xref: /freebsd/share/man/man5/src.conf.5 (revision 55141f2c8991b2a6adbf30bb0fe3e6cbc303f06d)
1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
2.Dd November 13, 2023
3.Dt SRC.CONF 5
4.Os
5.Sh NAME
6.Nm src.conf
7.Nd "source build options"
8.Sh DESCRIPTION
9The
10.Nm
11file contains variables that control what components will be generated during
12the build process of the
13.Fx
14source tree; see
15.Xr build 7 .
16.Pp
17The
18.Nm
19file uses the standard makefile syntax.
20However,
21.Nm
22should not specify any dependencies to
23.Xr make 1 .
24Instead,
25.Nm
26is to set
27.Xr make 1
28variables that control the aspects of how the system builds.
29.Pp
30The default location of
31.Nm
32is
33.Pa /etc/src.conf ,
34though an alternative location can be specified in the
35.Xr make 1
36variable
37.Va SRCCONF .
38Overriding the location of
39.Nm
40may be necessary if the system-wide settings are not suitable
41for a particular build.
42For instance, setting
43.Va SRCCONF
44to
45.Pa /dev/null
46effectively resets all build controls to their defaults.
47.Pp
48The only purpose of
49.Nm
50is to control the compilation of the
51.Fx
52source code, which is usually located in
53.Pa /usr/src .
54As a rule, the system administrator creates
55.Nm
56when the values of certain control variables need to be changed
57from their defaults.
58.Pp
59In addition, control variables can be specified
60for a particular build via the
61.Fl D
62option of
63.Xr make 1
64or in its environment; see
65.Xr environ 7 .
66.Pp
67The environment of
68.Xr make 1
69for the build can be controlled via the
70.Va SRC_ENV_CONF
71variable, which defaults to
72.Pa /etc/src-env.conf .
73Some examples that may only be set in this file are
74.Va WITH_DIRDEPS_BUILD ,
75and
76.Va WITH_META_MODE ,
77and
78.Va MAKEOBJDIRPREFIX
79as they are environment-only variables.
80.Pp
81The values of
82.Va WITH_
83and
84.Va WITHOUT_
85variables are ignored regardless of their setting;
86even if they would be set to
87.Dq Li FALSE
88or
89.Dq Li NO .
90The presence of an option causes
91it to be honored by
92.Xr make 1 .
93.Pp
94This list provides a name and short description for variables
95that can be used for source builds.
96.Bl -tag -width indent
97.It Va WITHOUT_ACCT
98Do not build process accounting tools such as
99.Xr accton 8
100and
101.Xr sa 8 .
102.It Va WITHOUT_ACPI
103Do not build
104.Xr acpiconf 8 ,
105.Xr acpidump 8
106and related programs.
107.It Va WITHOUT_APM
108Do not build
109.Xr apm 8 ,
110.Xr apmd 8
111and related programs.
112.It Va WITH_ASAN
113Build the base system with Address Sanitizer (ASan) to detect
114memory corruption bugs such as buffer overflows or use-after-free.
115Requires that Clang be used as the base system compiler
116and that the runtime support library is available.
117When set, it enforces these options:
118.Pp
119.Bl -item -compact
120.It
121.Va WITH_LLVM_BINUTILS
122.It
123.Va WITH_LLVM_CXXFILT
124.El
125.It Va WITHOUT_ASSERT_DEBUG
126Compile programs and libraries without the
127.Xr assert 3
128checks.
129.It Va WITHOUT_AT
130Do not build
131.Xr at 1
132and related utilities.
133.It Va WITHOUT_AUDIT
134Do not build audit support into system programs.
135.It Va WITHOUT_AUTHPF
136Do not build
137.Xr authpf 8 .
138.It Va WITHOUT_AUTOFS
139Do not build
140.Xr autofs 5
141related programs, libraries, and kernel modules.
142.It Va WITHOUT_AUTO_OBJ
143Disable automatic creation of objdirs.
144This is enabled by default if the wanted OBJDIR is writable by the current user.
145.Pp
146This must be set in the environment, make command line, or
147.Pa /etc/src-env.conf ,
148not
149.Pa /etc/src.conf .
150.It Va WITH_BEARSSL
151Build the BearSSL library.
152.Pp
153BearSSL is a tiny SSL library suitable for embedded environments.
154For details see
155.Lk https://www.BearSSL.org/
156.Pp
157This library is currently only used to perform
158signature verification and related operations
159for Verified Exec and
160.Xr loader 8 .
161When set, these options are also in effect:
162.Pp
163.Bl -inset -compact
164.It Va WITH_LOADER_EFI_SECUREBOOT
165(unless
166.Va WITHOUT_LOADER_EFI_SECUREBOOT
167is set explicitly)
168.It Va WITH_LOADER_VERIEXEC
169(unless
170.Va WITHOUT_LOADER_VERIEXEC
171is set explicitly)
172.It Va WITH_LOADER_VERIEXEC_VECTX
173(unless
174.Va WITHOUT_LOADER_VERIEXEC_VECTX
175is set explicitly)
176.It Va WITH_VERIEXEC
177(unless
178.Va WITHOUT_VERIEXEC
179is set explicitly)
180.El
181.It Va WITHOUT_BHYVE
182Do not build or install
183.Xr bhyve 8 ,
184associated utilities, and examples.
185.Pp
186This option only affects amd64/amd64.
187.It Va WITH_BHYVE_SNAPSHOT
188Include support for save and restore (snapshots) in
189.Xr bhyve 8
190and
191.Xr bhyvectl 8 .
192.Pp
193This option only affects amd64/amd64.
194.It Va WITH_BIND_NOW
195Build all binaries with the
196.Dv DF_BIND_NOW
197flag set to indicate that the run-time loader should perform all relocation
198processing at process startup rather than on demand.
199The combination of the
200.Va BIND_NOW
201and
202.Va RELRO
203options provide "full" Relocation Read-Only (RELRO) support.
204With full RELRO the entire GOT is made read-only after performing relocation at
205startup, avoiding GOT overwrite attacks.
206.It Va WITHOUT_BLACKLIST
207Set this if you do not want to build
208.Xr blacklistd 8
209and
210.Xr blacklistctl 8 .
211When set, these options are also in effect:
212.Pp
213.Bl -inset -compact
214.It Va WITHOUT_BLACKLIST_SUPPORT
215(unless
216.Va WITH_BLACKLIST_SUPPORT
217is set explicitly)
218.El
219.It Va WITHOUT_BLACKLIST_SUPPORT
220Build some programs without
221.Xr libblacklist 3
222support, like
223.Xr fingerd 8 ,
224.Xr ftpd 8 ,
225and
226.Xr sshd 8 .
227.It Va WITHOUT_BLUETOOTH
228Do not build Bluetooth related kernel modules, programs and libraries.
229.It Va WITHOUT_BOOT
230Do not build the boot blocks and loader.
231.It Va WITHOUT_BOOTPARAMD
232Do not build or install
233.Xr bootparamd 8 .
234.It Va WITHOUT_BOOTPD
235Do not build or install
236.Xr bootpd 8 .
237.It Va WITHOUT_BSDINSTALL
238Do not build
239.Xr bsdinstall 8 ,
240.Xr sade 8 ,
241and related programs.
242.It Va WITHOUT_BSD_CPIO
243Do not build the BSD licensed version of cpio based on
244.Xr libarchive 3 .
245.It Va WITHOUT_BSNMP
246Do not build or install
247.Xr bsnmpd 1
248and related libraries and data files.
249.It Va WITHOUT_BZIP2
250Do not build contributed bzip2 software as a part of the base system.
251.Bf -symbolic
252The option has no effect yet.
