.Va WITHOUT_ 88variables are ignored regardless of their setting; 89even if they would be set to 90.Dq Li FALSE 91or 92.Dq Li NO . 93The presence of an option causes 94it to be honored by 95.Xr make 1 . 96.Pp 97This list provides a name and short description for variables 98that can be used for source builds. 99.Bl -tag -width indent 100.It Va WITHOUT_ACCT 101Do not build process accounting tools such as 102.Xr accton 8 103and 104.Xr sa 8 . 105.It Va WITHOUT_ACPI 106Do not build 107.Xr acpiconf 8 , 108.Xr acpidump 8 109and related programs. 110.It Va WITHOUT_APM 111Do not build 112.Xr apm 8 , 113.Xr apmd 8 114and related programs. 115.It Va WITH_ASAN 116Build the base system with Address Sanitizer (ASan) to detect 117memory corruption bugs such as buffer overflows or use-after-free. 118Requires that Clang be used as the base system compiler 119and that the runtime support library is available. 120When set, it enforces these options: 121.Pp 122.Bl -item -compact 123.It 124.Va WITH_LLVM_BINUTILS 125.It 126.Va WITH_LLVM_CXXFILT 127.El 128.It Va WITHOUT_ASSERT_DEBUG 129Compile programs and libraries without the 130.Xr assert 3 131checks. 132.It Va WITHOUT_AT 133Do not build 134.Xr at 1 135and related utilities. 136.It Va WITHOUT_AUDIT 137Do not build audit support into system programs. 138.It Va WITHOUT_AUTHPF 139Do not build 140.Xr authpf 8 . 141.It Va WITHOUT_AUTOFS 142Do not build 143.Xr autofs 4 144related programs, libraries, and kernel modules. 145.It Va WITHOUT_AUTO_OBJ 146Disable automatic creation of objdirs. 147This is enabled by default if the wanted OBJDIR is writable by the current user. 148.Pp 149This must be set in the environment, make command line, or 150.Pa /etc/src-env.conf , 151not 152.Pa /etc/src.conf . 153.It Va WITH_BEARSSL 154Build the BearSSL library. 155.Pp 156BearSSL is a tiny SSL library suitable for embedded environments. 157For details see 158.Lk https://www.BearSSL.org/ 159.Pp 160This library is currently only used to perform 161signature verification and related operations 162for Verified Exec and 163.Xr loader 8 . 164.Pp 165Due to size constraints in the BIOS environment on x86, one may need to set 166.Va LOADERSIZE 167larger than the 168default 500000, although often loader is under the 500k limit even with 169this option. 170Setting 171.Va LOADERSIZE 172larger than 500000 may cause 173.Xr pxeboot 8 174to be too large to work. 175Careful testing of the loader in the target environment when built with a larger 176limit to establish safe limits is critical because different BIOS environments 177reserve differing amounts of the low 640k space, making a precise limit for 178everybody impossible. 179.Pp 180See also 181.Va WITH_LOADER_PXEBOOT 182for other considerations. 183When set, these options are also in effect: 184.Pp 185.Bl -inset -compact 186.It Va WITH_LOADER_EFI_SECUREBOOT 187(unless 188.Va WITHOUT_LOADER_EFI_SECUREBOOT 189is set explicitly) 190.It Va WITH_LOADER_VERIEXEC 191(unless 192.Va WITHOUT_LOADER_VERIEXEC 193is set explicitly) 194.It Va WITH_LOADER_VERIEXEC_VECTX 195(unless 196.Va WITHOUT_LOADER_VERIEXEC_VECTX 197is set explicitly) 198.It Va WITH_VERIEXEC 199(unless 200.Va WITHOUT_VERIEXEC 201is set explicitly) 202.El 203.It Va WITHOUT_BHYVE 204Do not build or install 205.Xr bhyve 8 , 206associated utilities, and examples. 207.Pp 208This option only affects amd64/amd64 and arm64/aarch64. 209.It Va WITH_BHYVE_SNAPSHOT 210Include support for save and restore (snapshots) in 211.Xr bhyve 8 212and 213.Xr bhyvectl 8 . 214.Pp 215This option only affects amd64/amd64. 216.It Va WITH_BIND_NOW 217Build all binaries with the 218.Dv DF_BIND_NOW 219flag set to indicate that the run-time loader should perform all relocation 220processing at process startup rather than on demand. 221The combination of the 222.Va BIND_NOW 223and 224.Va RELRO 225options provide "full" Relocation Read-Only (RELRO) support. 226With full RELRO the entire GOT is made read-only after performing relocation at 227startup, avoiding GOT overwrite attacks. 228.It Va WITHOUT_BLACKLIST 229This option has been renamed to 230.Va WITHOUT_BLOCKLIST . 231When set, it enforces these options: 232.Pp 233.Bl -item -compact 234.It 235.Va WITHOUT_BLOCKLIST 236.El 237.Pp 238When set, these options are also in effect: 239.Pp 240.Bl -inset -compact 241.It Va WITHOUT_BLACKLIST_SUPPORT 242(unless 243.Va WITH_BLACKLIST_SUPPORT 244is set explicitly) 245.It Va WITHOUT_BLOCKLIST_SUPPORT 246(unless 247.Va WITH_BLOCKLIST_SUPPORT 248is set explicitly) 249.El 250.It Va WITHOUT_BLACKLIST_SUPPORT 251This option has been renamed to 252.Va WITHOUT_BLOCKLIST_SUPPORT . 253When set, it enforces these options: 254.Pp 255.Bl -item -compact 256.It 257.Va WITHOUT_BLOCKLIST_SUPPORT 258.El 259.It Va WITHOUT_BLOCKLIST 260Set this if you do not want to build 261.Xr blocklistd 8 262and 263.Xr blocklistctl 8 . 264When set, these options are also in effect: 265.Pp 266.Bl -inset -compact 267.It Va WITHOUT_BLOCKLIST_SUPPORT 268(unless 269.Va WITH_BLOCKLIST_SUPPORT 270is set explicitly) 271.El 272.It Va WITHOUT_BLOCKLIST_SUPPORT 273Build some programs without 274.Xr libblocklist 3 275support, like 276.Xr fingerd 8 277and 278.Xr sshd 8 . 279.It Va WITHOUT_BLUETOOTH 280Do not build Bluetooth related kernel modules, programs and libraries. 281.It Va WITHOUT_BOOT 282Do not build the boot blocks and loader. 283.It Va WITHOUT_BOOTPARAMD 284Do not build or install 285.Xr bootparamd 8 . 286.It Va WITHOUT_BOOTPD 287Do not build or install 288.Xr bootpd 8 . 289.It Va WITH_BRANCH_PROTECTION 290Build with branch protection enabled. 291On arm64 enable the use of pointer authentication and 292branch target identification instructions on arm64. 293These can be used to help mitigate some exploit techniques. 294.It Va WITHOUT_BSDINSTALL 295Do not build 296.Xr bsdinstall 8 , 297.Xr sade 8 , 298and related programs. 299.It Va WITHOUT_BSD_CPIO 300Do not build the BSD licensed version of cpio based on 301.Xr libarchive 3 . 302.It Va WITHOUT_BSNMP 303Do not build or install 304.Xr bsnmpd 1 305and related libraries and data files. 306.It Va WITHOUT_BZIP2 307Do not build contributed bzip2 software as a part of the base system. 308.Bf -symbolic 309The option has no effect yet. 310.Ef 311When set, these options are also in effect: 312.Pp 313.Bl -inset -compact 314.It Va WITHOUT_BZIP2_SUPPORT 315(unless 316.Va WITH_BZIP2_SUPPORT 317is set explicitly) 318.El 319.It Va WITHOUT_BZIP2_SUPPORT 320Build some programs without optional bzip2 support. 321.It Va WITHOUT_CALENDAR 322Do not build 323.Xr calendar 1 . 324.It Va WITHOUT_CAROOT 325Do not add the trusted certificates from the Mozilla NSS bundle to 326base. 327.It Va WITHOUT_CASPER 328This option has no effect. 329.It Va WITH_CCACHE_BUILD 330Use 331.Xr ccache 1 332for the build. 