1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. 2.Dd July 29, 2024 3.Dt SRC.CONF 5 4.Os 5.Sh NAME 6.Nm src.conf 7.Nd "source build options" 8.Sh DESCRIPTION 9The 10.Nm 11file contains variables that control what components will be generated during 12the build process of the 13.Fx 14source tree; see 15.Xr build 7 . 16.Pp 17The 18.Nm 19file uses the standard makefile syntax. 20However, 21.Nm 22should not specify any dependencies to 23.Xr make 1 . 24Instead, 25.Nm 26is to set 27.Xr make 1 28variables that control the aspects of how the system builds. 29.Pp 30The default location of 31.Nm 32is 33.Pa /etc/src.conf , 34though an alternative location can be specified in the 35.Xr make 1 36variable 37.Va SRCCONF . 38Overriding the location of 39.Nm 40may be necessary if the system-wide settings are not suitable 41for a particular build. 42For instance, setting 43.Va SRCCONF 44to 45.Pa /dev/null 46effectively resets all build controls to their defaults. 47.Pp 48The only purpose of 49.Nm 50is to control the compilation of the 51.Fx 52source code, which is usually located in 53.Pa /usr/src . 54As a rule, the system administrator creates 55.Nm 56when the values of certain control variables need to be changed 57from their defaults. 58.Pp 59In addition, control variables can be specified 60for a particular build via the 61.Fl D 62option of 63.Xr make 1 64or in its environment; see 65.Xr environ 7 . 66.Pp 67The environment of 68.Xr make 1 69for the build can be controlled via the 70.Va SRC_ENV_CONF 71variable, which defaults to 72.Pa /etc/src-env.conf . 73Some examples that may only be set in this file are 74.Va WITH_DIRDEPS_BUILD , 75and 76.Va WITH_META_MODE , 77and 78.Va MAKEOBJDIRPREFIX 79as they are environment-only variables. 80.Pp 81The values of 82.Va WITH_ 83and 84.Va WITHOUT_ 85variables are ignored regardless of their setting; 86even if they would be set to 87.Dq Li FALSE 88or 89.Dq Li NO . 90The presence of an option causes 91it to be honored by 92.Xr make 1 . 93.Pp 94This list provides a name and short description for variables 95that can be used for source builds. 96.Bl -tag -width indent 97.It Va WITHOUT_ACCT 98Do not build process accounting tools such as 99.Xr accton 8 100and 101.Xr sa 8 . 102.It Va WITHOUT_ACPI 103Do not build 104.Xr acpiconf 8 , 105.Xr acpidump 8 106and related programs. 107.It Va WITHOUT_APM 108Do not build 109.Xr apm 8 , 110.Xr apmd 8 111and related programs. 112.It Va WITH_ASAN 113Build the base system with Address Sanitizer (ASan) to detect 114memory corruption bugs such as buffer overflows or use-after-free. 115Requires that Clang be used as the base system compiler 116and that the runtime support library is available. 117When set, it enforces these options: 118.Pp 119.Bl -item -compact 120.It 121.Va WITH_LLVM_BINUTILS 122.It 123.Va WITH_LLVM_CXXFILT 124.El 125.It Va WITHOUT_ASSERT_DEBUG 126Compile programs and libraries without the 127.Xr assert 3 128checks. 129.It Va WITHOUT_AT 130Do not build 131.Xr at 1 132and related utilities. 133.It Va WITHOUT_AUDIT 134Do not build audit support into system programs. 135.It Va WITHOUT_AUTHPF 136Do not build 137.Xr authpf 8 . 138.It Va WITHOUT_AUTOFS 139Do not build 140.Xr autofs 4 141related programs, libraries, and kernel modules. 142.It Va WITHOUT_AUTO_OBJ 143Disable automatic creation of objdirs. 144This is enabled by default if the wanted OBJDIR is writable by the current user. 145.Pp 146This must be set in the environment, make command line, or 147.Pa /etc/src-env.conf , 148not 149.Pa /etc/src.conf . 150.It Va WITH_BEARSSL 151Build the BearSSL library. 152.Pp 153BearSSL is a tiny SSL library suitable for embedded environments. 154For details see 155.Lk https://www.BearSSL.org/ 156.Pp 157This library is currently only used to perform 158signature verification and related operations 159for Verified Exec and 160.Xr loader 8 . 161When set, these options are also in effect: 162.Pp 163.Bl -inset -compact 164.It Va WITH_LOADER_EFI_SECUREBOOT 165(unless 166.Va WITHOUT_LOADER_EFI_SECUREBOOT 167is set explicitly) 168.It Va WITH_LOADER_VERIEXEC 169(unless 170.Va WITHOUT_LOADER_VERIEXEC 171is set explicitly) 172.It Va WITH_LOADER_VERIEXEC_VECTX 173(unless 174.Va WITHOUT_LOADER_VERIEXEC_VECTX 175is set explicitly) 176.It Va WITH_VERIEXEC 177(unless 178.Va WITHOUT_VERIEXEC 179is set explicitly) 180.El 181.It Va WITHOUT_BHYVE 182Do not build or install 183.Xr bhyve 8 , 184associated utilities, and examples. 185.Pp 186This option only affects amd64/amd64 and arm64/aarch64. 187.It Va WITH_BHYVE_SNAPSHOT 188Include support for save and restore (snapshots) in 189.Xr bhyve 8 190and 191.Xr bhyvectl 8 . 192.Pp 193This option only affects amd64/amd64. 194.It Va WITH_BIND_NOW 195Build all binaries with the 196.Dv DF_BIND_NOW 197flag set to indicate that the run-time loader should perform all relocation 198processing at process startup rather than on demand. 199The combination of the 200.Va BIND_NOW 201and 202.Va RELRO 203options provide "full" Relocation Read-Only (RELRO) support. 204With full RELRO the entire GOT is made read-only after performing relocation at 205startup, avoiding GOT overwrite attacks. 206.It Va WITHOUT_BLACKLIST 207Set this if you do not want to build 208.Xr blacklistd 8 209and 210.Xr blacklistctl 8 . 211When set, these options are also in effect: 212.Pp 213.Bl -inset -compact 214.It Va WITHOUT_BLACKLIST_SUPPORT 215(unless 216.Va WITH_BLACKLIST_SUPPORT 217is set explicitly) 218.El 219.It Va WITHOUT_BLACKLIST_SUPPORT 220Build some programs without 221.Xr libblacklist 3 222support, like 223.Xr fingerd 8 , 224.Xr ftpd 8 , 225and 226.Xr sshd 8 . 227.It Va WITHOUT_BLUETOOTH 228Do not build Bluetooth related kernel modules, programs and libraries. 229.It Va WITHOUT_BOOT 230Do not build the boot blocks and loader. 231.It Va WITHOUT_BOOTPARAMD 232Do not build or install 233.Xr bootparamd 8 . 234.It Va WITHOUT_BOOTPD 235Do not build or install 236.Xr bootpd 8 . 237.It Va WITH_BRANCH_PROTECTION 238Build with branch protection enabled. 239On arm64 enable the use of pointer authentication and 240branch target identification instructions on arm64. 241These can be used to help mitigate some exploit techniques. 242.It Va WITHOUT_BSDINSTALL 243Do not build 244.Xr bsdinstall 8 , 245.Xr sade 8 , 246and related programs. 247.It Va WITHOUT_BSD_CPIO 248Do not build the BSD licensed version of cpio based on 249.Xr libarchive 3 . 250.It Va WITHOUT_BSNMP 251Do not build or install 252.Xr bsnmpd 1 253and related libraries and data files. 254.It Va WITHOUT_BZIP2 255Do not build contributed bzip2 software as a part of the base system. 