253.Ef
254When set, these options are also in effect:
255.Pp
256.Bl -inset -compact
257.It Va WITHOUT_BZIP2_SUPPORT
258(unless
259.Va WITH_BZIP2_SUPPORT
260is set explicitly)
261.El
262.It Va WITHOUT_BZIP2_SUPPORT
263Build some programs without optional bzip2 support.
264.It Va WITHOUT_CALENDAR
265Do not build
266.Xr calendar 1 .
267.It Va WITHOUT_CAPSICUM
268This option has no effect.
269.It Va WITHOUT_CAROOT
270Do not add the trusted certificates from the Mozilla NSS bundle to
271base.
272.It Va WITHOUT_CASPER
273This option has no effect.
274.It Va WITH_CCACHE_BUILD
275Use
276.Xr ccache 1
277for the build.
278No configuration is required except to install the
279.Sy devel/ccache
280package.
281When using with
282.Xr distcc 1 ,
283set
284.Sy CCACHE_PREFIX=/usr/local/bin/distcc .
285The default cache directory of
286.Pa $HOME/.ccache
287will be used, which can be overridden by setting
288.Sy CCACHE_DIR .
289The
290.Sy CCACHE_COMPILERCHECK
291option defaults to
292.Sy content
293when using the in-tree bootstrap compiler,
294and
295.Sy mtime
296when using an external compiler.
297The
298.Sy CCACHE_CPP2
299option is used for Clang but not GCC.
300.Pp
301Sharing a cache between multiple work directories requires using a layout
302similar to
303.Pa /some/prefix/src
304.Pa /some/prefix/obj
305and an environment such as:
306.Bd -literal -offset indent
307CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj'
308.Ed
309.Pp
310See
311.Xr ccache 1
312for more configuration options.
313.It Va WITHOUT_CCD
314Do not build
315.Xr geom_ccd 4
316and related utilities.
317.It Va WITHOUT_CDDL
318Do not build code licensed under Sun's CDDL.
319When set, it enforces these options:
320.Pp
321.Bl -item -compact
322.It
323.Va WITHOUT_CTF
324.It
325.Va WITHOUT_DTRACE
326.It
327.Va WITHOUT_LOADER_ZFS
328.It
329.Va WITHOUT_ZFS
330.El
331.It Va WITHOUT_CLANG
332Do not build the Clang C/C++ compiler during the regular phase of the build.
333When set, it enforces these options:
334.Pp
335.Bl -item -compact
336.It
337.Va WITHOUT_CLANG_EXTRAS
338.It
339.Va WITHOUT_CLANG_FORMAT
340.It
341.Va WITHOUT_CLANG_FULL
342.It
343.Va WITHOUT_LLVM_COV
344.El
345.Pp
346When set, these options are also in effect:
347.Pp
348.Bl -inset -compact
349.It Va WITHOUT_LLVM_TARGET_AARCH64
350(unless
351.Va WITH_LLVM_TARGET_AARCH64
352is set explicitly)
353.It Va WITHOUT_LLVM_TARGET_ALL
354(unless
355.Va WITH_LLVM_TARGET_ALL
356is set explicitly)
357.It Va WITHOUT_LLVM_TARGET_ARM
358(unless
359.Va WITH_LLVM_TARGET_ARM
360is set explicitly)
361.It Va WITHOUT_LLVM_TARGET_POWERPC
362(unless
363.Va WITH_LLVM_TARGET_POWERPC
364is set explicitly)
365.It Va WITHOUT_LLVM_TARGET_RISCV
366(unless
367.Va WITH_LLVM_TARGET_RISCV
368is set explicitly)
369.El
370.It Va WITHOUT_CLANG_BOOTSTRAP
371Do not build the Clang C/C++ compiler during the bootstrap phase of
372the build.
373To be able to build the system, either gcc or clang bootstrap must be
374enabled unless an alternate compiler is provided via XCC.
375.It Va WITH_CLANG_EXTRAS
376Build additional clang and llvm tools, such as bugpoint and
377clang-format.
378.It Va WITH_CLANG_FORMAT
379Build clang-format.
380.It Va WITHOUT_CLANG_FULL
381Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of
382the Clang C/C++ compiler.
383.It Va WITHOUT_CLEAN
384Do not clean before building world and/or kernel.
385.It Va WITHOUT_CPP
386Do not build
387.Xr cpp 1 .
388.It Va WITHOUT_CROSS_COMPILER
389Do not build any cross compiler in the cross-tools stage of buildworld.
390When compiling a different version of
391.Fx
392than what is installed on the system, provide an alternate
393compiler with XCC to ensure success.
394When compiling with an identical version of
395.Fx
396to the host, this option may be safely used.
397This option may also be safe when the host version of
398.Fx
399is close to the sources being built, but all bets are off if there have
400been any changes to the toolchain between the versions.
401When set, it enforces these options:
402.Pp
403.Bl -item -compact
404.It
405.Va WITHOUT_CLANG_BOOTSTRAP
406.It
407.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP
408.It
409.Va WITHOUT_LLD_BOOTSTRAP
410.El
411.It Va WITHOUT_CRYPT
412Do not build any crypto code.
413When set, it enforces these options:
414.Pp
415.Bl -item -compact
416.It
417.Va WITHOUT_DMAGENT
418.It
419.Va WITHOUT_KERBEROS
420.It
421.Va WITHOUT_KERBEROS_SUPPORT
422.It
423.Va WITHOUT_LDNS
424.It
425.Va WITHOUT_LDNS_UTILS
426.It
427.Va WITHOUT_LOADER_ZFS
428.It
429.Va WITHOUT_OPENSSH
430.It
431.Va WITHOUT_OPENSSL
432.It
433.Va WITHOUT_OPENSSL_KTLS
434.It
435.Va WITHOUT_PKGBOOTSTRAP
436.It
437.Va WITHOUT_UNBOUND
438.It
439.Va WITHOUT_ZFS
440.El
441.Pp
442When set, these options are also in effect:
443.Pp
444.Bl -inset -compact
445.It Va WITHOUT_GSSAPI
446(unless
447.Va WITH_GSSAPI
448is set explicitly)
449.El
450.It Va WITH_CTF
451Compile with CTF (Compact C Type Format) data.
452CTF data encapsulates a reduced form of debugging information
453similar to DWARF and the venerable stabs and is required for DTrace.
454.It Va WITHOUT_CUSE
455Do not build CUSE-related programs and libraries.
456.It Va WITHOUT_CXGBETOOL
457Do not build
458.Xr cxgbetool 8
459.Pp
460This is a default setting on
461arm/armv7, powerpc/powerpc and riscv/riscv64.
462.It Va WITH_CXGBETOOL
463Build
464.Xr cxgbetool 8
465.Pp
466This is a default setting on
467amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
468.It Va WITHOUT_DEBUG_FILES
469Avoid building or installing standalone debug files for each
470executable binary and shared library.
471.It Va WITH_DETECT_TZ_CHANGES
472Make the time handling code detect changes to the timezone files.
473.It Va WITH_DIALOG
474Do build
475.Xr dialog 1 ,
476.Xr dialog 3 ,
477.Xr dpv 1 ,
478and
479.Xr dpv 3 .
480.It Va WITHOUT_DICT
481Do not build the Webster dictionary files.
482.It Va WITH_DIRDEPS_BUILD
483This is an alternate build system.
484For details see
485https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm.
486Build commands can be seen from the top-level with:
487.Dl make show-valid-targets
488The build is driven by dirdeps.mk using
489.Va DIRDEPS
490stored in
491Makefile.depend files found in each directory.
492.Pp
493The build can be started from anywhere, and behaves the same.