333No configuration is required except to install the 334.Sy devel/ccache 335or 336.Sy devel/sccache 337package. 338When using with 339.Xr distcc 1 , 340set 341.Sy CCACHE_PREFIX=/usr/local/bin/distcc . 342When using with sccache 343set 344.Sy CCACHE_NAME=sccache 345in 346.Xr src.conf 5 . 347The default cache directory of 348.Pa $HOME/.ccache 349will be used, which can be overridden by setting 350.Sy CCACHE_DIR . 351The 352.Sy CCACHE_COMPILERCHECK 353option defaults to 354.Sy content 355when using the in-tree bootstrap compiler, 356and 357.Sy mtime 358when using an external compiler. 359The 360.Sy CCACHE_CPP2 361option is used for Clang but not GCC. 362.Pp 363Sharing a cache between multiple work directories requires using a layout 364similar to 365.Pa /some/prefix/src 366.Pa /some/prefix/obj 367and an environment such as: 368.Bd -literal -offset indent 369CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' 370.Ed 371.Pp 372See 373.Xr ccache 1 374for more configuration options. 375.It Va WITHOUT_CCD 376Do not build 377.Xr geom_ccd 4 378and related utilities. 379.It Va WITHOUT_CDDL 380Do not build code licensed under Sun's CDDL. 381When set, it enforces these options: 382.Pp 383.Bl -item -compact 384.It 385.Va WITHOUT_CTF 386.It 387.Va WITHOUT_DTRACE 388.It 389.Va WITHOUT_LOADER_ZFS 390.It 391.Va WITHOUT_ZFS 392.It 393.Va WITHOUT_ZFS_TESTS 394.El 395.It Va WITHOUT_CLANG 396Do not build the Clang C/C++ compiler during the regular phase of the build. 397When set, it enforces these options: 398.Pp 399.Bl -item -compact 400.It 401.Va WITHOUT_CLANG_EXTRAS 402.It 403.Va WITHOUT_CLANG_FORMAT 404.It 405.Va WITHOUT_CLANG_FULL 406.It 407.Va WITHOUT_LLVM_COV 408.El 409.Pp 410When set, these options are also in effect: 411.Pp 412.Bl -inset -compact 413.It Va WITHOUT_LLVM_TARGET_AARCH64 414(unless 415.Va WITH_LLVM_TARGET_AARCH64 416is set explicitly) 417.It Va WITHOUT_LLVM_TARGET_ALL 418(unless 419.Va WITH_LLVM_TARGET_ALL 420is set explicitly) 421.It Va WITHOUT_LLVM_TARGET_ARM 422(unless 423.Va WITH_LLVM_TARGET_ARM 424is set explicitly) 425.It Va WITHOUT_LLVM_TARGET_POWERPC 426(unless 427.Va WITH_LLVM_TARGET_POWERPC 428is set explicitly) 429.It Va WITHOUT_LLVM_TARGET_RISCV 430(unless 431.Va WITH_LLVM_TARGET_RISCV 432is set explicitly) 433.El 434.It Va WITHOUT_CLANG_BOOTSTRAP 435Do not build the Clang C/C++ compiler during the bootstrap phase of 436the build. 437To be able to build the system, either gcc or clang bootstrap must be 438enabled unless an alternate compiler is provided via XCC. 439.It Va WITH_CLANG_EXTRAS 440Build additional clang and llvm tools, such as bugpoint and 441clang-format. 442.It Va WITH_CLANG_FORMAT 443Build clang-format. 444.It Va WITHOUT_CLANG_FULL 445Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of 446the Clang C/C++ compiler. 447.It Va WITH_CLEAN 448Clean before building world and/or kernel. 449Note that recording a new epoch in 450.Pa .clean_build_epoch 451in the root of the source tree will also force a clean world build. 452.It Va WITHOUT_CPP 453Do not build 454.Xr cpp 1 . 455.It Va WITHOUT_CROSS_COMPILER 456Do not build any cross compiler in the cross-tools stage of buildworld. 457When compiling a different version of 458.Fx 459than what is installed on the system, provide an alternate 460compiler with XCC to ensure success. 461When compiling with an identical version of 462.Fx 463to the host, this option may be safely used. 464This option may also be safe when the host version of 465.Fx 466is close to the sources being built, but all bets are off if there have 467been any changes to the toolchain between the versions. 468When set, it enforces these options: 469.Pp 470.Bl -item -compact 471.It 472.Va WITHOUT_CLANG_BOOTSTRAP 473.It 474.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 475.It 476.Va WITHOUT_LLD_BOOTSTRAP 477.El 478.It Va WITHOUT_CRYPT 479Do not build any crypto code. 480When set, it enforces these options: 481.Pp 482.Bl -item -compact 483.It 484.Va WITHOUT_DMAGENT 485.It 486.Va WITHOUT_KERBEROS 487.It 488.Va WITHOUT_LDNS 489.It 490.Va WITHOUT_LDNS_UTILS 491.It 492.Va WITHOUT_LOADER_ZFS 493.It 494.Va WITHOUT_MITKRB5 495.It 496.Va WITHOUT_OPENSSH 497.It 498.Va WITHOUT_OPENSSL 499.It 500.Va WITHOUT_OPENSSL_KTLS 501.It 502.Va WITHOUT_PKGBOOTSTRAP 503.It 504.Va WITHOUT_UNBOUND 505.It 506.Va WITHOUT_ZFS 507.It 508.Va WITHOUT_ZFS_TESTS 509.El 510.Pp 511When set, these options are also in effect: 512.Pp 513.Bl -inset -compact 514.It Va WITHOUT_KERBEROS_SUPPORT 515(unless 516.Va WITH_KERBEROS_SUPPORT 517is set explicitly) 518.El 519.It Va WITH_CTF 520Compile with CTF (Compact C Type Format) data. 521CTF data encapsulates a reduced form of debugging information 522similar to DWARF and the venerable stabs and is required for DTrace. 523.It Va WITHOUT_CUSE 524Do not build CUSE-related programs and libraries. 525.It Va WITHOUT_CXGBETOOL 526Do not build 527.Xr cxgbetool 8 528.Pp 529This is a default setting on 530arm/armv7 and riscv/riscv64. 531.It Va WITH_CXGBETOOL 532Build 533.Xr cxgbetool 8 534.Pp 535This is a default setting on 536amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 537.It Va WITHOUT_DEBUG_FILES 538Avoid building or installing standalone debug files for each 539executable binary and shared library. 540.It Va WITH_DETECT_TZ_CHANGES 541Make the time handling code detect changes to the timezone files. 542.It Va WITH_DIALOG 543Do build 544.Xr dialog 1 , 545.Xr dialog 3 , 546.Xr dpv 1 , 547and 548.Xr dpv 3 . 549.It Va WITHOUT_DICT 550Do not build the Webster dictionary files. 551.It Va WITH_DIRDEPS_BUILD 552This is an alternate build system. 553For details see 554https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. 555Build commands can be seen from the top-level with: 556.Dl make show-valid-targets 557The build is driven by dirdeps.mk using 558.Va DIRDEPS 559stored in 560Makefile.depend files found in each directory. 561.Pp 562The build can be started from anywhere, and behaves the same. 563The initial instance of 564.Xr make 1 565recursively reads 566.Va DIRDEPS 567from 568.Pa Makefile.depend , 569computing a graph of tree dependencies from the current origin. 570Setting 571.Va NO_DIRDEPS 572skips checking dirdep dependencies and will only build in the current 573and child directories. 574.Va NO_DIRDEPS_BELOW 575skips building any dirdeps and only build the current directory. 576.Pp 577This also utilizes the 578.Va WITH_META_MODE 579logic for incremental builds. 580.Pp 581The build hides commands executed unless 582.Va NO_SILENT 583is defined. 584.Pp 585Note that there is currently no mass install feature for this. 586This build is designed for producing packages, that can then be installed 587on a target system. 