256.Bf -symbolic 257The option has no effect yet. 258.Ef 259When set, these options are also in effect: 260.Pp 261.Bl -inset -compact 262.It Va WITHOUT_BZIP2_SUPPORT 263(unless 264.Va WITH_BZIP2_SUPPORT 265is set explicitly) 266.El 267.It Va WITHOUT_BZIP2_SUPPORT 268Build some programs without optional bzip2 support. 269.It Va WITHOUT_CALENDAR 270Do not build 271.Xr calendar 1 . 272.It Va WITHOUT_CAROOT 273Do not add the trusted certificates from the Mozilla NSS bundle to 274base. 275.It Va WITHOUT_CASPER 276This option has no effect. 277.It Va WITH_CCACHE_BUILD 278Use 279.Xr ccache 1 280for the build. 281No configuration is required except to install the 282.Sy devel/ccache 283package. 284When using with 285.Xr distcc 1 , 286set 287.Sy CCACHE_PREFIX=/usr/local/bin/distcc . 288The default cache directory of 289.Pa $HOME/.ccache 290will be used, which can be overridden by setting 291.Sy CCACHE_DIR . 292The 293.Sy CCACHE_COMPILERCHECK 294option defaults to 295.Sy content 296when using the in-tree bootstrap compiler, 297and 298.Sy mtime 299when using an external compiler. 300The 301.Sy CCACHE_CPP2 302option is used for Clang but not GCC. 303.Pp 304Sharing a cache between multiple work directories requires using a layout 305similar to 306.Pa /some/prefix/src 307.Pa /some/prefix/obj 308and an environment such as: 309.Bd -literal -offset indent 310CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' 311.Ed 312.Pp 313See 314.Xr ccache 1 315for more configuration options. 316.It Va WITHOUT_CCD 317Do not build 318.Xr geom_ccd 4 319and related utilities. 320.It Va WITHOUT_CDDL 321Do not build code licensed under Sun's CDDL. 322When set, it enforces these options: 323.Pp 324.Bl -item -compact 325.It 326.Va WITHOUT_CTF 327.It 328.Va WITHOUT_DTRACE 329.It 330.Va WITHOUT_LOADER_ZFS 331.It 332.Va WITHOUT_ZFS 333.El 334.It Va WITHOUT_CLANG 335Do not build the Clang C/C++ compiler during the regular phase of the build. 336When set, it enforces these options: 337.Pp 338.Bl -item -compact 339.It 340.Va WITHOUT_CLANG_EXTRAS 341.It 342.Va WITHOUT_CLANG_FORMAT 343.It 344.Va WITHOUT_CLANG_FULL 345.It 346.Va WITHOUT_LLVM_COV 347.El 348.Pp 349When set, these options are also in effect: 350.Pp 351.Bl -inset -compact 352.It Va WITHOUT_LLVM_TARGET_AARCH64 353(unless 354.Va WITH_LLVM_TARGET_AARCH64 355is set explicitly) 356.It Va WITHOUT_LLVM_TARGET_ALL 357(unless 358.Va WITH_LLVM_TARGET_ALL 359is set explicitly) 360.It Va WITHOUT_LLVM_TARGET_ARM 361(unless 362.Va WITH_LLVM_TARGET_ARM 363is set explicitly) 364.It Va WITHOUT_LLVM_TARGET_POWERPC 365(unless 366.Va WITH_LLVM_TARGET_POWERPC 367is set explicitly) 368.It Va WITHOUT_LLVM_TARGET_RISCV 369(unless 370.Va WITH_LLVM_TARGET_RISCV 371is set explicitly) 372.El 373.It Va WITHOUT_CLANG_BOOTSTRAP 374Do not build the Clang C/C++ compiler during the bootstrap phase of 375the build. 376To be able to build the system, either gcc or clang bootstrap must be 377enabled unless an alternate compiler is provided via XCC. 378.It Va WITH_CLANG_EXTRAS 379Build additional clang and llvm tools, such as bugpoint and 380clang-format. 381.It Va WITH_CLANG_FORMAT 382Build clang-format. 383.It Va WITHOUT_CLANG_FULL 384Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of 385the Clang C/C++ compiler. 386.It Va WITH_CLEAN 387Clean before building world and/or kernel. 388.It Va WITHOUT_CPP 389Do not build 390.Xr cpp 1 . 391.It Va WITHOUT_CROSS_COMPILER 392Do not build any cross compiler in the cross-tools stage of buildworld. 393When compiling a different version of 394.Fx 395than what is installed on the system, provide an alternate 396compiler with XCC to ensure success. 397When compiling with an identical version of 398.Fx 399to the host, this option may be safely used. 400This option may also be safe when the host version of 401.Fx 402is close to the sources being built, but all bets are off if there have 403been any changes to the toolchain between the versions. 404When set, it enforces these options: 405.Pp 406.Bl -item -compact 407.It 408.Va WITHOUT_CLANG_BOOTSTRAP 409.It 410.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 411.It 412.Va WITHOUT_LLD_BOOTSTRAP 413.El 414.It Va WITHOUT_CRYPT 415Do not build any crypto code. 416When set, it enforces these options: 417.Pp 418.Bl -item -compact 419.It 420.Va WITHOUT_DMAGENT 421.It 422.Va WITHOUT_KERBEROS 423.It 424.Va WITHOUT_KERBEROS_SUPPORT 425.It 426.Va WITHOUT_LDNS 427.It 428.Va WITHOUT_LDNS_UTILS 429.It 430.Va WITHOUT_LOADER_ZFS 431.It 432.Va WITHOUT_OPENSSH 433.It 434.Va WITHOUT_OPENSSL 435.It 436.Va WITHOUT_OPENSSL_KTLS 437.It 438.Va WITHOUT_PKGBOOTSTRAP 439.It 440.Va WITHOUT_UNBOUND 441.It 442.Va WITHOUT_ZFS 443.El 444.Pp 445When set, these options are also in effect: 446.Pp 447.Bl -inset -compact 448.It Va WITHOUT_GSSAPI 449(unless 450.Va WITH_GSSAPI 451is set explicitly) 452.El 453.It Va WITH_CTF 454Compile with CTF (Compact C Type Format) data. 455CTF data encapsulates a reduced form of debugging information 456similar to DWARF and the venerable stabs and is required for DTrace. 457.It Va WITHOUT_CUSE 458Do not build CUSE-related programs and libraries. 459.It Va WITHOUT_CXGBETOOL 460Do not build 461.Xr cxgbetool 8 462.Pp 463This is a default setting on 464arm/armv7, powerpc/powerpc and riscv/riscv64. 465.It Va WITH_CXGBETOOL 466Build 467.Xr cxgbetool 8 468.Pp 469This is a default setting on 470amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 471.It Va WITHOUT_DEBUG_FILES 472Avoid building or installing standalone debug files for each 473executable binary and shared library. 474.It Va WITH_DETECT_TZ_CHANGES 475Make the time handling code detect changes to the timezone files. 476.It Va WITH_DIALOG 477Do build 478.Xr dialog 1 , 479.Xr dialog 3 , 480.Xr dpv 1 , 481and 482.Xr dpv 3 . 483.It Va WITHOUT_DICT 484Do not build the Webster dictionary files. 485.It Va WITH_DIRDEPS_BUILD 486This is an alternate build system. 487For details see 488https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. 489Build commands can be seen from the top-level with: 490.Dl make show-valid-targets 491The build is driven by dirdeps.mk using 492.Va DIRDEPS 493stored in 494Makefile.depend files found in each directory. 495.Pp 496The build can be started from anywhere, and behaves the same. 497The initial instance of 498.Xr make 1 499recursively reads 500.Va DIRDEPS 501from 502.Pa Makefile.depend , 503computing a graph of tree dependencies from the current origin. 504Setting 505.Va NO_DIRDEPS 506skips checking dirdep dependencies and will only build in the current 507and child directories. 