494The initial instance of
495.Xr make 1
496recursively reads
497.Va DIRDEPS
498from
499.Pa Makefile.depend ,
500computing a graph of tree dependencies from the current origin.
501Setting
502.Va NO_DIRDEPS
503skips checking dirdep dependencies and will only build in the current
504and child directories.
505.Va NO_DIRDEPS_BELOW
506skips building any dirdeps and only build the current directory.
507.Pp
508This also utilizes the
509.Va WITH_META_MODE
510logic for incremental builds.
511.Pp
512The build hides commands executed unless
513.Va NO_SILENT
514is defined.
515.Pp
516Note that there is currently no mass install feature for this.
517This build is designed for producing packages, that can then be installed
518on a target system.
519.Pp
520The implementation in
521.Fx
522is incomplete.
523Completion would require leaf directories for building each kernel
524and package so that their dependencies can be tracked.
525When set, it enforces these options:
526.Pp
527.Bl -item -compact
528.It
529.Va WITH_INSTALL_AS_USER
530.El
531.Pp
532When set, these options are also in effect:
533.Pp
534.Bl -inset -compact
535.It Va WITH_META_ERROR_TARGET
536(unless
537.Va WITHOUT_META_ERROR_TARGET
538is set explicitly)
539.It Va WITH_META_MODE
540(unless
541.Va WITHOUT_META_MODE
542is set explicitly)
543.It Va WITH_STAGING
544(unless
545.Va WITHOUT_STAGING
546is set explicitly)
547.It Va WITH_STAGING_MAN
548(unless
549.Va WITHOUT_STAGING_MAN
550is set explicitly)
551.It Va WITH_STAGING_PROG
552(unless
553.Va WITHOUT_STAGING_PROG
554is set explicitly)
555.It Va WITH_SYSROOT
556(unless
557.Va WITHOUT_SYSROOT
558is set explicitly)
559.El
560.Pp
561This must be set in the environment, make command line, or
562.Pa /etc/src-env.conf ,
563not
564.Pa /etc/src.conf .
565.It Va WITH_DIRDEPS_CACHE
566Cache result of dirdeps.mk which can save significant time
567for subsequent builds.
568Depends on
569.Va WITH_DIRDEPS_BUILD .
570.Pp
571This must be set in the environment, make command line, or
572.Pa /etc/src-env.conf ,
573not
574.Pa /etc/src.conf .
575.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP
576Build
577.Xr etdump 1 ,
578.Xr makefs 8
579and
580.Xr mkimg 1
581as bootstrap tools.
582.It Va WITHOUT_DMAGENT
583Do not build dma Mail Transport Agent.
584.It Va WITHOUT_DOCCOMPRESS
585Do not install compressed system documentation.
586Only the uncompressed version will be installed.
587.It Va WITHOUT_DTRACE
588Do not build DTrace framework kernel modules, libraries, and user commands.
589When set, it enforces these options:
590.Pp
591.Bl -item -compact
592.It
593.Va WITHOUT_CTF
594.El
595.It Va WITH_DTRACE_ASAN
596Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1))
597with address and undefined behavior sanitizers.
598Requires that Clang be used as the base system compiler
599and that the runtime support library is available.
600.It Va WITH_DTRACE_TESTS
601Build and install the DTrace test suite in
602.Pa /usr/tests/cddl/usr.sbin/dtrace .
603This test suite is considered experimental on architectures other than
604amd64/amd64 and running it may cause system instability.
605.It Va WITHOUT_DYNAMICROOT
606Set this if you do not want to link
607.Pa /bin
608and
609.Pa /sbin
610dynamically.
611.It Va WITHOUT_EE
612Do not build and install
613.Xr edit 1 ,
614.Xr ee 1 ,
615and related programs.
616.It Va WITHOUT_EFI
617Set not to build
618.Xr efivar 3
619and
620.Xr efivar 8 .
621.Pp
622This is a default setting on
623i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
624.It Va WITH_EFI
625Build
626.Xr efivar 3
627and
628.Xr efivar 8 .
629.Pp
630This is a default setting on
631amd64/amd64, arm/armv7 and arm64/aarch64.
632.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP
633Do not build ELF Tool Chain tools
634(addr2line, nm, size, strings and strip)
635as part of the bootstrap process.
636.Bf -symbolic
637An alternate bootstrap tool chain must be provided.
638.Ef
639.It Va WITHOUT_EXAMPLES
640Avoid installing examples to
641.Pa /usr/share/examples/ .
642.It Va WITH_EXPERIMENTAL
643Include experimental features in the build.
644.It Va WITHOUT_FDT
645Do not build Flattened Device Tree support as part of the base system.
646This includes the device tree compiler (dtc) and libfdt support library.
647.Pp
648This is a default setting on
649amd64/amd64 and i386/i386.
650.It Va WITH_FDT
651Build Flattened Device Tree support as part of the base system.
652This includes the device tree compiler (dtc) and libfdt support library.
653.Pp
654This is a default setting on
655arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
656.It Va WITHOUT_FILE
657Do not build
658.Xr file 1
659and related programs.
660.It Va WITHOUT_FINGER
661Do not build or install
662.Xr finger 1
663and
664.Xr fingerd 8 .
665.It Va WITHOUT_FLOPPY
666Do not build or install programs
667for operating floppy disk driver.
668.It Va WITHOUT_FORMAT_EXTENSIONS
669Do not enable
670.Fl fformat-extensions
671when compiling the kernel.
672Also disables all format checking.
673.It Va WITHOUT_FORTH
674Build bootloaders without Forth support.
675.It Va WITHOUT_FP_LIBC
676Build
677.Nm libc
678without floating-point support.
679.It Va WITHOUT_FREEBSD_UPDATE
680Do not build
681.Xr freebsd-update 8 .
682.It Va WITHOUT_FTP
683Do not build or install
684.Xr ftp 1
685and
686.Xr ftpd 8 .
687.It Va WITHOUT_GAMES
688Do not build games.
689.It Va WITHOUT_GH_BC
690Install the traditional FreeBSD
691.Xr bc 1
692and
693.Xr dc 1
694programs instead of the enhanced versions.
695.It Va WITHOUT_GNU_DIFF
696Do not build GNU
697.Xr diff3 1 .
698.It Va WITHOUT_GOOGLETEST
699Neither build nor install
700.Lb libgmock ,
701.Lb libgtest ,
702and dependent tests.
703.It Va WITHOUT_GPIO
704Do not build
705.Xr gpioctl 8
706as part of the base system.
707.It Va WITHOUT_GSSAPI
708Do not build libgssapi.
709.It Va WITHOUT_HAST
710Do not build
711.Xr hastd 8
712and related utilities.
713.It Va WITH_HESIOD
714Build Hesiod support.
715.It Va WITHOUT_HTML
716Do not build HTML docs.
717.It Va WITHOUT_HYPERV
718Do not build or install HyperV utilities.
719.Pp
720This is a default setting on
721arm/armv7, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
722.It Va WITH_HYPERV
723Build or install HyperV utilities.
724.Pp
725This is a default setting on
726amd64/amd64, arm64/aarch64 and i386/i386.
727.It Va WITHOUT_ICONV
728Do not build iconv as part of libc.
729.It Va WITHOUT_INCLUDES
730Do not install header files.
731This option used to be spelled
732.Va NO_INCS .
733.Bf -symbolic
734The option does not work for build targets.
735.Ef
736.It Va WITHOUT_INET
737Do not build programs and libraries related to IPv4 networking.
738When set, it enforces these options:
739.Pp
740.Bl -item -compact
741.It
742.Va WITHOUT_INET_SUPPORT
743.El
744.It Va WITHOUT_INET6
745Do not build
746programs and libraries related to IPv6 networking.