588.Pp 589The implementation in 590.Fx 591is incomplete. 592Completion would require leaf directories for building each kernel 593and package so that their dependencies can be tracked. 594When set, it enforces these options: 595.Pp 596.Bl -item -compact 597.It 598.Va WITH_INSTALL_AS_USER 599.El 600.Pp 601When set, these options are also in effect: 602.Pp 603.Bl -inset -compact 604.It Va WITH_META_ERROR_TARGET 605(unless 606.Va WITHOUT_META_ERROR_TARGET 607is set explicitly) 608.It Va WITH_META_MODE 609(unless 610.Va WITHOUT_META_MODE 611is set explicitly) 612.It Va WITH_STAGING 613(unless 614.Va WITHOUT_STAGING 615is set explicitly) 616.It Va WITH_STAGING_MAN 617(unless 618.Va WITHOUT_STAGING_MAN 619is set explicitly) 620.It Va WITH_STAGING_PROG 621(unless 622.Va WITHOUT_STAGING_PROG 623is set explicitly) 624.It Va WITH_SYSROOT 625(unless 626.Va WITHOUT_SYSROOT 627is set explicitly) 628.El 629.Pp 630This must be set in the environment, make command line, or 631.Pa /etc/src-env.conf , 632not 633.Pa /etc/src.conf . 634.It Va WITH_DIRDEPS_CACHE 635Cache result of dirdeps.mk which can save significant time 636for subsequent builds. 637Depends on 638.Va WITH_DIRDEPS_BUILD . 639.Pp 640This must be set in the environment, make command line, or 641.Pa /etc/src-env.conf , 642not 643.Pa /etc/src.conf . 644.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP 645Build 646.Xr etdump 1 , 647.Xr makefs 8 648and 649.Xr mkimg 1 650as bootstrap tools. 651.It Va WITHOUT_DMAGENT 652Do not build dma Mail Transport Agent. 653.It Va WITHOUT_DOCCOMPRESS 654Do not install compressed system documentation. 655Only the uncompressed version will be installed. 656.It Va WITHOUT_DTRACE 657Do not build DTrace framework kernel modules, libraries, and user commands. 658When set, it enforces these options: 659.Pp 660.Bl -item -compact 661.It 662.Va WITHOUT_CTF 663.El 664.It Va WITH_DTRACE_ASAN 665Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1)) 666with address and undefined behavior sanitizers. 667Requires that Clang be used as the base system compiler 668and that the runtime support library is available. 669.It Va WITH_DTRACE_TESTS 670Build and install the DTrace test suite in 671.Pa /usr/tests/cddl/usr.sbin/dtrace . 672This test suite is considered experimental on architectures other than 673amd64/amd64 and running it may cause system instability. 674.It Va WITHOUT_DYNAMICROOT 675Set this if you do not want to link 676.Pa /bin 677and 678.Pa /sbin 679dynamically. 680.It Va WITHOUT_EE 681Do not build and install 682.Xr edit 1 , 683.Xr ee 1 , 684and related programs. 685.It Va WITHOUT_EFI 686Set not to build 687.Xr efivar 3 688and 689.Xr efivar 8 . 690.Pp 691This is a default setting on 692i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 693.It Va WITH_EFI 694Build 695.Xr efivar 3 696and 697.Xr efivar 8 . 698.Pp 699This is a default setting on 700amd64/amd64, arm/armv7, arm64/aarch64 and riscv/riscv64. 701.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 702Do not build ELF Tool Chain tools 703(addr2line, nm, size, strings and strip) 704as part of the bootstrap process. 705.Bf -symbolic 706An alternate bootstrap tool chain must be provided. 707.Ef 708.It Va WITHOUT_EXAMPLES 709Avoid installing examples to 710.Pa /usr/share/examples/ . 711.It Va WITH_EXPERIMENTAL 712Include experimental features in the build. 713.It Va WITHOUT_FDT 714Do not build Flattened Device Tree support as part of the base system. 715This includes the device tree compiler (dtc) and libfdt support library. 716.Pp 717This is a default setting on 718amd64/amd64 and i386/i386. 719.It Va WITH_FDT 720Build Flattened Device Tree support as part of the base system. 721This includes the device tree compiler (dtc) and libfdt support library. 722.Pp 723This is a default setting on 724arm/armv7, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 725.It Va WITHOUT_FILE 726Do not build 727.Xr file 1 728and related programs. 729.It Va WITHOUT_FINGER 730Do not build or install 731.Xr finger 1 732and 733.Xr fingerd 8 . 734.It Va WITHOUT_FLOPPY 735Do not build or install programs 736for operating floppy disk driver. 737.It Va WITHOUT_FORMAT_EXTENSIONS 738Do not enable 739.Fl fformat-extensions 740when compiling the kernel. 741Also disables all format checking. 742.It Va WITHOUT_FORTH 743Build bootloaders without Forth support. 744.It Va WITHOUT_FP_LIBC 745Build 746.Nm libc 747without floating-point support. 748.It Va WITHOUT_FREEBSD_UPDATE 749Do not build 750.Xr freebsd-update 8 . 751.It Va WITHOUT_FTP 752Do not build or install 753.Xr ftp 1 . 754.It Va WITHOUT_GAMES 755Do not build games. 756.It Va WITHOUT_GNU_DIFF 757Do not build GNU 758.Xr diff3 1 ; 759build BSD 760.Xr diff3 1 761instead. 762.It Va WITHOUT_GOOGLETEST 763Neither build nor install 764.Lb libgmock , 765.Lb libgtest , 766and dependent tests. 767.It Va WITHOUT_GPIO 768Do not build 769.Xr gpioctl 8 770as part of the base system. 771.It Va WITHOUT_HAST 772Do not build 773.Xr hastd 8 774and related utilities. 775.It Va WITH_HESIOD 776Build Hesiod support. 777.It Va WITHOUT_HTML 778Do not build HTML docs. 779.It Va WITHOUT_HYPERV 780Do not build or install HyperV utilities. 781.Pp 782This is a default setting on 783arm/armv7, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 784.It Va WITH_HYPERV 785Build or install HyperV utilities. 786.Pp 787This is a default setting on 788amd64/amd64, arm64/aarch64 and i386/i386. 789.It Va WITHOUT_ICONV 790Do not build iconv as part of libc. 791.It Va WITHOUT_INCLUDES 792Do not install header files. 793This option used to be spelled 794.Va NO_INCS . 795.Bf -symbolic 796The option does not work for build targets. 797.Ef 798.It Va WITHOUT_INET 799Do not build programs and libraries related to IPv4 networking. 800When set, it enforces these options: 801.Pp 802.Bl -item -compact 803.It 804.Va WITHOUT_INET_SUPPORT 805.El 806.It Va WITHOUT_INET6 807Do not build 808programs and libraries related to IPv6 networking. 809When set, it enforces these options: 810.Pp 811.Bl -item -compact 812.It 813.Va WITHOUT_INET6_SUPPORT 814.El 815.It Va WITHOUT_INET6_SUPPORT 816Build libraries, programs, and kernel modules without IPv6 support. 817.It Va WITHOUT_INETD 818Do not build 819.Xr inetd 8 . 820.It Va WITHOUT_INET_SUPPORT 821Build libraries, programs, and kernel modules without IPv4 support. 822.It Va WITHOUT_INSTALLLIB 823Set this to not install optional libraries. 824For example, when creating a 825.Xr nanobsd 8 826image. 827.Bf -symbolic 828The option does not work for build targets. 829.Ef 830.It Va WITH_INSTALL_AS_USER 831Make install targets succeed for non-root users by installing 832files with owner and group attributes set to that of the user running 833the 834.Xr make 1 835command. 