508.Va NO_DIRDEPS_BELOW 509skips building any dirdeps and only build the current directory. 510.Pp 511This also utilizes the 512.Va WITH_META_MODE 513logic for incremental builds. 514.Pp 515The build hides commands executed unless 516.Va NO_SILENT 517is defined. 518.Pp 519Note that there is currently no mass install feature for this. 520This build is designed for producing packages, that can then be installed 521on a target system. 522.Pp 523The implementation in 524.Fx 525is incomplete. 526Completion would require leaf directories for building each kernel 527and package so that their dependencies can be tracked. 528When set, it enforces these options: 529.Pp 530.Bl -item -compact 531.It 532.Va WITH_INSTALL_AS_USER 533.El 534.Pp 535When set, these options are also in effect: 536.Pp 537.Bl -inset -compact 538.It Va WITH_META_ERROR_TARGET 539(unless 540.Va WITHOUT_META_ERROR_TARGET 541is set explicitly) 542.It Va WITH_META_MODE 543(unless 544.Va WITHOUT_META_MODE 545is set explicitly) 546.It Va WITH_STAGING 547(unless 548.Va WITHOUT_STAGING 549is set explicitly) 550.It Va WITH_STAGING_MAN 551(unless 552.Va WITHOUT_STAGING_MAN 553is set explicitly) 554.It Va WITH_STAGING_PROG 555(unless 556.Va WITHOUT_STAGING_PROG 557is set explicitly) 558.It Va WITH_SYSROOT 559(unless 560.Va WITHOUT_SYSROOT 561is set explicitly) 562.El 563.Pp 564This must be set in the environment, make command line, or 565.Pa /etc/src-env.conf , 566not 567.Pa /etc/src.conf . 568.It Va WITH_DIRDEPS_CACHE 569Cache result of dirdeps.mk which can save significant time 570for subsequent builds. 571Depends on 572.Va WITH_DIRDEPS_BUILD . 573.Pp 574This must be set in the environment, make command line, or 575.Pa /etc/src-env.conf , 576not 577.Pa /etc/src.conf . 578.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP 579Build 580.Xr etdump 1 , 581.Xr makefs 8 582and 583.Xr mkimg 1 584as bootstrap tools. 585.It Va WITHOUT_DMAGENT 586Do not build dma Mail Transport Agent. 587.It Va WITHOUT_DOCCOMPRESS 588Do not install compressed system documentation. 589Only the uncompressed version will be installed. 590.It Va WITHOUT_DTRACE 591Do not build DTrace framework kernel modules, libraries, and user commands. 592When set, it enforces these options: 593.Pp 594.Bl -item -compact 595.It 596.Va WITHOUT_CTF 597.El 598.It Va WITH_DTRACE_ASAN 599Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1)) 600with address and undefined behavior sanitizers. 601Requires that Clang be used as the base system compiler 602and that the runtime support library is available. 603.It Va WITH_DTRACE_TESTS 604Build and install the DTrace test suite in 605.Pa /usr/tests/cddl/usr.sbin/dtrace . 606This test suite is considered experimental on architectures other than 607amd64/amd64 and running it may cause system instability. 608.It Va WITHOUT_DYNAMICROOT 609Set this if you do not want to link 610.Pa /bin 611and 612.Pa /sbin 613dynamically. 614.It Va WITHOUT_EE 615Do not build and install 616.Xr edit 1 , 617.Xr ee 1 , 618and related programs. 619.It Va WITHOUT_EFI 620Set not to build 621.Xr efivar 3 622and 623.Xr efivar 8 . 624.Pp 625This is a default setting on 626i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 627.It Va WITH_EFI 628Build 629.Xr efivar 3 630and 631.Xr efivar 8 . 632.Pp 633This is a default setting on 634amd64/amd64, arm/armv7 and arm64/aarch64. 635.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 636Do not build ELF Tool Chain tools 637(addr2line, nm, size, strings and strip) 638as part of the bootstrap process. 639.Bf -symbolic 640An alternate bootstrap tool chain must be provided. 641.Ef 642.It Va WITHOUT_EXAMPLES 643Avoid installing examples to 644.Pa /usr/share/examples/ . 645.It Va WITH_EXPERIMENTAL 646Include experimental features in the build. 647.It Va WITHOUT_FDT 648Do not build Flattened Device Tree support as part of the base system. 649This includes the device tree compiler (dtc) and libfdt support library. 650.Pp 651This is a default setting on 652amd64/amd64 and i386/i386. 653.It Va WITH_FDT 654Build Flattened Device Tree support as part of the base system. 655This includes the device tree compiler (dtc) and libfdt support library. 656.Pp 657This is a default setting on 658arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 659.It Va WITHOUT_FILE 660Do not build 661.Xr file 1 662and related programs. 663.It Va WITHOUT_FINGER 664Do not build or install 665.Xr finger 1 666and 667.Xr fingerd 8 . 668.It Va WITHOUT_FLOPPY 669Do not build or install programs 670for operating floppy disk driver. 671.It Va WITHOUT_FORMAT_EXTENSIONS 672Do not enable 673.Fl fformat-extensions 674when compiling the kernel. 675Also disables all format checking. 676.It Va WITHOUT_FORTH 677Build bootloaders without Forth support. 678.It Va WITHOUT_FP_LIBC 679Build 680.Nm libc 681without floating-point support. 682.It Va WITHOUT_FREEBSD_UPDATE 683Do not build 684.Xr freebsd-update 8 . 685.It Va WITHOUT_FTP 686Do not build or install 687.Xr ftp 1 688and 689.Xr ftpd 8 . 690.It Va WITHOUT_GAMES 691Do not build games. 692.It Va WITHOUT_GH_BC 693Install the traditional FreeBSD 694.Xr bc 1 695and 696.Xr dc 1 697programs instead of the enhanced versions. 698.It Va WITHOUT_GNU_DIFF 699Do not build GNU 700.Xr diff3 1 . 701.It Va WITHOUT_GOOGLETEST 702Neither build nor install 703.Lb libgmock , 704.Lb libgtest , 705and dependent tests. 706.It Va WITHOUT_GPIO 707Do not build 708.Xr gpioctl 8 709as part of the base system. 710.It Va WITHOUT_GSSAPI 711Do not build libgssapi. 712.It Va WITHOUT_HAST 713Do not build 714.Xr hastd 8 715and related utilities. 716.It Va WITH_HESIOD 717Build Hesiod support. 718.It Va WITHOUT_HTML 719Do not build HTML docs. 720.It Va WITHOUT_HYPERV 721Do not build or install HyperV utilities. 722.Pp 723This is a default setting on 724arm/armv7, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 725.It Va WITH_HYPERV 726Build or install HyperV utilities. 727.Pp 728This is a default setting on 729amd64/amd64, arm64/aarch64 and i386/i386. 730.It Va WITHOUT_ICONV 731Do not build iconv as part of libc. 732.It Va WITHOUT_INCLUDES 733Do not install header files. 734This option used to be spelled 735.Va NO_INCS . 736.Bf -symbolic 737The option does not work for build targets. 738.Ef 739.It Va WITHOUT_INET 740Do not build programs and libraries related to IPv4 networking. 741When set, it enforces these options: 742.Pp 743.Bl -item -compact 744.It 745.Va WITHOUT_INET_SUPPORT 746.El 747.It Va WITHOUT_INET6 748Do not build 749programs and libraries related to IPv6 networking. 