747When set, it enforces these options:
748.Pp
749.Bl -item -compact
750.It
751.Va WITHOUT_INET6_SUPPORT
752.El
753.It Va WITHOUT_INET6_SUPPORT
754Build libraries, programs, and kernel modules without IPv6 support.
755.It Va WITHOUT_INETD
756Do not build
757.Xr inetd 8 .
758.It Va WITHOUT_INET_SUPPORT
759Build libraries, programs, and kernel modules without IPv4 support.
760.It Va WITHOUT_INSTALLLIB
761Set this to not install optional libraries.
762For example, when creating a
763.Xr nanobsd 8
764image.
765.Bf -symbolic
766The option does not work for build targets.
767.Ef
768.It Va WITH_INSTALL_AS_USER
769Make install targets succeed for non-root users by installing
770files with owner and group attributes set to that of the user running
771the
772.Xr make 1
773command.
774The user still must set the
775.Va DESTDIR
776variable to point to a directory where the user has write permissions.
777.It Va WITHOUT_IPFILTER
778Do not build IP Filter package.
779.It Va WITHOUT_IPFW
780Do not build IPFW tools.
781.It Va WITHOUT_IPSEC_SUPPORT
782Do not build the kernel with
783.Xr ipsec 4
784support.
785This option is needed for
786.Xr ipsec 4
787and
788.Xr tcpmd5 4 .
789.It Va WITHOUT_ISCSI
790Do not build
791.Xr iscsid 8
792and related utilities.
793.It Va WITHOUT_JAIL
794Do not build tools for the support of jails; e.g.,
795.Xr jail 8 .
796.It Va WITHOUT_KDUMP
797Do not build
798.Xr kdump 1
799and
800.Xr truss 1 .
801.It Va WITHOUT_KERBEROS
802Set this to not build Kerberos 5 (KTH Heimdal).
803When set, these options are also in effect:
804.Pp
805.Bl -inset -compact
806.It Va WITHOUT_GSSAPI
807(unless
808.Va WITH_GSSAPI
809is set explicitly)
810.It Va WITHOUT_KERBEROS_SUPPORT
811(unless
812.Va WITH_KERBEROS_SUPPORT
813is set explicitly)
814.El
815.It Va WITHOUT_KERBEROS_SUPPORT
816Build some programs without Kerberos support, like
817.Xr ssh 1 ,
818.Xr telnet 1 ,
819and
820.Xr sshd 8 .
821.It Va WITH_KERNEL_BIN
822Generate and install kernel.bin from kernel as part of the normal build and
823install processes for the kernel. Available only on arm and arm64.
824
825Usually this will be added to the kernel config file with:
826
827makeoptions	WITH_KERNEL_BIN=1
828
829though it can also be used on the command line.
830.It Va WITH_KERNEL_RETPOLINE
831Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel
832build.
833.It Va WITHOUT_KERNEL_SYMBOLS
834Do not install standalone kernel debug symbol files.
835This option has no effect at build time.
836.It Va WITHOUT_KVM
837Do not build the
838.Nm libkvm
839library as a part of the base system.
840.Bf -symbolic
841The option has no effect yet.
842.Ef
843When set, these options are also in effect:
844.Pp
845.Bl -inset -compact
846.It Va WITHOUT_KVM_SUPPORT
847(unless
848.Va WITH_KVM_SUPPORT
849is set explicitly)
850.El
851.It Va WITHOUT_KVM_SUPPORT
852Build some programs without optional
853.Nm libkvm
854support.
855.It Va WITHOUT_LDNS
856Setting this variable will prevent the LDNS library from being built.
857When set, it enforces these options:
858.Pp
859.Bl -item -compact
860.It
861.Va WITHOUT_LDNS_UTILS
862.It
863.Va WITHOUT_UNBOUND
864.El
865.It Va WITHOUT_LDNS_UTILS
866Setting this variable will prevent building the LDNS utilities
867.Xr drill 1
868and
869.Xr host 1 .
870.It Va WITHOUT_LEGACY_CONSOLE
871Do not build programs that support a legacy PC console; e.g.,
872.Xr kbdcontrol 1
873and
874.Xr vidcontrol 1 .
875.It Va WITHOUT_LIB32
876On 64-bit platforms, do not build 32-bit library set and a
877.Nm ld-elf32.so.1
878runtime linker.
879.Pp
880This is a default setting on
881arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64.
882.It Va WITH_LIB32
883On 64-bit platforms, build the 32-bit library set and a
884.Nm ld-elf32.so.1
885runtime linker.
886.Pp
887This is a default setting on
888amd64/amd64, arm64/aarch64 and powerpc/powerpc64.
889.It Va WITHOUT_LLD
890Do not build LLVM's lld linker.
891.It Va WITHOUT_LLDB
892Do not build the LLDB debugger.
893.Pp
894This is a default setting on
895arm/armv7 and riscv/riscv64.
896.It Va WITH_LLDB
897Build the LLDB debugger.
898.Pp
899This is a default setting on
900amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
901.It Va WITHOUT_LLD_BOOTSTRAP
902Do not build the LLD linker during the bootstrap phase of
903the build.
904To be able to build the system an alternate linker must be provided via XLD.
905.It Va WITHOUT_LLVM_ASSERTIONS
906Disable debugging assertions in LLVM.
907.It Va WITH_LLVM_BINUTILS
908Install LLVM's binutils (without an llvm- prefix),
909instead of ELF Tool Chain's tools.
910This includes
911.Xr addr2line 1 ,
912.Xr ar 1 ,
913.Xr nm 1 ,
914.Xr objcopy 1 ,
915.Xr ranlib 1 ,
916.Xr readelf 1 ,
917.Xr size 1 ,
918and
919.Xr strip 1 .
920Regardless of this setting, LLVM tools are used for
921.Xr c++filt 1
922and
923.Xr objdump 1 .
924.Xr strings 1
925is always provided by ELF Tool Chain.
926.It Va WITHOUT_LLVM_COV
927Do not build the
928.Xr llvm-cov 1
929tool.
930.It Va WITHOUT_LLVM_CXXFILT
931Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt.
932.It Va WITHOUT_LLVM_TARGET_AARCH64
933Do not build LLVM target support for AArch64.
934The
935.Va LLVM_TARGET_ALL
936option should be used rather than this in most cases.
937.It Va WITHOUT_LLVM_TARGET_ALL
938Only build the required LLVM target support.
939This option is preferred to specific target support options.
940When set, these options are also in effect:
941.Pp
942.Bl -inset -compact
943.It Va WITHOUT_LLVM_TARGET_AARCH64
944(unless
945.Va WITH_LLVM_TARGET_AARCH64
946is set explicitly)
947.It Va WITHOUT_LLVM_TARGET_ARM
948(unless
949.Va WITH_LLVM_TARGET_ARM
950is set explicitly)
951.It Va WITHOUT_LLVM_TARGET_POWERPC
952(unless
953.Va WITH_LLVM_TARGET_POWERPC
954is set explicitly)
955.It Va WITHOUT_LLVM_TARGET_RISCV
956(unless
957.Va WITH_LLVM_TARGET_RISCV
958is set explicitly)
959.El
960.It Va WITHOUT_LLVM_TARGET_ARM
961Do not build LLVM target support for ARM.
962The
963.Va LLVM_TARGET_ALL
964option should be used rather than this in most cases.
965.It Va WITH_LLVM_TARGET_BPF
966Build LLVM target support for BPF.
967The
968.Va LLVM_TARGET_ALL
969option should be used rather than this in most cases.
970.It Va WITH_LLVM_TARGET_MIPS
971Build LLVM target support for MIPS.
972The
973.Va LLVM_TARGET_ALL
974option should be used rather than this in most cases.