836The user still must set the 837.Va DESTDIR 838variable to point to a directory where the user has write permissions. 839.It Va WITHOUT_IPFILTER 840Do not build IP Filter package. 841.It Va WITH_IPFILTER_IPFS 842Enable building the 843.Xr ipfs 8 844tool to save and restore IPFilter state tables. 845.It Va WITHOUT_IPFW 846Do not build IPFW tools. 847.It Va WITHOUT_IPSEC_SUPPORT 848Do not build the kernel with 849.Xr ipsec 4 850support. 851This option is needed for 852.Xr ipsec 4 853and 854.Xr tcpmd5 4 . 855.It Va WITHOUT_ISCSI 856Do not build 857.Xr iscsid 8 858and related utilities. 859.It Va WITHOUT_JAIL 860Do not build tools for the support of jails; e.g., 861.Xr jail 8 . 862.It Va WITHOUT_JEMALLOC_LG_VADDR_WIDE 863Disallow programs to use more than 48 address bits on amd64. 864Incompatible with LA57 mode. 865Enabling this option might result in a slight reduction in memory 866consumption for jemalloc metadata, but also requires disabling LA57 867(if hardware supports it). 868.It Va WITHOUT_KDUMP 869Do not build 870.Xr kdump 1 871and 872.Xr truss 1 . 873.It Va WITHOUT_KERBEROS 874Set this to not build Kerberos. 875When set, these options are also in effect: 876.Pp 877.Bl -inset -compact 878.It Va WITHOUT_KERBEROS_SUPPORT 879(unless 880.Va WITH_KERBEROS_SUPPORT 881is set explicitly) 882.El 883.It Va WITHOUT_KERBEROS_SUPPORT 884Build some programs without Kerberos support, like 885.Xr ssh 1 , 886.Xr telnet 1 , 887and 888.Xr sshd 8 . 889.It Va WITH_KERNEL_BIN 890Generate and install kernel.bin from kernel as part of the normal build and 891install processes for the kernel. Available only on arm and arm64. 892 893Usually this will be added to the kernel config file with: 894 895makeoptions WITH_KERNEL_BIN=1 896 897though it can also be used on the command line. 898.It Va WITH_KERNEL_RETPOLINE 899Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel 900build. 901.It Va WITHOUT_KERNEL_SYMBOLS 902Do not install standalone kernel debug symbol files. 903This option has no effect at build time. 904.It Va WITHOUT_KVM 905Do not build the 906.Nm libkvm 907library as a part of the base system. 908.Bf -symbolic 909The option has no effect yet. 910.Ef 911When set, these options are also in effect: 912.Pp 913.Bl -inset -compact 914.It Va WITHOUT_KVM_SUPPORT 915(unless 916.Va WITH_KVM_SUPPORT 917is set explicitly) 918.El 919.It Va WITHOUT_KVM_SUPPORT 920Build some programs without optional 921.Nm libkvm 922support. 923.It Va WITHOUT_LDNS 924Setting this variable will prevent the LDNS library from being built. 925When set, it enforces these options: 926.Pp 927.Bl -item -compact 928.It 929.Va WITHOUT_LDNS_UTILS 930.It 931.Va WITHOUT_UNBOUND 932.El 933.It Va WITHOUT_LDNS_UTILS 934Setting this variable will prevent building the LDNS utilities 935.Xr drill 1 936and 937.Xr host 1 . 938.It Va WITHOUT_LEGACY_CONSOLE 939Do not build programs that support a legacy PC console; e.g., 940.Xr kbdcontrol 1 941and 942.Xr vidcontrol 1 . 943.It Va WITHOUT_LIB32 944On 64-bit platforms, do not build 32-bit library set and a 945.Nm ld-elf32.so.1 946runtime linker. 947.Pp 948This is a default setting on 949arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 950.It Va WITH_LIB32 951On 64-bit platforms, build the 32-bit library set and a 952.Nm ld-elf32.so.1 953runtime linker. 954.Pp 955This is a default setting on 956amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 957.It Va WITHOUT_LLD 958Do not build LLVM's lld linker. 959.It Va WITHOUT_LLDB 960Do not build the LLDB debugger. 961.Pp 962This is a default setting on 963riscv/riscv64. 964.It Va WITH_LLDB 965Build the LLDB debugger. 966.Pp 967This is a default setting on 968amd64/amd64, arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 969.It Va WITHOUT_LLD_BOOTSTRAP 970Do not build the LLD linker during the bootstrap phase of 971the build. 972To be able to build the system an alternate linker must be provided via XLD. 973.It Va WITHOUT_LLVM_ASSERTIONS 974Disable debugging assertions in LLVM. 975.It Va WITHOUT_LLVM_BINUTILS 976Install ELF Tool Chain's binary utilities instead of LLVM's. 977This includes 978.Xr addr2line 1 , 979.Xr ar 1 , 980.Xr nm 1 , 981.Xr objcopy 1 , 982.Xr ranlib 1 , 983.Xr readelf 1 , 984.Xr size 1 , 985and 986.Xr strip 1 . 987Regardless of this setting, LLVM tools are used for 988.Xr c++filt 1 989and 990.Xr objdump 1 . 991.Xr strings 1 992is always provided by ELF Tool Chain. 993.It Va WITHOUT_LLVM_COV 994Do not build the 995.Xr llvm-cov 1 996tool. 997.It Va WITHOUT_LLVM_CXXFILT 998Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. 999.It Va WITH_LLVM_FULL_DEBUGINFO 1000Generate full debug information for LLVM libraries and tools, which uses 1001more disk space and build resources, but allows for easier debugging. 1002.It Va WITHOUT_LLVM_TARGET_AARCH64 1003Do not build LLVM target support for AArch64. 1004The 1005.Va LLVM_TARGET_ALL 1006option should be used rather than this in most cases. 1007.It Va WITHOUT_LLVM_TARGET_ALL 1008Only build the required LLVM target support. 1009This option is preferred to specific target support options. 1010When set, these options are also in effect: 1011.Pp 1012.Bl -inset -compact 1013.It Va WITHOUT_LLVM_TARGET_AARCH64 1014(unless 1015.Va WITH_LLVM_TARGET_AARCH64 1016is set explicitly) 1017.It Va WITHOUT_LLVM_TARGET_ARM 1018(unless 1019.Va WITH_LLVM_TARGET_ARM 1020is set explicitly) 1021.It Va WITHOUT_LLVM_TARGET_POWERPC 1022(unless 1023.Va WITH_LLVM_TARGET_POWERPC 1024is set explicitly) 1025.It Va WITHOUT_LLVM_TARGET_RISCV 1026(unless 1027.Va WITH_LLVM_TARGET_RISCV 1028is set explicitly) 1029.El 1030.It Va WITHOUT_LLVM_TARGET_ARM 1031Do not build LLVM target support for ARM. 1032The 1033.Va LLVM_TARGET_ALL 1034option should be used rather than this in most cases. 1035.It Va WITH_LLVM_TARGET_BPF 1036Build LLVM target support for BPF. 1037The 1038.Va LLVM_TARGET_ALL 1039option should be used rather than this in most cases. 1040.It Va WITH_LLVM_TARGET_MIPS 1041Build LLVM target support for MIPS. 1042The 1043.Va LLVM_TARGET_ALL 1044option should be used rather than this in most cases. 1045.It Va WITHOUT_LLVM_TARGET_POWERPC 1046Do not build LLVM target support for PowerPC. 1047The 1048.Va LLVM_TARGET_ALL 1049option should be used rather than this in most cases. 1050.It Va WITHOUT_LLVM_TARGET_RISCV 1051Do not build LLVM target support for RISC-V. 1052The 1053.Va LLVM_TARGET_ALL 1054option should be used rather than this in most cases. 1055.It Va WITHOUT_LLVM_TARGET_X86 1056Do not build LLVM target support for X86. 1057The 1058.Va LLVM_TARGET_ALL 1059option should be used rather than this in most cases. 1060.It Va WITHOUT_LOADER_BIOS_TEXTONLY 1061Include graphics, font and video mode support in the i386 and amd64 BIOS 1062boot loader. 