750When set, it enforces these options: 751.Pp 752.Bl -item -compact 753.It 754.Va WITHOUT_INET6_SUPPORT 755.El 756.It Va WITHOUT_INET6_SUPPORT 757Build libraries, programs, and kernel modules without IPv6 support. 758.It Va WITHOUT_INETD 759Do not build 760.Xr inetd 8 . 761.It Va WITHOUT_INET_SUPPORT 762Build libraries, programs, and kernel modules without IPv4 support. 763.It Va WITHOUT_INSTALLLIB 764Set this to not install optional libraries. 765For example, when creating a 766.Xr nanobsd 8 767image. 768.Bf -symbolic 769The option does not work for build targets. 770.Ef 771.It Va WITH_INSTALL_AS_USER 772Make install targets succeed for non-root users by installing 773files with owner and group attributes set to that of the user running 774the 775.Xr make 1 776command. 777The user still must set the 778.Va DESTDIR 779variable to point to a directory where the user has write permissions. 780.It Va WITHOUT_IPFILTER 781Do not build IP Filter package. 782.It Va WITHOUT_IPFW 783Do not build IPFW tools. 784.It Va WITHOUT_IPSEC_SUPPORT 785Do not build the kernel with 786.Xr ipsec 4 787support. 788This option is needed for 789.Xr ipsec 4 790and 791.Xr tcpmd5 4 . 792.It Va WITHOUT_ISCSI 793Do not build 794.Xr iscsid 8 795and related utilities. 796.It Va WITHOUT_JAIL 797Do not build tools for the support of jails; e.g., 798.Xr jail 8 . 799.It Va WITHOUT_KDUMP 800Do not build 801.Xr kdump 1 802and 803.Xr truss 1 . 804.It Va WITHOUT_KERBEROS 805Set this to not build Kerberos 5 (KTH Heimdal). 806When set, these options are also in effect: 807.Pp 808.Bl -inset -compact 809.It Va WITHOUT_GSSAPI 810(unless 811.Va WITH_GSSAPI 812is set explicitly) 813.It Va WITHOUT_KERBEROS_SUPPORT 814(unless 815.Va WITH_KERBEROS_SUPPORT 816is set explicitly) 817.El 818.It Va WITHOUT_KERBEROS_SUPPORT 819Build some programs without Kerberos support, like 820.Xr ssh 1 , 821.Xr telnet 1 , 822and 823.Xr sshd 8 . 824.It Va WITH_KERNEL_BIN 825Generate and install kernel.bin from kernel as part of the normal build and 826install processes for the kernel. Available only on arm and arm64. 827 828Usually this will be added to the kernel config file with: 829 830makeoptions WITH_KERNEL_BIN=1 831 832though it can also be used on the command line. 833.It Va WITH_KERNEL_RETPOLINE 834Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel 835build. 836.It Va WITHOUT_KERNEL_SYMBOLS 837Do not install standalone kernel debug symbol files. 838This option has no effect at build time. 839.It Va WITHOUT_KVM 840Do not build the 841.Nm libkvm 842library as a part of the base system. 843.Bf -symbolic 844The option has no effect yet. 845.Ef 846When set, these options are also in effect: 847.Pp 848.Bl -inset -compact 849.It Va WITHOUT_KVM_SUPPORT 850(unless 851.Va WITH_KVM_SUPPORT 852is set explicitly) 853.El 854.It Va WITHOUT_KVM_SUPPORT 855Build some programs without optional 856.Nm libkvm 857support. 858.It Va WITHOUT_LDNS 859Setting this variable will prevent the LDNS library from being built. 860When set, it enforces these options: 861.Pp 862.Bl -item -compact 863.It 864.Va WITHOUT_LDNS_UTILS 865.It 866.Va WITHOUT_UNBOUND 867.El 868.It Va WITHOUT_LDNS_UTILS 869Setting this variable will prevent building the LDNS utilities 870.Xr drill 1 871and 872.Xr host 1 . 873.It Va WITHOUT_LEGACY_CONSOLE 874Do not build programs that support a legacy PC console; e.g., 875.Xr kbdcontrol 1 876and 877.Xr vidcontrol 1 . 878.It Va WITHOUT_LIB32 879On 64-bit platforms, do not build 32-bit library set and a 880.Nm ld-elf32.so.1 881runtime linker. 882.Pp 883This is a default setting on 884arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64. 885.It Va WITH_LIB32 886On 64-bit platforms, build the 32-bit library set and a 887.Nm ld-elf32.so.1 888runtime linker. 889.Pp 890This is a default setting on 891amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 892.It Va WITHOUT_LLD 893Do not build LLVM's lld linker. 894.It Va WITHOUT_LLDB 895Do not build the LLDB debugger. 896.Pp 897This is a default setting on 898arm/armv7 and riscv/riscv64. 899.It Va WITH_LLDB 900Build the LLDB debugger. 901.Pp 902This is a default setting on 903amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 904.It Va WITHOUT_LLD_BOOTSTRAP 905Do not build the LLD linker during the bootstrap phase of 906the build. 907To be able to build the system an alternate linker must be provided via XLD. 908.It Va WITHOUT_LLVM_ASSERTIONS 909Disable debugging assertions in LLVM. 910.It Va WITH_LLVM_BINUTILS 911Install LLVM's binutils (without an llvm- prefix), 912instead of ELF Tool Chain's tools. 913This includes 914.Xr addr2line 1 , 915.Xr ar 1 , 916.Xr nm 1 , 917.Xr objcopy 1 , 918.Xr ranlib 1 , 919.Xr readelf 1 , 920.Xr size 1 , 921and 922.Xr strip 1 . 923Regardless of this setting, LLVM tools are used for 924.Xr c++filt 1 925and 926.Xr objdump 1 . 927.Xr strings 1 928is always provided by ELF Tool Chain. 929.It Va WITHOUT_LLVM_COV 930Do not build the 931.Xr llvm-cov 1 932tool. 933.It Va WITHOUT_LLVM_CXXFILT 934Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. 935.It Va WITH_LLVM_FULL_DEBUGINFO 936Generate full debug information for LLVM libraries and tools, which uses 937more disk space and build resources, but allows for easier debugging. 938.It Va WITHOUT_LLVM_TARGET_AARCH64 939Do not build LLVM target support for AArch64. 940The 941.Va LLVM_TARGET_ALL 942option should be used rather than this in most cases. 943.It Va WITHOUT_LLVM_TARGET_ALL 944Only build the required LLVM target support. 945This option is preferred to specific target support options. 946When set, these options are also in effect: 947.Pp 948.Bl -inset -compact 949.It Va WITHOUT_LLVM_TARGET_AARCH64 950(unless 951.Va WITH_LLVM_TARGET_AARCH64 952is set explicitly) 953.It Va WITHOUT_LLVM_TARGET_ARM 954(unless 955.Va WITH_LLVM_TARGET_ARM 956is set explicitly) 957.It Va WITHOUT_LLVM_TARGET_POWERPC 958(unless 959.Va WITH_LLVM_TARGET_POWERPC 960is set explicitly) 961.It Va WITHOUT_LLVM_TARGET_RISCV 962(unless 963.Va WITH_LLVM_TARGET_RISCV 964is set explicitly) 965.El 966.It Va WITHOUT_LLVM_TARGET_ARM 967Do not build LLVM target support for ARM. 968The 969.Va LLVM_TARGET_ALL 970option should be used rather than this in most cases. 971.It Va WITH_LLVM_TARGET_BPF 972Build LLVM target support for BPF. 973The 974.Va LLVM_TARGET_ALL 975option should be used rather than this in most cases. 976.It Va WITH_LLVM_TARGET_MIPS 977Build LLVM target support for MIPS. 978The 979.Va LLVM_TARGET_ALL 980option should be used rather than this in most cases. 