975.It Va WITHOUT_LLVM_TARGET_POWERPC
976Do not build LLVM target support for PowerPC.
977The
978.Va LLVM_TARGET_ALL
979option should be used rather than this in most cases.
980.It Va WITHOUT_LLVM_TARGET_RISCV
981Do not build LLVM target support for RISC-V.
982The
983.Va LLVM_TARGET_ALL
984option should be used rather than this in most cases.
985.It Va WITHOUT_LLVM_TARGET_X86
986Do not build LLVM target support for X86.
987The
988.Va LLVM_TARGET_ALL
989option should be used rather than this in most cases.
990.It Va WITH_LOADER_EFI_SECUREBOOT
991Enable building
992.Xr loader 8
993with support for verification based on certificates obtained from UEFI.
994.It Va WITHOUT_LOADER_GELI
995Disable inclusion of GELI crypto support in the boot chain binaries.
996.Pp
997This is a default setting on
998powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
999.It Va WITH_LOADER_GELI
1000Build GELI bootloader support.
1001.Pp
1002This is a default setting on
1003amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
1004.It Va WITHOUT_LOADER_KBOOT
1005Do not build kboot, a linuxboot environment loader
1006.Pp
1007This is a default setting on
1008arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64.
1009.It Va WITH_LOADER_KBOOT
1010Build kboot, a linuxboot environment loader
1011.Pp
1012This is a default setting on
1013amd64/amd64, arm64/aarch64 and powerpc/powerpc64.
1014.It Va WITHOUT_LOADER_LUA
1015Do not build LUA bindings for the boot loader.
1016.Pp
1017This is a default setting on
1018powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
1019.It Va WITH_LOADER_LUA
1020Build LUA bindings for the boot loader.
1021.Pp
1022This is a default setting on
1023amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
1024.It Va WITHOUT_LOADER_OFW
1025Disable building of openfirmware bootloader components.
1026.Pp
1027This is a default setting on
1028amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
1029.It Va WITH_LOADER_OFW
1030Build openfirmware bootloader components.
1031.Pp
1032This is a default setting on
1033powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le.
1034.It Va WITHOUT_LOADER_UBOOT
1035Disable building of ubldr.
1036.Pp
1037This is a default setting on
1038amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64.
1039.It Va WITH_LOADER_UBOOT
1040Build ubldr.
1041.Pp
1042This is a default setting on
1043arm/armv7, powerpc/powerpc and powerpc/powerpc64.
1044.It Va WITH_LOADER_VERBOSE
1045Build with extra verbose debugging in the loader.
1046May explode already nearly too large loader over the limit.
1047Use with care.
1048.It Va WITH_LOADER_VERIEXEC
1049Enable building
1050.Xr loader 8
1051with support for verification similar to Verified Exec.
1052.Pp
1053Depends on
1054.Va WITH_BEARSSL .
1055When set, these options are also in effect:
1056.Pp
1057.Bl -inset -compact
1058.It Va WITH_LOADER_EFI_SECUREBOOT
1059(unless
1060.Va WITHOUT_LOADER_EFI_SECUREBOOT
1061is set explicitly)
1062.It Va WITH_LOADER_VERIEXEC_VECTX
1063(unless
1064.Va WITHOUT_LOADER_VERIEXEC_VECTX
1065is set explicitly)
1066.El
1067.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST
1068Enable building
1069.Xr loader 8
1070with support to pass a verified manifest to the kernel.
1071The kernel has to be built with a module to parse the manifest.
1072.Pp
1073Depends on
1074.Va WITH_LOADER_VERIEXEC .
1075.It Va WITH_LOADER_VERIEXEC_VECTX
1076Enable building
1077.Xr loader 8
1078with support for hashing and verifying kernel and modules as a side effect
1079of loading.
1080.Pp
1081Depends on
1082.Va WITH_LOADER_VERIEXEC .
1083.It Va WITHOUT_LOADER_ZFS
1084Do not build ZFS file system boot loader support.
1085.It Va WITHOUT_LOCALES
1086Do not build localization files; see
1087.Xr locale 1 .
1088.It Va WITHOUT_LOCATE
1089Do not build
1090.Xr locate 1
1091and related programs.
1092.It Va WITHOUT_LPR
1093Do not build
1094.Xr lpr 1
1095and related programs.
1096.It Va WITHOUT_LS_COLORS
1097Build
1098.Xr ls 1
1099without support for colors to distinguish file types.
1100.It Va WITHOUT_MACHDEP_OPTIMIZATIONS
1101Prefer machine-independent non-assembler code in libc and libm.
1102.It Va WITHOUT_MAIL
1103Do not build any mail support (MUA or MTA).
1104When set, it enforces these options:
1105.Pp
1106.Bl -item -compact
1107.It
1108.Va WITHOUT_DMAGENT
1109.It
1110.Va WITHOUT_MAILWRAPPER
1111.It
1112.Va WITHOUT_SENDMAIL
1113.El
1114.It Va WITHOUT_MAILWRAPPER
1115Do not build the
1116.Xr mailwrapper 8
1117MTA selector.
1118.It Va WITHOUT_MAKE
1119Do not install
1120.Xr make 1
1121and related support files.
1122.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX
1123Do not execute
1124.Dq Li "make check"
1125in limited sandbox mode.
1126This option should be paired with
1127.Va WITH_INSTALL_AS_USER
1128if executed as an unprivileged user.
1129See
1130.Xr tests 7
1131for more details.
1132.It Va WITH_MALLOC_PRODUCTION
1133Disable assertions and statistics gathering in
1134.Xr malloc 3 .
1135It also defaults the A and J runtime options to off.
1136.It Va WITHOUT_MAN
1137Do not build manual pages.
1138When set, these options are also in effect:
1139.Pp
1140.Bl -inset -compact
1141.It Va WITHOUT_MAN_UTILS
1142(unless
1143.Va WITH_MAN_UTILS
1144is set explicitly)
1145.El
1146.It Va WITHOUT_MANCOMPRESS
1147Do not install compressed man pages.
1148Only the uncompressed versions will be installed.
1149.It Va WITHOUT_MANSPLITPKG
1150Do not split man pages into their own packages during make package.
1151.It Va WITHOUT_MAN_UTILS
1152Do not build utilities for manual pages,
1153.Xr apropos 1 ,
1154.Xr makewhatis 1 ,
1155.Xr man 1 ,
1156.Xr whatis 1 ,
1157.Xr manctl 8 ,
1158and related support files.
1159.It Va WITH_META_ERROR_TARGET
1160Enable the META_MODE .ERROR target.
1161.Pp
1162This target will copy the meta file of a failed target
1163to
1164.Va ERROR_LOGDIR
1165(default is
1166.Ql ${SRCTOP:H}/error )
1167to help with failure analysis.
1168Depends on
1169.Va WITH_META_MODE .
1170This default when
1171.Va WITH_DIRDEPS_BUILD
1172is set.
1173.Pp
1174This must be set in the environment, make command line, or
1175.Pa /etc/src-env.conf ,
1176not
1177.Pa /etc/src.conf .
1178.It Va WITH_META_MODE
1179Create
1180.Xr make 1
1181meta files when building, which can provide a reliable incremental build when
1182using
1183.Xr filemon 4 .
1184The meta file is created in OBJDIR as
1185.Pa target.meta .
1186These meta files track the command that was executed, its output, and the
1187current directory.
1188The
1189.Xr filemon 4
1190module is required unless
1191.Va NO_FILEMON
1192is defined.
1193When the module is loaded, any files used by the commands executed are
1194tracked as dependencies for the target in its meta file.