1063.It Va WITH_LOADER_EFI_SECUREBOOT 1064Enable building 1065.Xr loader 8 1066with support for verification based on certificates obtained from UEFI. 1067.It Va WITHOUT_LOADER_GELI 1068Disable inclusion of GELI crypto support in the boot chain binaries. 1069.Pp 1070This is a default setting on 1071powerpc/powerpc64 and powerpc/powerpc64le. 1072.It Va WITH_LOADER_GELI 1073Build GELI bootloader support. 1074.Pp 1075This is a default setting on 1076amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1077.It Va WITHOUT_LOADER_IA32 1078Do not build the 32-bit UEFI loader. 1079.Pp 1080This is a default setting on 1081arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1082.It Va WITH_LOADER_IA32 1083Build the 32-bit UEFI loader. 1084.Pp 1085This is a default setting on 1086amd64/amd64. 1087.It Va WITHOUT_LOADER_KBOOT 1088Do not build kboot, a linuxboot environment loader 1089.Pp 1090This is a default setting on 1091arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1092.It Va WITH_LOADER_KBOOT 1093Build kboot, a linuxboot environment loader 1094.Pp 1095This is a default setting on 1096amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 1097.It Va WITHOUT_LOADER_LUA 1098Do not build LUA bindings for the boot loader. 1099.Pp 1100This is a default setting on 1101powerpc/powerpc64 and powerpc/powerpc64le. 1102.It Va WITH_LOADER_LUA 1103Build LUA bindings for the boot loader. 1104.Pp 1105This is a default setting on 1106amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1107.It Va WITHOUT_LOADER_OFW 1108Disable building of openfirmware bootloader components. 1109.Pp 1110This is a default setting on 1111amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1112.It Va WITH_LOADER_OFW 1113Build openfirmware bootloader components. 1114.Pp 1115This is a default setting on 1116powerpc/powerpc64 and powerpc/powerpc64le. 1117.It Va WITHOUT_LOADER_PXEBOOT 1118Do not build pxeboot on i386/amd64. 1119When the pxeboot is too large, or unneeded, it may be disabled with this option. 1120See 1121.Va WITH_LOADER_PXEBOOT 1122for how to adjust the defaults when you need both a larger 1123.Pa /boot/loader 1124and 1125.Pa /boot/pxeboot 1126.Pp 1127This option only has an effect on x86. 1128.It Va WITHOUT_LOADER_UBOOT 1129Disable building of ubldr. 1130.Pp 1131This is a default setting on 1132amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1133.It Va WITH_LOADER_UBOOT 1134Build ubldr. 1135.Pp 1136This is a default setting on 1137arm/armv7 and powerpc/powerpc64. 1138.It Va WITH_LOADER_VERBOSE 1139Build with extra verbose debugging in the loader. 1140May explode already nearly too large loader over the limit. 1141Use with care. 1142.It Va WITH_LOADER_VERIEXEC 1143Enable building 1144.Xr loader 8 1145with support for verification similar to Verified Exec. 1146.Pp 1147Depends on 1148.Va WITH_BEARSSL . 1149May require a larger 1150.Va LOADERSIZE . 1151When set, these options are also in effect: 1152.Pp 1153.Bl -inset -compact 1154.It Va WITH_LOADER_EFI_SECUREBOOT 1155(unless 1156.Va WITHOUT_LOADER_EFI_SECUREBOOT 1157is set explicitly) 1158.It Va WITH_LOADER_VERIEXEC_VECTX 1159(unless 1160.Va WITHOUT_LOADER_VERIEXEC_VECTX 1161is set explicitly) 1162.El 1163.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST 1164Enable building 1165.Xr loader 8 1166with support to pass a verified manifest to the kernel. 1167The kernel has to be built with a module to parse the manifest. 1168.Pp 1169Depends on 1170.Va WITH_LOADER_VERIEXEC . 1171.It Va WITH_LOADER_VERIEXEC_VECTX 1172Enable building 1173.Xr loader 8 1174with support for hashing and verifying kernel and modules as a side effect 1175of loading. 1176.Pp 1177Depends on 1178.Va WITH_LOADER_VERIEXEC . 1179.It Va WITHOUT_LOADER_ZFS 1180Do not build ZFS file system boot loader support. 1181.It Va WITHOUT_LOCALES 1182Do not build localization files; see 1183.Xr locale 1 . 1184.It Va WITHOUT_LOCATE 1185Do not build 1186.Xr locate 1 1187and related programs. 1188.It Va WITHOUT_LPR 1189Do not build 1190.Xr lpr 1 1191and related programs. 1192.It Va WITHOUT_LS_COLORS 1193Build 1194.Xr ls 1 1195without support for colors to distinguish file types. 1196.It Va WITHOUT_MACHDEP_OPTIMIZATIONS 1197Prefer machine-independent non-assembler code in libc and libm. 1198.It Va WITHOUT_MAIL 1199Do not build any mail support (MUA or MTA). 1200When set, it enforces these options: 1201.Pp 1202.Bl -item -compact 1203.It 1204.Va WITHOUT_DMAGENT 1205.It 1206.Va WITHOUT_MAILWRAPPER 1207.It 1208.Va WITHOUT_SENDMAIL 1209.El 1210.It Va WITHOUT_MAILWRAPPER 1211Do not build the 1212.Xr mailwrapper 8 1213MTA selector. 1214.It Va WITHOUT_MAKE 1215Do not install 1216.Xr make 1 1217and related support files. 1218.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX 1219Do not execute 1220.Dq Li "make check" 1221in limited sandbox mode. 1222This option should be paired with 1223.Va WITH_INSTALL_AS_USER 1224if executed as an unprivileged user. 1225See 1226.Xr tests 7 1227for more details. 1228.It Va WITH_MALLOC_PRODUCTION 1229Disable assertions and statistics gathering in 1230.Xr malloc 3 . 1231The run-time options 1232.Dv opt.abort , 1233.Dv opt.abort_conf , 1234and 1235.Dv opt.junk 1236also default to false. 1237.It Va WITHOUT_MAN 1238Do not build manual pages. 1239When set, these options are also in effect: 1240.Pp 1241.Bl -inset -compact 1242.It Va WITHOUT_MAN_UTILS 1243(unless 1244.Va WITH_MAN_UTILS 1245is set explicitly) 1246.El 1247.It Va WITHOUT_MANCOMPRESS 1248Do not install compressed man pages. 1249Only the uncompressed versions will be installed. 1250.It Va WITH_MANSPLITPKG 1251Split man pages into their own packages during make package. 1252.It Va WITHOUT_MAN_UTILS 1253Do not build utilities for manual pages, 1254.Xr apropos 1 , 1255.Xr makewhatis 1 , 1256.Xr man 1 , 1257.Xr whatis 1 , 1258.Xr manctl 8 , 1259and related support files. 1260.It Va WITH_META_ERROR_TARGET 1261Enable the META_MODE .ERROR target. 1262.Pp 1263This target will copy the meta file of a failed target 1264to 1265.Va ERROR_LOGDIR 1266(default is 1267.Ql ${SRCTOP:H}/error ) 1268to help with failure analysis. 1269Depends on 1270.Va WITH_META_MODE . 1271This default when 1272.Va WITH_DIRDEPS_BUILD 1273is set. 1274.Pp 1275This must be set in the environment, make command line, or 1276.Pa /etc/src-env.conf , 1277not 1278.Pa /etc/src.conf . 1279.It Va WITH_META_MODE 1280Create 1281.Xr make 1 1282meta files when building, which can provide a reliable incremental build when 1283using 1284.Xr filemon 4 . 1285The meta file is created in OBJDIR as 1286.Pa target.meta . 1287These meta files track the command that was executed, its output, and the 1288current directory. 1289The 1290.Xr filemon 4 1291module is required unless 1292.Va NO_FILEMON 1293is defined. 