981.It Va WITHOUT_LLVM_TARGET_POWERPC 982Do not build LLVM target support for PowerPC. 983The 984.Va LLVM_TARGET_ALL 985option should be used rather than this in most cases. 986.It Va WITHOUT_LLVM_TARGET_RISCV 987Do not build LLVM target support for RISC-V. 988The 989.Va LLVM_TARGET_ALL 990option should be used rather than this in most cases. 991.It Va WITHOUT_LLVM_TARGET_X86 992Do not build LLVM target support for X86. 993The 994.Va LLVM_TARGET_ALL 995option should be used rather than this in most cases. 996.It Va WITH_LOADER_BIOS_TEXTONLY 997Use the old, FreeBSD 12 vidconsole.c. 998This only supports text mode without teken, without any graphics, font or video mode support. 999This setting only affects the i386 and amd64 BIOS boot loader. 1000.It Va WITH_LOADER_EFI_SECUREBOOT 1001Enable building 1002.Xr loader 8 1003with support for verification based on certificates obtained from UEFI. 1004.It Va WITHOUT_LOADER_GELI 1005Disable inclusion of GELI crypto support in the boot chain binaries. 1006.Pp 1007This is a default setting on 1008powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 1009.It Va WITH_LOADER_GELI 1010Build GELI bootloader support. 1011.Pp 1012This is a default setting on 1013amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1014.It Va WITHOUT_LOADER_KBOOT 1015Do not build kboot, a linuxboot environment loader 1016.Pp 1017This is a default setting on 1018arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64. 1019.It Va WITH_LOADER_KBOOT 1020Build kboot, a linuxboot environment loader 1021.Pp 1022This is a default setting on 1023amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 1024.It Va WITHOUT_LOADER_LUA 1025Do not build LUA bindings for the boot loader. 1026.Pp 1027This is a default setting on 1028powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 1029.It Va WITH_LOADER_LUA 1030Build LUA bindings for the boot loader. 1031.Pp 1032This is a default setting on 1033amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1034.It Va WITHOUT_LOADER_OFW 1035Disable building of openfirmware bootloader components. 1036.Pp 1037This is a default setting on 1038amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1039.It Va WITH_LOADER_OFW 1040Build openfirmware bootloader components. 1041.Pp 1042This is a default setting on 1043powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 1044.It Va WITHOUT_LOADER_UBOOT 1045Disable building of ubldr. 1046.Pp 1047This is a default setting on 1048amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1049.It Va WITH_LOADER_UBOOT 1050Build ubldr. 1051.Pp 1052This is a default setting on 1053arm/armv7, powerpc/powerpc and powerpc/powerpc64. 1054.It Va WITH_LOADER_VERBOSE 1055Build with extra verbose debugging in the loader. 1056May explode already nearly too large loader over the limit. 1057Use with care. 1058.It Va WITH_LOADER_VERIEXEC 1059Enable building 1060.Xr loader 8 1061with support for verification similar to Verified Exec. 1062.Pp 1063Depends on 1064.Va WITH_BEARSSL . 1065When set, these options are also in effect: 1066.Pp 1067.Bl -inset -compact 1068.It Va WITH_LOADER_EFI_SECUREBOOT 1069(unless 1070.Va WITHOUT_LOADER_EFI_SECUREBOOT 1071is set explicitly) 1072.It Va WITH_LOADER_VERIEXEC_VECTX 1073(unless 1074.Va WITHOUT_LOADER_VERIEXEC_VECTX 1075is set explicitly) 1076.El 1077.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST 1078Enable building 1079.Xr loader 8 1080with support to pass a verified manifest to the kernel. 1081The kernel has to be built with a module to parse the manifest. 1082.Pp 1083Depends on 1084.Va WITH_LOADER_VERIEXEC . 1085.It Va WITH_LOADER_VERIEXEC_VECTX 1086Enable building 1087.Xr loader 8 1088with support for hashing and verifying kernel and modules as a side effect 1089of loading. 1090.Pp 1091Depends on 1092.Va WITH_LOADER_VERIEXEC . 1093.It Va WITHOUT_LOADER_ZFS 1094Do not build ZFS file system boot loader support. 1095.It Va WITHOUT_LOCALES 1096Do not build localization files; see 1097.Xr locale 1 . 1098.It Va WITHOUT_LOCATE 1099Do not build 1100.Xr locate 1 1101and related programs. 1102.It Va WITHOUT_LPR 1103Do not build 1104.Xr lpr 1 1105and related programs. 1106.It Va WITHOUT_LS_COLORS 1107Build 1108.Xr ls 1 1109without support for colors to distinguish file types. 1110.It Va WITHOUT_MACHDEP_OPTIMIZATIONS 1111Prefer machine-independent non-assembler code in libc and libm. 1112.It Va WITHOUT_MAIL 1113Do not build any mail support (MUA or MTA). 1114When set, it enforces these options: 1115.Pp 1116.Bl -item -compact 1117.It 1118.Va WITHOUT_DMAGENT 1119.It 1120.Va WITHOUT_MAILWRAPPER 1121.It 1122.Va WITHOUT_SENDMAIL 1123.El 1124.It Va WITHOUT_MAILWRAPPER 1125Do not build the 1126.Xr mailwrapper 8 1127MTA selector. 1128.It Va WITHOUT_MAKE 1129Do not install 1130.Xr make 1 1131and related support files. 1132.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX 1133Do not execute 1134.Dq Li "make check" 1135in limited sandbox mode. 1136This option should be paired with 1137.Va WITH_INSTALL_AS_USER 1138if executed as an unprivileged user. 1139See 1140.Xr tests 7 1141for more details. 1142.It Va WITH_MALLOC_PRODUCTION 1143Disable assertions and statistics gathering in 1144.Xr malloc 3 . 1145It also defaults the A and J runtime options to off. 1146.It Va WITHOUT_MAN 1147Do not build manual pages. 1148When set, these options are also in effect: 1149.Pp 1150.Bl -inset -compact 1151.It Va WITHOUT_MAN_UTILS 1152(unless 1153.Va WITH_MAN_UTILS 1154is set explicitly) 1155.El 1156.It Va WITHOUT_MANCOMPRESS 1157Do not install compressed man pages. 1158Only the uncompressed versions will be installed. 1159.It Va WITHOUT_MANSPLITPKG 1160Do not split man pages into their own packages during make package. 1161.It Va WITHOUT_MAN_UTILS 1162Do not build utilities for manual pages, 1163.Xr apropos 1 , 1164.Xr makewhatis 1 , 1165.Xr man 1 , 1166.Xr whatis 1 , 1167.Xr manctl 8 , 1168and related support files. 1169.It Va WITH_META_ERROR_TARGET 1170Enable the META_MODE .ERROR target. 1171.Pp 1172This target will copy the meta file of a failed target 1173to 1174.Va ERROR_LOGDIR 1175(default is 1176.Ql ${SRCTOP:H}/error ) 1177to help with failure analysis. 1178Depends on 1179.Va WITH_META_MODE . 1180This default when 1181.Va WITH_DIRDEPS_BUILD 1182is set. 1183.Pp 1184This must be set in the environment, make command line, or 1185.Pa /etc/src-env.conf , 1186not 1187.Pa /etc/src.conf . 1188.It Va WITH_META_MODE 1189Create 1190.Xr make 1 1191meta files when building, which can provide a reliable incremental build when 1192using 1193.Xr filemon 4 . 