1195The target is considered out-of-date and rebuilt if any of these
1196conditions are true compared to the last build:
1197.Bl -bullet -compact
1198.It
1199The command to execute changes.
1200.It
1201The current working directory changes.
1202.It
1203The target's meta file is missing.
1204.It
1205The target's meta file is missing filemon data when filemon is loaded
1206and a previous run did not have it loaded.
1207.It
1208[requires
1209.Xr filemon 4 ]
1210Files read, executed or linked to are newer than the target.
1211.It
1212[requires
1213.Xr filemon 4 ]
1214Files read, written, executed or linked are missing.
1215.El
1216The meta files can also be useful for debugging.
1217.Pp
1218The build hides commands that are executed unless
1219.Va NO_SILENT
1220is defined.
1221Errors cause
1222.Xr make 1
1223to show some of its environment for further debugging.
1224.Pp
1225The build operates as it normally would otherwise.
1226This option originally invoked a different build system but that was renamed
1227to
1228.Va WITH_DIRDEPS_BUILD .
1229.Pp
1230This must be set in the environment, make command line, or
1231.Pa /etc/src-env.conf ,
1232not
1233.Pa /etc/src.conf .
1234.It Va WITHOUT_MLX5TOOL
1235Do not build
1236.Xr mlx5tool 8
1237.Pp
1238This is a default setting on
1239arm/armv7, powerpc/powerpc and riscv/riscv64.
1240.It Va WITH_MLX5TOOL
1241Build
1242.Xr mlx5tool 8
1243.Pp
1244This is a default setting on
1245amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
1246.It Va WITHOUT_NETCAT
1247Do not build
1248.Xr nc 1
1249utility.
1250.It Va WITHOUT_NETGRAPH
1251Do not build applications to support
1252.Xr netgraph 4 .
1253When set, it enforces these options:
1254.Pp
1255.Bl -item -compact
1256.It
1257.Va WITHOUT_BLUETOOTH
1258.El
1259.Pp
1260When set, these options are also in effect:
1261.Pp
1262.Bl -inset -compact
1263.It Va WITHOUT_NETGRAPH_SUPPORT
1264(unless
1265.Va WITH_NETGRAPH_SUPPORT
1266is set explicitly)
1267.El
1268.It Va WITHOUT_NETGRAPH_SUPPORT
1269Build libraries, programs, and kernel modules without netgraph support.
1270.It Va WITHOUT_NETLINK
1271Do not build
1272.Xr genl 1
1273utility.
1274.It Va WITHOUT_NETLINK_SUPPORT
1275Make libraries and programs use rtsock and
1276.Xr sysctl 3
1277interfaces instead of
1278.Xr snl 3 .
1279.It Va WITHOUT_NIS
1280Do not build
1281.Xr NIS 8
1282support and related programs.
1283If set, you might need to adopt your
1284.Xr nsswitch.conf 5
1285and remove
1286.Sq nis
1287entries.
1288.It Va WITHOUT_NLS
1289Do not build NLS catalogs.
1290When set, it enforces these options:
1291.Pp
1292.Bl -item -compact
1293.It
1294.Va WITHOUT_NLS_CATALOGS
1295.El
1296.It Va WITHOUT_NLS_CATALOGS
1297Do not build NLS catalog support for
1298.Xr csh 1 .
1299.It Va WITHOUT_NS_CACHING
1300Disable name caching in the
1301.Pa nsswitch
1302subsystem.
1303The generic caching daemon,
1304.Xr nscd 8 ,
1305will not be built either if this option is set.
1306.It Va WITHOUT_NTP
1307Do not build
1308.Xr ntpd 8
1309and related programs.
1310.It Va WITHOUT_NVME
1311Do not build nvme related tools and kernel modules.
1312.Pp
1313This is a default setting on
1314arm/armv7, powerpc/powerpc and riscv/riscv64.
1315.It Va WITH_NVME
1316Build nvme related tools and kernel modules.
1317.Pp
1318This is a default setting on
1319amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
1320.It Va WITHOUT_OFED
1321Do not build the
1322.Dq "OpenFabrics Enterprise Distribution"
1323InfiniBand software stack, including kernel modules and userspace libraries.
1324.Pp
1325This is a default setting on
1326arm/armv7.
1327When set, it enforces these options:
1328.Pp
1329.Bl -item -compact
1330.It
1331.Va WITHOUT_OFED_EXTRA
1332.El
1333.It Va WITH_OFED
1334Build the
1335.Dq "OpenFabrics Enterprise Distribution"
1336InfiniBand software stack, including kernel modules and userspace libraries.
1337.Pp
1338This is a default setting on
1339amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1340.It Va WITH_OFED_EXTRA
1341Build the non-essential components of the
1342.Dq "OpenFabrics Enterprise Distribution"
1343Infiniband software stack, mostly examples.
1344.It Va WITH_OPENLDAP
1345Enable building LDAP support for kerberos using an openldap client from ports.
1346.It Va WITHOUT_OPENMP
1347Do not build LLVM's OpenMP runtime.
1348.Pp
1349This is a default setting on
1350arm/armv7 and powerpc/powerpc.
1351.It Va WITH_OPENMP
1352Build LLVM's OpenMP runtime.
1353.Pp
1354This is a default setting on
1355amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1356.It Va WITHOUT_OPENSSH
1357Do not build OpenSSH.
1358.It Va WITHOUT_OPENSSL
1359Do not build OpenSSL.
1360When set, it enforces these options:
1361.Pp
1362.Bl -item -compact
1363.It
1364.Va WITHOUT_DMAGENT
1365.It
1366.Va WITHOUT_KERBEROS
1367.It
1368.Va WITHOUT_KERBEROS_SUPPORT
1369.It
1370.Va WITHOUT_LDNS
1371.It
1372.Va WITHOUT_LDNS_UTILS
1373.It
1374.Va WITHOUT_LOADER_ZFS
1375.It
1376.Va WITHOUT_OPENSSH
1377.It
1378.Va WITHOUT_OPENSSL_KTLS
1379.It
1380.Va WITHOUT_PKGBOOTSTRAP
1381.It
1382.Va WITHOUT_UNBOUND
1383.It
1384.Va WITHOUT_ZFS
1385.El
1386.Pp
1387When set, these options are also in effect:
1388.Pp
1389.Bl -inset -compact
1390.It Va WITHOUT_GSSAPI
1391(unless
1392.Va WITH_GSSAPI
1393is set explicitly)
1394.El
1395.It Va WITHOUT_OPENSSL_KTLS
1396Do not include kernel TLS support in OpenSSL.
1397.Pp
1398This is a default setting on
1399arm/armv7, i386/i386, powerpc/powerpc and riscv/riscv64.
1400.It Va WITH_OPENSSL_KTLS
1401Include kernel TLS support in OpenSSL.
1402.Pp
1403This is a default setting on
1404amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le.
1405.It Va WITHOUT_PAM
1406Do not build PAM library and modules.
1407.Bf -symbolic
1408This option is deprecated and does nothing.
1409.Ef
1410When set, these options are also in effect:
1411.Pp
1412.Bl -inset -compact
1413.It Va WITHOUT_PAM_SUPPORT
1414(unless
1415.Va WITH_PAM_SUPPORT
1416is set explicitly)
1417.El
1418.It Va WITHOUT_PAM_SUPPORT
1419Build some programs without PAM support, particularly
1420.Xr ftpd 8
1421and
1422.Xr ppp 8 .
1423.It Va WITHOUT_PF
1424Do not build PF firewall package.
1425When set, it enforces these options:
1426.Pp
1427.Bl -item -compact
1428.It
1429.Va WITHOUT_AUTHPF
1430.El
1431.It Va WITHOUT_PIE
1432Do not build dynamically linked binaries as
1433Position-Independent Executable (PIE).