1294When the module is loaded, any files used by the commands executed are 1295tracked as dependencies for the target in its meta file. 1296The target is considered out-of-date and rebuilt if any of these 1297conditions are true compared to the last build: 1298.Bl -bullet -compact 1299.It 1300The command to execute changes. 1301.It 1302The current working directory changes. 1303.It 1304The target's meta file is missing. 1305.It 1306The target's meta file is missing filemon data when filemon is loaded 1307and a previous run did not have it loaded. 1308.It 1309[requires 1310.Xr filemon 4 ] 1311Files read, executed or linked to are newer than the target. 1312.It 1313[requires 1314.Xr filemon 4 ] 1315Files read, written, executed or linked are missing. 1316.El 1317The meta files can also be useful for debugging. 1318.Pp 1319The build hides commands that are executed unless 1320.Va NO_SILENT 1321is defined. 1322Errors cause 1323.Xr make 1 1324to show some of its environment for further debugging. 1325.Pp 1326The build operates as it normally would otherwise. 1327This option originally invoked a different build system but that was renamed 1328to 1329.Va WITH_DIRDEPS_BUILD . 1330.Pp 1331This must be set in the environment, make command line, or 1332.Pa /etc/src-env.conf , 1333not 1334.Pa /etc/src.conf . 1335.It Va WITHOUT_MITKRB5 1336Set this to build KTH Heimdal instead of MIT Kerberos 5. 1337.It Va WITHOUT_MLX5TOOL 1338Do not build 1339.Xr mlx5tool 8 1340.Pp 1341This is a default setting on 1342arm/armv7 and riscv/riscv64. 1343.It Va WITH_MLX5TOOL 1344Build 1345.Xr mlx5tool 8 1346.Pp 1347This is a default setting on 1348amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 1349.It Va WITHOUT_NETCAT 1350Do not build 1351.Xr nc 1 1352utility. 1353.It Va WITHOUT_NETGRAPH 1354Do not build applications to support 1355.Xr netgraph 4 . 1356When set, it enforces these options: 1357.Pp 1358.Bl -item -compact 1359.It 1360.Va WITHOUT_BLUETOOTH 1361.El 1362.Pp 1363When set, these options are also in effect: 1364.Pp 1365.Bl -inset -compact 1366.It Va WITHOUT_NETGRAPH_SUPPORT 1367(unless 1368.Va WITH_NETGRAPH_SUPPORT 1369is set explicitly) 1370.El 1371.It Va WITHOUT_NETGRAPH_SUPPORT 1372Build libraries, programs, and kernel modules without netgraph support. 1373.It Va WITHOUT_NETLINK 1374Do not build 1375.Xr genl 1 1376utility. 1377.It Va WITHOUT_NETLINK_SUPPORT 1378Make libraries and programs use rtsock and 1379.Xr sysctl 3 1380interfaces instead of 1381.Xr snl 3 . 1382.It Va WITHOUT_NIS 1383Do not build 1384.Xr NIS 8 1385support and related programs. 1386If set, you might need to adopt your 1387.Xr nsswitch.conf 5 1388and remove 1389.Sq nis 1390entries. 1391.It Va WITHOUT_NLS 1392Do not build NLS catalogs. 1393When set, it enforces these options: 1394.Pp 1395.Bl -item -compact 1396.It 1397.Va WITHOUT_NLS_CATALOGS 1398.El 1399.It Va WITHOUT_NLS_CATALOGS 1400Do not build NLS catalog support for 1401.Xr csh 1 . 1402.It Va WITHOUT_NS_CACHING 1403Disable name caching in the 1404.Pa nsswitch 1405subsystem. 1406The generic caching daemon, 1407.Xr nscd 8 , 1408will not be built either if this option is set. 1409.It Va WITHOUT_NTP 1410Do not build 1411.Xr ntpd 8 1412and related programs. 1413.It Va WITHOUT_NUAGEINIT 1414Do not install the limited cloud init support scripts. 1415.It Va WITHOUT_OFED 1416Do not build the 1417.Dq "OpenFabrics Enterprise Distribution" 1418InfiniBand software stack, including kernel modules and userspace libraries. 1419.Pp 1420This is a default setting on 1421arm/armv7. 1422When set, it enforces these options: 1423.Pp 1424.Bl -item -compact 1425.It 1426.Va WITHOUT_OFED_EXTRA 1427.El 1428.It Va WITH_OFED 1429Build the 1430.Dq "OpenFabrics Enterprise Distribution" 1431InfiniBand software stack, including kernel modules and userspace libraries. 1432.Pp 1433This is a default setting on 1434amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1435.It Va WITH_OFED_EXTRA 1436Build the non-essential components of the 1437.Dq "OpenFabrics Enterprise Distribution" 1438Infiniband software stack, mostly examples. 1439.It Va WITH_OPENLDAP 1440Enable building LDAP support for kerberos using an openldap client from ports. 1441.It Va WITHOUT_OPENMP 1442Do not build LLVM's OpenMP runtime. 1443.Pp 1444This is a default setting on 1445arm/armv7. 1446.It Va WITH_OPENMP 1447Build LLVM's OpenMP runtime. 1448.Pp 1449This is a default setting on 1450amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1451.It Va WITHOUT_OPENSSH 1452Do not build OpenSSH. 1453.It Va WITHOUT_OPENSSL 1454Do not build OpenSSL. 1455When set, it enforces these options: 1456.Pp 1457.Bl -item -compact 1458.It 1459.Va WITHOUT_DMAGENT 1460.It 1461.Va WITHOUT_KERBEROS 1462.It 1463.Va WITHOUT_LDNS 1464.It 1465.Va WITHOUT_LDNS_UTILS 1466.It 1467.Va WITHOUT_LOADER_ZFS 1468.It 1469.Va WITHOUT_MITKRB5 1470.It 1471.Va WITHOUT_OPENSSH 1472.It 1473.Va WITHOUT_OPENSSL_KTLS 1474.It 1475.Va WITHOUT_PKGBOOTSTRAP 1476.It 1477.Va WITHOUT_UNBOUND 1478.It 1479.Va WITHOUT_ZFS 1480.It 1481.Va WITHOUT_ZFS_TESTS 1482.El 1483.Pp 1484When set, these options are also in effect: 1485.Pp 1486.Bl -inset -compact 1487.It Va WITHOUT_KERBEROS_SUPPORT 1488(unless 1489.Va WITH_KERBEROS_SUPPORT 1490is set explicitly) 1491.El 1492.It Va WITHOUT_OPENSSL_KTLS 1493Do not include kernel TLS support in OpenSSL. 1494.Pp 1495This is a default setting on 1496arm/armv7, i386/i386 and riscv/riscv64. 1497.It Va WITH_OPENSSL_KTLS 1498Include kernel TLS support in OpenSSL. 1499.Pp 1500This is a default setting on 1501amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. 1502.It Va WITHOUT_PAM 1503Do not build PAM library and modules. 1504.Bf -symbolic 1505This option is deprecated and does nothing. 1506.Ef 1507When set, these options are also in effect: 1508.Pp 1509.Bl -inset -compact 1510.It Va WITHOUT_PAM_SUPPORT 1511(unless 1512.Va WITH_PAM_SUPPORT 1513is set explicitly) 1514.El 1515.It Va WITHOUT_PAM_SUPPORT 1516Build 1517.Xr ppp 8 1518without PAM support. 1519.It Va WITHOUT_PF 1520Do not build PF firewall package. 1521When set, it enforces these options: 1522.Pp 1523.Bl -item -compact 1524.It 1525.Va WITHOUT_AUTHPF 1526.El 1527.It Va WITHOUT_PIE 1528Do not build dynamically linked binaries as 1529Position-Independent Executable (PIE). 1530.Pp 1531This is a default setting on 1532arm/armv7 and i386/i386. 1533.It Va WITH_PIE 1534Build dynamically linked binaries as 1535Position-Independent Executable (PIE). 1536.Pp 1537This is a default setting on 1538amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1539.It Va WITHOUT_PKGBOOTSTRAP 1540Do not build 1541.Xr pkg 7 1542bootstrap tool. 1543.It Va WITHOUT_PMC 1544Do not build 1545.Xr pmccontrol 8 1546and related programs. 1547.It Va WITHOUT_PPP 1548Do not build 1549.Xr ppp 8 1550and related programs. 