1194The meta file is created in OBJDIR as 1195.Pa target.meta . 1196These meta files track the command that was executed, its output, and the 1197current directory. 1198The 1199.Xr filemon 4 1200module is required unless 1201.Va NO_FILEMON 1202is defined. 1203When the module is loaded, any files used by the commands executed are 1204tracked as dependencies for the target in its meta file. 1205The target is considered out-of-date and rebuilt if any of these 1206conditions are true compared to the last build: 1207.Bl -bullet -compact 1208.It 1209The command to execute changes. 1210.It 1211The current working directory changes. 1212.It 1213The target's meta file is missing. 1214.It 1215The target's meta file is missing filemon data when filemon is loaded 1216and a previous run did not have it loaded. 1217.It 1218[requires 1219.Xr filemon 4 ] 1220Files read, executed or linked to are newer than the target. 1221.It 1222[requires 1223.Xr filemon 4 ] 1224Files read, written, executed or linked are missing. 1225.El 1226The meta files can also be useful for debugging. 1227.Pp 1228The build hides commands that are executed unless 1229.Va NO_SILENT 1230is defined. 1231Errors cause 1232.Xr make 1 1233to show some of its environment for further debugging. 1234.Pp 1235The build operates as it normally would otherwise. 1236This option originally invoked a different build system but that was renamed 1237to 1238.Va WITH_DIRDEPS_BUILD . 1239.Pp 1240This must be set in the environment, make command line, or 1241.Pa /etc/src-env.conf , 1242not 1243.Pa /etc/src.conf . 1244.It Va WITHOUT_MLX5TOOL 1245Do not build 1246.Xr mlx5tool 8 1247.Pp 1248This is a default setting on 1249arm/armv7, powerpc/powerpc and riscv/riscv64. 1250.It Va WITH_MLX5TOOL 1251Build 1252.Xr mlx5tool 8 1253.Pp 1254This is a default setting on 1255amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 1256.It Va WITHOUT_NETCAT 1257Do not build 1258.Xr nc 1 1259utility. 1260.It Va WITHOUT_NETGRAPH 1261Do not build applications to support 1262.Xr netgraph 4 . 1263When set, it enforces these options: 1264.Pp 1265.Bl -item -compact 1266.It 1267.Va WITHOUT_BLUETOOTH 1268.El 1269.Pp 1270When set, these options are also in effect: 1271.Pp 1272.Bl -inset -compact 1273.It Va WITHOUT_NETGRAPH_SUPPORT 1274(unless 1275.Va WITH_NETGRAPH_SUPPORT 1276is set explicitly) 1277.El 1278.It Va WITHOUT_NETGRAPH_SUPPORT 1279Build libraries, programs, and kernel modules without netgraph support. 1280.It Va WITHOUT_NETLINK 1281Do not build 1282.Xr genl 1 1283utility. 1284.It Va WITHOUT_NETLINK_SUPPORT 1285Make libraries and programs use rtsock and 1286.Xr sysctl 3 1287interfaces instead of 1288.Xr snl 3 . 1289.It Va WITHOUT_NIS 1290Do not build 1291.Xr NIS 8 1292support and related programs. 1293If set, you might need to adopt your 1294.Xr nsswitch.conf 5 1295and remove 1296.Sq nis 1297entries. 1298.It Va WITHOUT_NLS 1299Do not build NLS catalogs. 1300When set, it enforces these options: 1301.Pp 1302.Bl -item -compact 1303.It 1304.Va WITHOUT_NLS_CATALOGS 1305.El 1306.It Va WITHOUT_NLS_CATALOGS 1307Do not build NLS catalog support for 1308.Xr csh 1 . 1309.It Va WITHOUT_NS_CACHING 1310Disable name caching in the 1311.Pa nsswitch 1312subsystem. 1313The generic caching daemon, 1314.Xr nscd 8 , 1315will not be built either if this option is set. 1316.It Va WITHOUT_NTP 1317Do not build 1318.Xr ntpd 8 1319and related programs. 1320.It Va WITHOUT_NUAGEINIT 1321Do not install the limited cloud init support scripts. 1322.It Va WITHOUT_OFED 1323Do not build the 1324.Dq "OpenFabrics Enterprise Distribution" 1325InfiniBand software stack, including kernel modules and userspace libraries. 1326.Pp 1327This is a default setting on 1328arm/armv7. 1329When set, it enforces these options: 1330.Pp 1331.Bl -item -compact 1332.It 1333.Va WITHOUT_OFED_EXTRA 1334.El 1335.It Va WITH_OFED 1336Build the 1337.Dq "OpenFabrics Enterprise Distribution" 1338InfiniBand software stack, including kernel modules and userspace libraries. 1339.Pp 1340This is a default setting on 1341amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1342.It Va WITH_OFED_EXTRA 1343Build the non-essential components of the 1344.Dq "OpenFabrics Enterprise Distribution" 1345Infiniband software stack, mostly examples. 1346.It Va WITH_OPENLDAP 1347Enable building LDAP support for kerberos using an openldap client from ports. 1348.It Va WITHOUT_OPENMP 1349Do not build LLVM's OpenMP runtime. 1350.Pp 1351This is a default setting on 1352arm/armv7 and powerpc/powerpc. 1353.It Va WITH_OPENMP 1354Build LLVM's OpenMP runtime. 1355.Pp 1356This is a default setting on 1357amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1358.It Va WITHOUT_OPENSSH 1359Do not build OpenSSH. 1360.It Va WITHOUT_OPENSSL 1361Do not build OpenSSL. 1362When set, it enforces these options: 1363.Pp 1364.Bl -item -compact 1365.It 1366.Va WITHOUT_DMAGENT 1367.It 1368.Va WITHOUT_KERBEROS 1369.It 1370.Va WITHOUT_KERBEROS_SUPPORT 1371.It 1372.Va WITHOUT_LDNS 1373.It 1374.Va WITHOUT_LDNS_UTILS 1375.It 1376.Va WITHOUT_LOADER_ZFS 1377.It 1378.Va WITHOUT_OPENSSH 1379.It 1380.Va WITHOUT_OPENSSL_KTLS 1381.It 1382.Va WITHOUT_PKGBOOTSTRAP 1383.It 1384.Va WITHOUT_UNBOUND 1385.It 1386.Va WITHOUT_ZFS 1387.El 1388.Pp 1389When set, these options are also in effect: 1390.Pp 1391.Bl -inset -compact 1392.It Va WITHOUT_GSSAPI 1393(unless 1394.Va WITH_GSSAPI 1395is set explicitly) 1396.El 1397.It Va WITHOUT_OPENSSL_KTLS 1398Do not include kernel TLS support in OpenSSL. 1399.Pp 1400This is a default setting on 1401arm/armv7, i386/i386, powerpc/powerpc and riscv/riscv64. 1402.It Va WITH_OPENSSL_KTLS 1403Include kernel TLS support in OpenSSL. 1404.Pp 1405This is a default setting on 1406amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. 1407.It Va WITHOUT_PAM 1408Do not build PAM library and modules. 1409.Bf -symbolic 1410This option is deprecated and does nothing. 1411.Ef 1412When set, these options are also in effect: 1413.Pp 1414.Bl -inset -compact 1415.It Va WITHOUT_PAM_SUPPORT 1416(unless 1417.Va WITH_PAM_SUPPORT 1418is set explicitly) 1419.El 1420.It Va WITHOUT_PAM_SUPPORT 1421Build some programs without PAM support, particularly 1422.Xr ftpd 8 1423and 1424.Xr ppp 8 . 1425.It Va WITHOUT_PF 1426Do not build PF firewall package. 1427When set, it enforces these options: 1428.Pp 1429.Bl -item -compact 1430.It 1431.Va WITHOUT_AUTHPF 1432.El 1433.It Va WITHOUT_PIE 1434Do not build dynamically linked binaries as 1435Position-Independent Executable (PIE). 1436.Pp 1437This is a default setting on 1438arm/armv7, i386/i386 and powerpc/powerpc. 