1434.Pp
1435This is a default setting on
1436arm/armv7, i386/i386 and powerpc/powerpc.
1437.It Va WITH_PIE
1438Build dynamically linked binaries as
1439Position-Independent Executable (PIE).
1440.Pp
1441This is a default setting on
1442amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
1443.It Va WITHOUT_PKGBOOTSTRAP
1444Do not build
1445.Xr pkg 7
1446bootstrap tool.
1447.It Va WITHOUT_PMC
1448Do not build
1449.Xr pmccontrol 8
1450and related programs.
1451.It Va WITHOUT_PPP
1452Do not build
1453.Xr ppp 8
1454and related programs.
1455.It Va WITH_PROFILE
1456Build profiled libraries for use with
1457.Xr gprof 8 .
1458This option is deprecated and may not be present in a future version of
1459.Fx .
1460.It Va WITHOUT_PTHREADS_ASSERTIONS
1461Disable debugging assertions in pthreads library.
1462.It Va WITHOUT_QUOTAS
1463Do not build
1464.Xr quota 1
1465and related programs.
1466.It Va WITHOUT_RADIUS_SUPPORT
1467Do not build radius support into various applications, like
1468.Xr pam_radius 8
1469and
1470.Xr ppp 8 .
1471.It Va WITH_RATELIMIT
1472Build the system with rate limit support.
1473.Pp
1474This makes
1475.Dv SO_MAX_PACING_RATE
1476effective in
1477.Xr getsockopt 2 ,
1478and
1479.Ar txrlimit
1480support in
1481.Xr ifconfig 8 ,
1482by proxy.
1483.It Va WITHOUT_RBOOTD
1484Do not build or install
1485.Xr rbootd 8 .
1486.It Va WITHOUT_RELRO
1487Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation.
1488See also the
1489.Va BIND_NOW
1490option.
1491.It Va WITH_REPRODUCIBLE_BUILD
1492Exclude build metadata (such as the build time, user, or host)
1493from the kernel, boot loaders, and uname output, so that builds produce
1494bit-for-bit identical output.
1495.It Va WITHOUT_RESCUE
1496Do not build
1497.Xr rescue 8 .
1498.It Va WITH_RETPOLINE
1499Build the base system with the retpoline speculative execution
1500vulnerability mitigation for CVE-2017-5715.
1501.It Va WITHOUT_ROUTED
1502Do not build
1503.Xr routed 8
1504utility.
1505.It Va WITH_RPCBIND_WARMSTART_SUPPORT
1506Build
1507.Xr rpcbind 8
1508with warmstart support.
1509.It Va WITHOUT_SCTP_SUPPORT
1510Disable support in the kernel for the
1511.Xr sctp 4
1512Stream Control Transmission Protocol
1513loadable kernel module.
1514.It Va WITHOUT_SENDMAIL
1515Do not build
1516.Xr sendmail 8
1517and related programs.
1518.It Va WITHOUT_SERVICESDB
1519Do not install
1520.Pa /var/db/services.db .
1521.It Va WITHOUT_SETUID_LOGIN
1522Set this to disable the installation of
1523.Xr login 1
1524as a set-user-ID root program.
1525.It Va WITHOUT_SHAREDOCS
1526Do not build the
1527.Bx 4.4
1528legacy docs.
1529.It Va WITH_SORT_THREADS
1530Enable threads in
1531.Xr sort 1 .
1532.It Va WITHOUT_SOURCELESS
1533Do not build kernel modules that include sourceless code (either microcode or native code for host CPU).
1534When set, it enforces these options:
1535.Pp
1536.Bl -item -compact
1537.It
1538.Va WITHOUT_SOURCELESS_HOST
1539.It
1540.Va WITHOUT_SOURCELESS_UCODE
1541.El
1542.It Va WITHOUT_SOURCELESS_HOST
1543Do not build kernel modules that include sourceless native code for host CPU.
1544.It Va WITHOUT_SOURCELESS_UCODE
1545Do not build kernel modules that include sourceless microcode.
1546.It Va WITHOUT_SPLIT_KERNEL_DEBUG
1547Do not build standalone kernel debug files.
1548Debug data (if enabled by the kernel configuration file)
1549will be included in the kernel and modules.
1550When set, it enforces these options:
1551.Pp
1552.Bl -item -compact
1553.It
1554.Va WITHOUT_KERNEL_SYMBOLS
1555.El
1556.It Va WITHOUT_SSP
1557Do not build world with stack smashing protection.
1558.It Va WITH_STAGING
1559Enable staging of files to a stage tree.
1560This can be best thought of as auto-install to
1561.Va DESTDIR
1562with some extra meta data to ensure dependencies can be tracked.
1563Depends on
1564.Va WITH_DIRDEPS_BUILD .
1565When set, these options are also in effect:
1566.Pp
1567.Bl -inset -compact
1568.It Va WITH_STAGING_MAN
1569(unless
1570.Va WITHOUT_STAGING_MAN
1571is set explicitly)
1572.It Va WITH_STAGING_PROG
1573(unless
1574.Va WITHOUT_STAGING_PROG
1575is set explicitly)
1576.El
1577.Pp
1578This must be set in the environment, make command line, or
1579.Pa /etc/src-env.conf ,
1580not
1581.Pa /etc/src.conf .
1582.It Va WITH_STAGING_MAN
1583Enable staging of man pages to stage tree.
1584.It Va WITH_STAGING_PROG
1585Enable staging of PROGs to stage tree.
1586.It Va WITH_STALE_STAGED
1587Check staged files are not stale.
1588.It Va WITHOUT_STATS
1589Neither build nor install
1590.Lb libstats
1591and dependent binaries.
1592.It Va WITHOUT_SYSCONS
1593Do not build
1594.Xr syscons 4
1595support files such as keyboard maps, fonts, and screen output maps.
1596.It Va WITH_SYSROOT
1597Enable use of sysroot during build.
1598Depends on
1599.Va WITH_DIRDEPS_BUILD .
1600.Pp
1601This must be set in the environment, make command line, or
1602.Pa /etc/src-env.conf ,
1603not
1604.Pa /etc/src.conf .
1605.It Va WITHOUT_SYSTEM_COMPILER
1606Do not opportunistically skip building a cross-compiler during the
1607bootstrap phase of the build.
1608Normally, if the currently installed compiler matches the planned bootstrap
1609compiler type and revision, then it will not be built.
1610This does not prevent a compiler from being built for installation though,
1611only for building one for the build itself.
1612The
1613.Va WITHOUT_CLANG
1614option controls that.
1615.It Va WITHOUT_SYSTEM_LINKER
1616Do not opportunistically skip building a cross-linker during the
1617bootstrap phase of the build.
1618Normally, if the currently installed linker matches the planned bootstrap
1619linker type and revision, then it will not be built.
1620This does not prevent a linker from being built for installation though,
1621only for building one for the build itself.
1622The
1623.Va WITHOUT_LLD
1624option controls that.
1625.Pp
1626This option is only relevant when
1627.Va WITH_LLD_BOOTSTRAP
1628is set.
1629.It Va WITHOUT_TALK
1630Do not build or install
1631.Xr talk 1
1632and
1633.Xr talkd 8 .
1634.It Va WITHOUT_TCP_WRAPPERS
1635Do not build or install
1636.Xr tcpd 8 ,
1637and related utilities.
1638.It Va WITHOUT_TCSH
1639Do not build and install
1640.Pa /bin/csh
1641(which is
1642.Xr tcsh 1 ) .
1643.It Va WITHOUT_TELNET
1644Do not build
1645.Xr telnet 1
1646and related programs.