1551.It Va WITHOUT_PTHREADS_ASSERTIONS 1552Disable debugging assertions in pthreads library. 1553.It Va WITHOUT_QUOTAS 1554Do not build 1555.Xr quota 1 1556and related programs. 1557.It Va WITHOUT_RADIUS_SUPPORT 1558Do not build radius support into various applications, like 1559.Xr pam_radius 8 1560and 1561.Xr ppp 8 . 1562.It Va WITH_RATELIMIT 1563Build the system with rate limit support. 1564.Pp 1565This makes 1566.Dv SO_MAX_PACING_RATE 1567effective in 1568.Xr getsockopt 2 , 1569and 1570.Ar txrlimit 1571support in 1572.Xr ifconfig 8 , 1573by proxy. 1574.It Va WITHOUT_RBOOTD 1575Do not build or install 1576.Xr rbootd 8 . 1577.It Va WITHOUT_RELRO 1578Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. 1579See also the 1580.Va BIND_NOW 1581option. 1582.It Va WITH_REPRODUCIBLE_BUILD 1583Exclude build metadata (such as the build time, user, or host) 1584from the kernel, boot loaders, and uname output, so that builds produce 1585bit-for-bit identical output. 1586.It Va WITHOUT_RESCUE 1587Do not build 1588.Xr rescue 8 . 1589.It Va WITH_RETPOLINE 1590Build the base system with the retpoline speculative execution 1591vulnerability mitigation for CVE-2017-5715. 1592.It Va WITHOUT_ROUTED 1593Do not build 1594.Xr routed 8 1595utility. 1596.It Va WITH_RPCBIND_WARMSTART_SUPPORT 1597Build 1598.Xr rpcbind 8 1599with warmstart support. 1600.It Va WITH_RUN_TESTS 1601Run tests as part of the build. 1602.It Va WITHOUT_SCTP_SUPPORT 1603Disable support in the kernel for the 1604.Xr sctp 4 1605Stream Control Transmission Protocol 1606loadable kernel module. 1607.It Va WITHOUT_SENDMAIL 1608Do not build 1609.Xr sendmail 8 1610and related programs. 1611.It Va WITHOUT_SERVICESDB 1612Do not install 1613.Pa /var/db/services.db . 1614.It Va WITHOUT_SETUID_LOGIN 1615Set this to disable the installation of 1616.Xr login 1 1617as a set-user-ID root program. 1618.It Va WITHOUT_SHAREDOCS 1619Do not build the 1620.Bx 4.4 1621legacy docs. 1622.It Va WITH_SORT_THREADS 1623Enable threads in 1624.Xr sort 1 . 1625.It Va WITHOUT_SOURCELESS 1626Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). 1627When set, it enforces these options: 1628.Pp 1629.Bl -item -compact 1630.It 1631.Va WITHOUT_SOURCELESS_HOST 1632.It 1633.Va WITHOUT_SOURCELESS_UCODE 1634.El 1635.It Va WITHOUT_SOURCELESS_HOST 1636Do not build kernel modules that include sourceless native code for host CPU. 1637.It Va WITHOUT_SOURCELESS_UCODE 1638Do not build kernel modules that include sourceless microcode. 1639.It Va WITHOUT_SPLIT_KERNEL_DEBUG 1640Do not build standalone kernel debug files. 1641Debug data (if enabled by the kernel configuration file) 1642will be included in the kernel and modules. 1643When set, it enforces these options: 1644.Pp 1645.Bl -item -compact 1646.It 1647.Va WITHOUT_KERNEL_SYMBOLS 1648.El 1649.It Va WITHOUT_SSP 1650Do not build world with stack smashing protection. 1651See 1652.Xr mitigations 7 1653for more information. 1654.It Va WITH_STAGING 1655Enable staging of files to a stage tree. 1656This can be best thought of as auto-install to 1657.Va DESTDIR 1658with some extra meta data to ensure dependencies can be tracked. 1659Depends on 1660.Va WITH_DIRDEPS_BUILD . 1661When set, these options are also in effect: 1662.Pp 1663.Bl -inset -compact 1664.It Va WITH_STAGING_MAN 1665(unless 1666.Va WITHOUT_STAGING_MAN 1667is set explicitly) 1668.It Va WITH_STAGING_PROG 1669(unless 1670.Va WITHOUT_STAGING_PROG 1671is set explicitly) 1672.El 1673.Pp 1674This must be set in the environment, make command line, or 1675.Pa /etc/src-env.conf , 1676not 1677.Pa /etc/src.conf . 1678.It Va WITH_STAGING_MAN 1679Enable staging of man pages to stage tree. 1680.It Va WITH_STAGING_PROG 1681Enable staging of PROGs to stage tree. 1682.It Va WITH_STALE_STAGED 1683Check staged files are not stale. 1684.It Va WITHOUT_STATS 1685Neither build nor install 1686.Lb libstats 1687and dependent binaries. 1688.It Va WITHOUT_SYSCONS 1689Do not build 1690.Xr syscons 4 1691support files such as keyboard maps, fonts, and screen output maps. 1692.It Va WITH_SYSROOT 1693Enable use of sysroot during build. 1694Depends on 1695.Va WITH_DIRDEPS_BUILD . 1696.Pp 1697This must be set in the environment, make command line, or 1698.Pa /etc/src-env.conf , 1699not 1700.Pa /etc/src.conf . 1701.It Va WITHOUT_SYSTEM_COMPILER 1702Do not opportunistically skip building a cross-compiler during the 1703bootstrap phase of the build. 1704Normally, if the currently installed compiler matches the planned bootstrap 1705compiler type and revision, then it will not be built. 1706This does not prevent a compiler from being built for installation though, 1707only for building one for the build itself. 1708The 1709.Va WITHOUT_CLANG 1710option controls that. 1711.It Va WITHOUT_SYSTEM_LINKER 1712Do not opportunistically skip building a cross-linker during the 1713bootstrap phase of the build. 1714Normally, if the currently installed linker matches the planned bootstrap 1715linker type and revision, then it will not be built. 1716This does not prevent a linker from being built for installation though, 1717only for building one for the build itself. 1718The 1719.Va WITHOUT_LLD 1720option controls that. 1721.Pp 1722This option is only relevant when 1723.Va WITH_LLD_BOOTSTRAP 1724is set. 1725.It Va WITHOUT_TALK 1726Do not build or install 1727.Xr talk 1 1728and 1729.Xr talkd 8 . 1730.It Va WITHOUT_TCP_WRAPPERS 1731Do not build or install 1732.Xr tcpd 8 , 1733and related utilities. 1734.It Va WITHOUT_TCSH 1735Do not build and install 1736.Pa /bin/csh 1737(which is 1738.Xr tcsh 1 ) . 1739.It Va WITHOUT_TELNET 1740Do not build 1741.Xr telnet 1 1742and related programs. 1743.It Va WITHOUT_TESTS 1744Do not build nor install the 1745.Fx 1746Test Suite in 1747.Pa /usr/tests/ . 1748See 1749.Xr tests 7 1750for more details. 1751This also disables the build of all test-related dependencies, including ATF. 1752When set, it enforces these options: 1753.Pp 1754.Bl -item -compact 1755.It 1756.Va WITHOUT_DTRACE_TESTS 1757.It 1758.Va WITHOUT_ZFS_TESTS 1759.El 1760.Pp 1761When set, these options are also in effect: 1762.Pp 1763.Bl -inset -compact 1764.It Va WITHOUT_GOOGLETEST 1765(unless 1766.Va WITH_GOOGLETEST 1767is set explicitly) 1768.It Va WITHOUT_TESTS_SUPPORT 1769(unless 1770.Va WITH_TESTS_SUPPORT 1771is set explicitly) 1772.El 1773.It Va WITHOUT_TESTS_SUPPORT 1774Disable the build of all test-related dependencies, including ATF. 1775When set, it enforces these options: 1776.Pp 1777.Bl -item -compact 1778.It 1779.Va WITHOUT_GOOGLETEST 1780.El 1781.It Va WITHOUT_TEXTPROC 1782Do not build 1783programs used for text processing. 1784.It Va WITHOUT_TFTP 1785Do not build or install 1786.Xr tftp 1 1787and 1788.Xr tftpd 8 . 