1439.It Va WITH_PIE 1440Build dynamically linked binaries as 1441Position-Independent Executable (PIE). 1442.Pp 1443This is a default setting on 1444amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1445.It Va WITHOUT_PKGBOOTSTRAP 1446Do not build 1447.Xr pkg 7 1448bootstrap tool. 1449.It Va WITHOUT_PMC 1450Do not build 1451.Xr pmccontrol 8 1452and related programs. 1453.It Va WITHOUT_PPP 1454Do not build 1455.Xr ppp 8 1456and related programs. 1457.It Va WITH_PROFILE 1458Build profiled libraries for use with 1459.Xr gprof 8 . 1460This option is deprecated and may not be present in a future version of 1461.Fx . 1462.It Va WITHOUT_PTHREADS_ASSERTIONS 1463Disable debugging assertions in pthreads library. 1464.It Va WITHOUT_QUOTAS 1465Do not build 1466.Xr quota 1 1467and related programs. 1468.It Va WITHOUT_RADIUS_SUPPORT 1469Do not build radius support into various applications, like 1470.Xr pam_radius 8 1471and 1472.Xr ppp 8 . 1473.It Va WITH_RATELIMIT 1474Build the system with rate limit support. 1475.Pp 1476This makes 1477.Dv SO_MAX_PACING_RATE 1478effective in 1479.Xr getsockopt 2 , 1480and 1481.Ar txrlimit 1482support in 1483.Xr ifconfig 8 , 1484by proxy. 1485.It Va WITHOUT_RBOOTD 1486Do not build or install 1487.Xr rbootd 8 . 1488.It Va WITHOUT_RELRO 1489Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. 1490See also the 1491.Va BIND_NOW 1492option. 1493.It Va WITH_REPRODUCIBLE_BUILD 1494Exclude build metadata (such as the build time, user, or host) 1495from the kernel, boot loaders, and uname output, so that builds produce 1496bit-for-bit identical output. 1497.It Va WITHOUT_RESCUE 1498Do not build 1499.Xr rescue 8 . 1500.It Va WITH_RETPOLINE 1501Build the base system with the retpoline speculative execution 1502vulnerability mitigation for CVE-2017-5715. 1503.It Va WITHOUT_ROUTED 1504Do not build 1505.Xr routed 8 1506utility. 1507.It Va WITH_RPCBIND_WARMSTART_SUPPORT 1508Build 1509.Xr rpcbind 8 1510with warmstart support. 1511.It Va WITHOUT_SCTP_SUPPORT 1512Disable support in the kernel for the 1513.Xr sctp 4 1514Stream Control Transmission Protocol 1515loadable kernel module. 1516.It Va WITHOUT_SENDMAIL 1517Do not build 1518.Xr sendmail 8 1519and related programs. 1520.It Va WITHOUT_SERVICESDB 1521Do not install 1522.Pa /var/db/services.db . 1523.It Va WITHOUT_SETUID_LOGIN 1524Set this to disable the installation of 1525.Xr login 1 1526as a set-user-ID root program. 1527.It Va WITHOUT_SHAREDOCS 1528Do not build the 1529.Bx 4.4 1530legacy docs. 1531.It Va WITH_SORT_THREADS 1532Enable threads in 1533.Xr sort 1 . 1534.It Va WITHOUT_SOURCELESS 1535Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). 1536When set, it enforces these options: 1537.Pp 1538.Bl -item -compact 1539.It 1540.Va WITHOUT_SOURCELESS_HOST 1541.It 1542.Va WITHOUT_SOURCELESS_UCODE 1543.El 1544.It Va WITHOUT_SOURCELESS_HOST 1545Do not build kernel modules that include sourceless native code for host CPU. 1546.It Va WITHOUT_SOURCELESS_UCODE 1547Do not build kernel modules that include sourceless microcode. 1548.It Va WITHOUT_SPLIT_KERNEL_DEBUG 1549Do not build standalone kernel debug files. 1550Debug data (if enabled by the kernel configuration file) 1551will be included in the kernel and modules. 1552When set, it enforces these options: 1553.Pp 1554.Bl -item -compact 1555.It 1556.Va WITHOUT_KERNEL_SYMBOLS 1557.El 1558.It Va WITHOUT_SSP 1559Do not build world with stack smashing protection. 1560See 1561.Xr security 7 1562for more information. 1563.It Va WITH_STAGING 1564Enable staging of files to a stage tree. 1565This can be best thought of as auto-install to 1566.Va DESTDIR 1567with some extra meta data to ensure dependencies can be tracked. 1568Depends on 1569.Va WITH_DIRDEPS_BUILD . 1570When set, these options are also in effect: 1571.Pp 1572.Bl -inset -compact 1573.It Va WITH_STAGING_MAN 1574(unless 1575.Va WITHOUT_STAGING_MAN 1576is set explicitly) 1577.It Va WITH_STAGING_PROG 1578(unless 1579.Va WITHOUT_STAGING_PROG 1580is set explicitly) 1581.El 1582.Pp 1583This must be set in the environment, make command line, or 1584.Pa /etc/src-env.conf , 1585not 1586.Pa /etc/src.conf . 1587.It Va WITH_STAGING_MAN 1588Enable staging of man pages to stage tree. 1589.It Va WITH_STAGING_PROG 1590Enable staging of PROGs to stage tree. 1591.It Va WITH_STALE_STAGED 1592Check staged files are not stale. 1593.It Va WITHOUT_STATS 1594Neither build nor install 1595.Lb libstats 1596and dependent binaries. 1597.It Va WITHOUT_SYSCONS 1598Do not build 1599.Xr syscons 4 1600support files such as keyboard maps, fonts, and screen output maps. 1601.It Va WITH_SYSROOT 1602Enable use of sysroot during build. 1603Depends on 1604.Va WITH_DIRDEPS_BUILD . 1605.Pp 1606This must be set in the environment, make command line, or 1607.Pa /etc/src-env.conf , 1608not 1609.Pa /etc/src.conf . 1610.It Va WITHOUT_SYSTEM_COMPILER 1611Do not opportunistically skip building a cross-compiler during the 1612bootstrap phase of the build. 1613Normally, if the currently installed compiler matches the planned bootstrap 1614compiler type and revision, then it will not be built. 1615This does not prevent a compiler from being built for installation though, 1616only for building one for the build itself. 1617The 1618.Va WITHOUT_CLANG 1619option controls that. 1620.It Va WITHOUT_SYSTEM_LINKER 1621Do not opportunistically skip building a cross-linker during the 1622bootstrap phase of the build. 1623Normally, if the currently installed linker matches the planned bootstrap 1624linker type and revision, then it will not be built. 1625This does not prevent a linker from being built for installation though, 1626only for building one for the build itself. 1627The 1628.Va WITHOUT_LLD 1629option controls that. 1630.Pp 1631This option is only relevant when 1632.Va WITH_LLD_BOOTSTRAP 1633is set. 1634.It Va WITHOUT_TALK 1635Do not build or install 1636.Xr talk 1 1637and 1638.Xr talkd 8 . 1639.It Va WITHOUT_TCP_WRAPPERS 1640Do not build or install 1641.Xr tcpd 8 , 1642and related utilities. 1643.It Va WITHOUT_TCSH 1644Do not build and install 1645.Pa /bin/csh 1646(which is 1647.Xr tcsh 1 ) . 1648.It Va WITHOUT_TELNET 1649Do not build 1650.Xr telnet 1 1651and related programs. 1652.It Va WITHOUT_TESTS 1653Do not build nor install the 1654.Fx 1655Test Suite in 1656.Pa /usr/tests/ . 1657See 1658.Xr tests 7 1659for more details. 