1647.It Va WITHOUT_TESTS
1648Do not build nor install the
1649.Fx
1650Test Suite in
1651.Pa /usr/tests/ .
1652See
1653.Xr tests 7
1654for more details.
1655This also disables the build of all test-related dependencies, including ATF.
1656When set, it enforces these options:
1657.Pp
1658.Bl -item -compact
1659.It
1660.Va WITHOUT_DTRACE_TESTS
1661.El
1662.Pp
1663When set, these options are also in effect:
1664.Pp
1665.Bl -inset -compact
1666.It Va WITHOUT_GOOGLETEST
1667(unless
1668.Va WITH_GOOGLETEST
1669is set explicitly)
1670.It Va WITHOUT_TESTS_SUPPORT
1671(unless
1672.Va WITH_TESTS_SUPPORT
1673is set explicitly)
1674.El
1675.It Va WITHOUT_TESTS_SUPPORT
1676Disable the build of all test-related dependencies, including ATF.
1677When set, it enforces these options:
1678.Pp
1679.Bl -item -compact
1680.It
1681.Va WITHOUT_GOOGLETEST
1682.El
1683.It Va WITHOUT_TEXTPROC
1684Do not build
1685programs used for text processing.
1686.It Va WITHOUT_TFTP
1687Do not build or install
1688.Xr tftp 1
1689and
1690.Xr tftpd 8 .
1691.It Va WITHOUT_TOOLCHAIN
1692Do not install
1693programs used for program development,
1694compilers, debuggers etc.
1695When set, it enforces these options:
1696.Pp
1697.Bl -item -compact
1698.It
1699.Va WITHOUT_CLANG
1700.It
1701.Va WITHOUT_CLANG_EXTRAS
1702.It
1703.Va WITHOUT_CLANG_FORMAT
1704.It
1705.Va WITHOUT_CLANG_FULL
1706.It
1707.Va WITHOUT_LLD
1708.It
1709.Va WITHOUT_LLDB
1710.It
1711.Va WITHOUT_LLVM_COV
1712.El
1713.It Va WITH_UBSAN
1714Build the base system with Undefined Behavior Sanitizer (UBSan) to detect
1715various kinds of undefined behavior at runtime.
1716Requires that Clang be used as the base system compiler
1717and that the runtime support library is available
1718.It Va WITHOUT_UNBOUND
1719Do not build
1720.Xr unbound 8
1721and related programs.
1722.It Va WITHOUT_UNIFIED_OBJDIR
1723Use the historical object directory format for
1724.Xr build 7
1725targets.
1726For native-builds and builds done directly in sub-directories the format of
1727.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR}
1728is used,
1729while for cross-builds
1730.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR}
1731is used.
1732.Pp
1733This option is transitional and will be removed in a future version of
1734.Fx ,
1735at which time
1736.Va WITH_UNIFIED_OBJDIR
1737will be enabled permanently.
1738.Pp
1739This must be set in the environment, make command line, or
1740.Pa /etc/src-env.conf ,
1741not
1742.Pa /etc/src.conf .
1743.It Va WITHOUT_USB
1744Do not build USB-related programs and libraries.
1745.It Va WITHOUT_USB_GADGET_EXAMPLES
1746Do not build USB gadget kernel modules.
1747.It Va WITHOUT_UTMPX
1748Do not build user accounting tools such as
1749.Xr last 1 ,
1750.Xr users 1 ,
1751.Xr who 1 ,
1752.Xr ac 8 ,
1753.Xr lastlogin 8
1754and
1755.Xr utx 8 .
1756.It Va WITH_VERIEXEC
1757Enable building
1758.Xr veriexec 8
1759which loads the contents of verified manifests into the kernel
1760for use by
1761.Xr mac_veriexec 4
1762.Pp
1763Depends on
1764.Va WITH_BEARSSL .
1765.It Va WITHOUT_VI
1766Do not build and install vi, view, ex and related programs.
1767.It Va WITHOUT_VT
1768Do not build
1769.Xr vt 4
1770support files (fonts and keymaps).
1771.It Va WITHOUT_WARNS
1772Set this to not add warning flags to the compiler invocations.
1773Useful as a temporary workaround when code enters the tree
1774which triggers warnings in environments that differ from the
1775original developer.
1776.It Va WITHOUT_WERROR
1777Set this to not treat compiler warnings as errors.
1778Useful as a temporary workaround when working on fixing compiler warnings.
1779When set, warnings are still printed in the build log but do not fail the build.
1780.It Va WITHOUT_WIRELESS
1781Do not build programs used for 802.11 wireless networks; especially
1782.Xr wpa_supplicant 8
1783and
1784.Xr hostapd 8 .
1785When set, these options are also in effect:
1786.Pp
1787.Bl -inset -compact
1788.It Va WITHOUT_WIRELESS_SUPPORT
1789(unless
1790.Va WITH_WIRELESS_SUPPORT
1791is set explicitly)
1792.El
1793.It Va WITHOUT_WIRELESS_SUPPORT
1794Build libraries, programs, and kernel modules without
1795802.11 wireless support.
1796.It Va WITHOUT_WPA_SUPPLICANT_EAPOL
1797Build
1798.Xr wpa_supplicant 8
1799without support for the IEEE 802.1X protocol and without
1800support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS
1801protocols (usable only via 802.1X).
1802.It Va WITHOUT_ZFS
1803Do not build the ZFS file system kernel module, libraries such as
1804.Xr libbe 3 ,
1805and user commands such as
1806.Xr zpool 8
1807or
1808.Xr zfs 8 .
1809Also disable ZFS support in utilities and libraries which implement
1810ZFS-specific functionality.
1811.It Va WITHOUT_ZONEINFO
1812Do not build the timezone database.
1813When set, it enforces these options:
1814.Pp
1815.Bl -item -compact
1816.It
1817.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT
1818.El
1819.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT
1820Build leapsecond information in to the timezone database.
1821.El
1822.Pp
1823The following options accept a single value from a list of valid values.
1824.Bl -tag -width indent
1825.It Va INIT_ALL
1826Control default initialization of stack variables in C and C++ code.
1827Options other than
1828.Li none
1829require the Clang compiler or GCC 12.0 or later.
1830The default value is
1831.Li none .
1832Valid values are:
1833.Bl -tag -width indent
1834.It Li none
1835Do not initialize stack variables (standard C/C++ behavior).
1836.It Li pattern
1837Build the base system or kernel with stack variables initialized to
1838.Pq compiler defined
1839debugging patterns on function entry.
1840.It Li zero
1841Build the base system or kernel with stack variables initialized
1842to zero on function entry.
1843This value is converted to
1844.Li none
1845for amd64 kernel builds due to incompatability with ifunc memset.
1846.El
1847.It Va LIBC_MALLOC
1848Specify the
1849.Xr malloc 3
1850implementation used by libc.
1851The default value is
1852.Li jemalloc .
1853Valid values are:
1854.Bl -tag -width indent
1855.It Li jemalloc
1856.El
1857.Pp
1858Other implementations are expected in the future in both
1859.Fx
1860and downstream consumers.
1861.El
1862.Sh FILES
1863.Bl -tag -compact -width Pa
1864.It Pa /etc/src.conf
1865.It Pa /etc/src-env.conf
1866.It Pa /usr/share/mk/bsd.own.mk
1867.El
1868.Sh SEE ALSO
1869.Xr make 1 ,
1870.Xr make.conf 5 ,
1871.Xr build 7 ,
1872.Xr ports 7
1873.Sh HISTORY
1874The
1875.Nm
1876file appeared in
1877.Fx 7.0 .
1878.Sh AUTHORS
1879This manual page was autogenerated by
1880.An tools/build/options/makeman .
1881