1789.It Va WITHOUT_TOOLCHAIN 1790Do not install 1791programs used for program development, 1792compilers, debuggers etc. 1793When set, it enforces these options: 1794.Pp 1795.Bl -item -compact 1796.It 1797.Va WITHOUT_CLANG 1798.It 1799.Va WITHOUT_CLANG_EXTRAS 1800.It 1801.Va WITHOUT_CLANG_FORMAT 1802.It 1803.Va WITHOUT_CLANG_FULL 1804.It 1805.Va WITHOUT_LLD 1806.It 1807.Va WITHOUT_LLDB 1808.It 1809.Va WITHOUT_LLVM_COV 1810.El 1811.Pp 1812When set, these options are also in effect: 1813.Pp 1814.Bl -inset -compact 1815.It Va WITHOUT_LLVM_BINUTILS 1816(unless 1817.Va WITH_LLVM_BINUTILS 1818is set explicitly) 1819.El 1820.It Va WITH_UBSAN 1821Build the base system with Undefined Behavior Sanitizer (UBSan) to detect 1822various kinds of undefined behavior at runtime. 1823Requires that Clang be used as the base system compiler 1824and that the runtime support library is available 1825.It Va WITHOUT_UNBOUND 1826Do not build 1827.Xr unbound 8 1828and related programs. 1829.It Va WITH_UNDEFINED_VERSION 1830Link libraries with --undefined-version which permits version maps to 1831contain symbols that are not present in the library. 1832If this is necessary to build a particular configuration, a bug is 1833present and the configuration should be reported. 1834.It Va WITHOUT_UNIFIED_OBJDIR 1835Use the historical object directory format for 1836.Xr build 7 1837targets. 1838For native-builds and builds done directly in sub-directories the format of 1839.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} 1840is used, 1841while for cross-builds 1842.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} 1843is used. 1844.Pp 1845This option is transitional and will be removed in a future version of 1846.Fx , 1847at which time 1848.Va WITH_UNIFIED_OBJDIR 1849will be enabled permanently. 1850.Pp 1851This must be set in the environment, make command line, or 1852.Pa /etc/src-env.conf , 1853not 1854.Pa /etc/src.conf . 1855.It Va WITHOUT_USB 1856Do not build USB-related programs and libraries. 1857.It Va WITHOUT_USB_GADGET_EXAMPLES 1858Do not build USB gadget kernel modules. 1859.It Va WITHOUT_UTMPX 1860Do not build user accounting tools such as 1861.Xr last 1 , 1862.Xr users 1 , 1863.Xr who 1 , 1864.Xr ac 8 , 1865.Xr lastlogin 8 1866and 1867.Xr utx 8 . 1868.It Va WITH_VERIEXEC 1869Enable building 1870.Xr veriexec 8 1871which loads the contents of verified manifests into the kernel 1872for use by 1873.Xr mac_veriexec 4 1874.Pp 1875Depends on 1876.Va WITH_BEARSSL . 1877.It Va WITHOUT_VI 1878Do not build and install vi, view, ex and related programs. 1879.It Va WITHOUT_VT 1880Do not build 1881.Xr vt 4 1882support files (fonts and keymaps). 1883.It Va WITHOUT_WARNS 1884Set this to not add warning flags to the compiler invocations. 1885Useful as a temporary workaround when code enters the tree 1886which triggers warnings in environments that differ from the 1887original developer. 1888.It Va WITHOUT_WERROR 1889Set this to not treat compiler warnings as errors. 1890Useful as a temporary workaround when working on fixing compiler warnings. 1891When set, warnings are still printed in the build log but do not fail the build. 1892.It Va WITHOUT_WIRELESS 1893Do not build programs used for 802.11 wireless networks; especially 1894.Xr wpa_supplicant 8 1895and 1896.Xr hostapd 8 . 1897When set, these options are also in effect: 1898.Pp 1899.Bl -inset -compact 1900.It Va WITHOUT_WIRELESS_SUPPORT 1901(unless 1902.Va WITH_WIRELESS_SUPPORT 1903is set explicitly) 1904.El 1905.It Va WITHOUT_WIRELESS_SUPPORT 1906Build libraries, programs, and kernel modules without 1907802.11 wireless support. 1908.It Va WITHOUT_WPA_SUPPLICANT_EAPOL 1909Build 1910.Xr wpa_supplicant 8 1911without support for the IEEE 802.1X protocol and without 1912support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS 1913protocols (usable only via 802.1X). 1914.It Va WITH_ZEROREGS 1915Build the basesystem with code to zero caller-used register contents 1916on function return. 1917This prevents leaking temporary values for side channel attacks. 1918Additionally this reduces the number of usable ROP gadgets for attackers. 1919.It Va WITHOUT_ZFS 1920Do not build the ZFS file system kernel module, libraries such as 1921.Xr libbe 3 , 1922and user commands such as 1923.Xr zpool 8 1924or 1925.Xr zfs 8 . 1926Also disable ZFS support in utilities and libraries which implement 1927ZFS-specific functionality. 1928When set, it enforces these options: 1929.Pp 1930.Bl -item -compact 1931.It 1932.Va WITHOUT_ZFS_TESTS 1933.El 1934.It Va WITHOUT_ZFS_TESTS 1935Do not build and install the legacy ZFS test suite. 1936.It Va WITHOUT_ZONEINFO 1937Do not build the timezone database. 1938When set, it enforces these options: 1939.Pp 1940.Bl -item -compact 1941.It 1942.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT 1943.El 1944.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT 1945Build leapsecond information in to the timezone database. 1946This option violates 1947.St -p1003.1 1948and all other applicable standards, and is known to cause unexpected 1949issues with date/time handling in many applications and programming 1950languages. 1951.El 1952.Pp 1953The following options accept a single value from a list of valid values. 1954.Bl -tag -width indent 1955.It Va INIT_ALL 1956Control default initialization of stack variables in C and C++ code. 1957Options other than 1958.Li none 1959require the Clang compiler or GCC 12.0 or later. 1960The default value is 1961.Li none . 1962Valid values are: 1963.Bl -tag -width indent 1964.It Li none 1965Do not initialize stack variables (standard C/C++ behavior). 1966.It Li pattern 1967Build the base system or kernel with stack variables initialized to 1968.Pq compiler defined 1969debugging patterns on function entry. 1970.It Li zero 1971Build the base system or kernel with stack variables initialized 1972to zero on function entry. 1973This value is converted to 1974.Li none 1975for amd64 kernel builds due to incompatability with ifunc memset. 1976.El 1977.It Va LIBC_MALLOC 1978Specify the 1979.Xr malloc 3 1980implementation used by libc. 1981The default value is 1982.Li jemalloc . 1983Valid values are: 1984.Bl -tag -width indent 1985.It Li jemalloc 1986.El 1987.Pp 1988Other implementations are expected in the future in both 1989.Fx 1990and downstream consumers. 1991.El 1992.Sh FILES 1993.Bl -tag -compact -width Pa 1994.It Pa /etc/src.conf 1995.It Pa /etc/src-env.conf 1996.It Pa /usr/share/mk/bsd.own.mk 1997.El 1998.Sh SEE ALSO 1999.Xr make 1 , 2000.Xr make.conf 5 , 2001.Xr build 7 , 2002.Xr ports 7 2003.Sh HISTORY 2004The 2005.Nm 2006file appeared in 2007.Fx 7.0 . 2008.Sh AUTHORS 2009This manual page was autogenerated by 2010.An tools/build/options/makeman . 2011