1660This also disables the build of all test-related dependencies, including ATF. 1661When set, it enforces these options: 1662.Pp 1663.Bl -item -compact 1664.It 1665.Va WITHOUT_DTRACE_TESTS 1666.El 1667.Pp 1668When set, these options are also in effect: 1669.Pp 1670.Bl -inset -compact 1671.It Va WITHOUT_GOOGLETEST 1672(unless 1673.Va WITH_GOOGLETEST 1674is set explicitly) 1675.It Va WITHOUT_TESTS_SUPPORT 1676(unless 1677.Va WITH_TESTS_SUPPORT 1678is set explicitly) 1679.El 1680.It Va WITHOUT_TESTS_SUPPORT 1681Disable the build of all test-related dependencies, including ATF. 1682When set, it enforces these options: 1683.Pp 1684.Bl -item -compact 1685.It 1686.Va WITHOUT_GOOGLETEST 1687.El 1688.It Va WITHOUT_TEXTPROC 1689Do not build 1690programs used for text processing. 1691.It Va WITHOUT_TFTP 1692Do not build or install 1693.Xr tftp 1 1694and 1695.Xr tftpd 8 . 1696.It Va WITHOUT_TOOLCHAIN 1697Do not install 1698programs used for program development, 1699compilers, debuggers etc. 1700When set, it enforces these options: 1701.Pp 1702.Bl -item -compact 1703.It 1704.Va WITHOUT_CLANG 1705.It 1706.Va WITHOUT_CLANG_EXTRAS 1707.It 1708.Va WITHOUT_CLANG_FORMAT 1709.It 1710.Va WITHOUT_CLANG_FULL 1711.It 1712.Va WITHOUT_LLD 1713.It 1714.Va WITHOUT_LLDB 1715.It 1716.Va WITHOUT_LLVM_COV 1717.El 1718.It Va WITH_UBSAN 1719Build the base system with Undefined Behavior Sanitizer (UBSan) to detect 1720various kinds of undefined behavior at runtime. 1721Requires that Clang be used as the base system compiler 1722and that the runtime support library is available 1723.It Va WITHOUT_UNBOUND 1724Do not build 1725.Xr unbound 8 1726and related programs. 1727.It Va WITH_UNDEFINED_VERSION 1728Link libraries with --undefined-version which permits version maps to 1729contain symbols that are not present in the library. 1730If this is necessicary to build a particular configuration, a bug is 1731present and the configuration should be reported. 1732.It Va WITHOUT_UNIFIED_OBJDIR 1733Use the historical object directory format for 1734.Xr build 7 1735targets. 1736For native-builds and builds done directly in sub-directories the format of 1737.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} 1738is used, 1739while for cross-builds 1740.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} 1741is used. 1742.Pp 1743This option is transitional and will be removed in a future version of 1744.Fx , 1745at which time 1746.Va WITH_UNIFIED_OBJDIR 1747will be enabled permanently. 1748.Pp 1749This must be set in the environment, make command line, or 1750.Pa /etc/src-env.conf , 1751not 1752.Pa /etc/src.conf . 1753.It Va WITHOUT_USB 1754Do not build USB-related programs and libraries. 1755.It Va WITHOUT_USB_GADGET_EXAMPLES 1756Do not build USB gadget kernel modules. 1757.It Va WITHOUT_UTMPX 1758Do not build user accounting tools such as 1759.Xr last 1 , 1760.Xr users 1 , 1761.Xr who 1 , 1762.Xr ac 8 , 1763.Xr lastlogin 8 1764and 1765.Xr utx 8 . 1766.It Va WITH_VERIEXEC 1767Enable building 1768.Xr veriexec 8 1769which loads the contents of verified manifests into the kernel 1770for use by 1771.Xr mac_veriexec 4 1772.Pp 1773Depends on 1774.Va WITH_BEARSSL . 1775.It Va WITHOUT_VI 1776Do not build and install vi, view, ex and related programs. 1777.It Va WITHOUT_VT 1778Do not build 1779.Xr vt 4 1780support files (fonts and keymaps). 1781.It Va WITHOUT_WARNS 1782Set this to not add warning flags to the compiler invocations. 1783Useful as a temporary workaround when code enters the tree 1784which triggers warnings in environments that differ from the 1785original developer. 1786.It Va WITHOUT_WERROR 1787Set this to not treat compiler warnings as errors. 1788Useful as a temporary workaround when working on fixing compiler warnings. 1789When set, warnings are still printed in the build log but do not fail the build. 1790.It Va WITHOUT_WIRELESS 1791Do not build programs used for 802.11 wireless networks; especially 1792.Xr wpa_supplicant 8 1793and 1794.Xr hostapd 8 . 1795When set, these options are also in effect: 1796.Pp 1797.Bl -inset -compact 1798.It Va WITHOUT_WIRELESS_SUPPORT 1799(unless 1800.Va WITH_WIRELESS_SUPPORT 1801is set explicitly) 1802.El 1803.It Va WITHOUT_WIRELESS_SUPPORT 1804Build libraries, programs, and kernel modules without 1805802.11 wireless support. 1806.It Va WITHOUT_WPA_SUPPLICANT_EAPOL 1807Build 1808.Xr wpa_supplicant 8 1809without support for the IEEE 802.1X protocol and without 1810support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS 1811protocols (usable only via 802.1X). 1812.It Va WITHOUT_ZFS 1813Do not build the ZFS file system kernel module, libraries such as 1814.Xr libbe 3 , 1815and user commands such as 1816.Xr zpool 8 1817or 1818.Xr zfs 8 . 1819Also disable ZFS support in utilities and libraries which implement 1820ZFS-specific functionality. 1821.It Va WITHOUT_ZONEINFO 1822Do not build the timezone database. 1823When set, it enforces these options: 1824.Pp 1825.Bl -item -compact 1826.It 1827.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT 1828.El 1829.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT 1830Build leapsecond information in to the timezone database. 1831.El 1832.Pp 1833The following options accept a single value from a list of valid values. 1834.Bl -tag -width indent 1835.It Va INIT_ALL 1836Control default initialization of stack variables in C and C++ code. 1837Options other than 1838.Li none 1839require the Clang compiler or GCC 12.0 or later. 1840The default value is 1841.Li none . 1842Valid values are: 1843.Bl -tag -width indent 1844.It Li none 1845Do not initialize stack variables (standard C/C++ behavior). 1846.It Li pattern 1847Build the base system or kernel with stack variables initialized to 1848.Pq compiler defined 1849debugging patterns on function entry. 1850.It Li zero 1851Build the base system or kernel with stack variables initialized 1852to zero on function entry. 1853This value is converted to 1854.Li none 1855for amd64 kernel builds due to incompatability with ifunc memset. 1856.El 1857.It Va LIBC_MALLOC 1858Specify the 1859.Xr malloc 3 1860implementation used by libc. 1861The default value is 1862.Li jemalloc . 1863Valid values are: 1864.Bl -tag -width indent 1865.It Li jemalloc 1866.El 1867.Pp 1868Other implementations are expected in the future in both 1869.Fx 1870and downstream consumers. 1871.El 1872.Sh FILES 1873.Bl -tag -compact -width Pa 1874.It Pa /etc/src.conf 1875.It Pa /etc/src-env.conf 1876.It Pa /usr/share/mk/bsd.own.mk 1877.El 1878.Sh SEE ALSO 1879.Xr make 1 , 1880.Xr make.conf 5 , 1881.Xr build 7 , 1882.Xr ports 7 1883.Sh HISTORY 1884The 1885.Nm 1886file appeared in 1887.Fx 7.0 . 1888.Sh AUTHORS 1889This manual page was autogenerated by 1890.An tools/build/options/makeman . 1891