1.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. 2.Dd August 20, 2024 3.Dt SRC.CONF 5 4.Os 5.Sh NAME 6.Nm src.conf 7.Nd "source build options" 8.Sh DESCRIPTION 9The 10.Nm 11file contains variables that control what components will be generated during 12the build process of the 13.Fx 14source tree; see 15.Xr build 7 . 16.Pp 17The 18.Nm 19file uses the standard makefile syntax. 20However, 21.Nm 22should not specify any dependencies to 23.Xr make 1 . 24Instead, 25.Nm 26is to set 27.Xr make 1 28variables that control the aspects of how the system builds. 29.Pp 30The default location of 31.Nm 32is 33.Pa /etc/src.conf , 34though an alternative location can be specified in the 35.Xr make 1 36variable 37.Va SRCCONF . 38Overriding the location of 39.Nm 40may be necessary if the system-wide settings are not suitable 41for a particular build. 42For instance, setting 43.Va SRCCONF 44to 45.Pa /dev/null 46effectively resets all build controls to their defaults. 47.Pp 48The only purpose of 49.Nm 50is to control the compilation of the 51.Fx 52source code, which is usually located in 53.Pa /usr/src . 54As a rule, the system administrator creates 55.Nm 56when the values of certain control variables need to be changed 57from their defaults. 58.Pp 59In addition, control variables can be specified 60for a particular build via the 61.Fl D 62option of 63.Xr make 1 64or in its environment; see 65.Xr environ 7 . 66.Pp 67The environment of 68.Xr make 1 69for the build can be controlled via the 70.Va SRC_ENV_CONF 71variable, which defaults to 72.Pa /etc/src-env.conf . 73Some examples that may only be set in this file are 74.Va WITH_DIRDEPS_BUILD , 75and 76.Va WITH_META_MODE , 77and 78.Va MAKEOBJDIRPREFIX 79as they are environment-only variables. 80.Pp 81The values of 82.Va WITH_ 83and 84.Va WITHOUT_ 85variables are ignored regardless of their setting; 86even if they would be set to 87.Dq Li FALSE 88or 89.Dq Li NO . 90The presence of an option causes 91it to be honored by 92.Xr make 1 . 93.Pp 94This list provides a name and short description for variables 95that can be used for source builds. 96.Bl -tag -width indent 97.It Va WITHOUT_ACCT 98Do not build process accounting tools such as 99.Xr accton 8 100and 101.Xr sa 8 . 102.It Va WITHOUT_ACPI 103Do not build 104.Xr acpiconf 8 , 105.Xr acpidump 8 106and related programs. 107.It Va WITHOUT_APM 108Do not build 109.Xr apm 8 , 110.Xr apmd 8 111and related programs. 112.It Va WITH_ASAN 113Build the base system with Address Sanitizer (ASan) to detect 114memory corruption bugs such as buffer overflows or use-after-free. 115Requires that Clang be used as the base system compiler 116and that the runtime support library is available. 117When set, it enforces these options: 118.Pp 119.Bl -item -compact 120.It 121.Va WITH_LLVM_BINUTILS 122.It 123.Va WITH_LLVM_CXXFILT 124.El 125.It Va WITHOUT_ASSERT_DEBUG 126Compile programs and libraries without the 127.Xr assert 3 128checks. 129.It Va WITHOUT_AT 130Do not build 131.Xr at 1 132and related utilities. 133.It Va WITHOUT_AUDIT 134Do not build audit support into system programs. 135.It Va WITHOUT_AUTHPF 136Do not build 137.Xr authpf 8 . 138.It Va WITHOUT_AUTOFS 139Do not build 140.Xr autofs 4 141related programs, libraries, and kernel modules. 142.It Va WITHOUT_AUTO_OBJ 143Disable automatic creation of objdirs. 144This is enabled by default if the wanted OBJDIR is writable by the current user. 145.Pp 146This must be set in the environment, make command line, or 147.Pa /etc/src-env.conf , 148not 149.Pa /etc/src.conf . 150.It Va WITH_BEARSSL 151Build the BearSSL library. 152.Pp 153BearSSL is a tiny SSL library suitable for embedded environments. 154For details see 155.Lk https://www.BearSSL.org/ 156.Pp 157This library is currently only used to perform 158signature verification and related operations 159for Verified Exec and 160.Xr loader 8 . 161.Pp 162Due to size constraints in the BIOS environment on x86, one may need to set 163.Va LOADERSIZE 164larger than the 165default 500000, although often loader is under the 500k limit even with 166this option. 167Setting 168.Va LOADERSIZE 169larger than 500000 may cause 170.Xr pxeboot 8 171to be too large to work. 172Careful testing of the loader in the target environment when built with a larger 173limit to establish safe limits is critical because different BIOS environments 174reserve differing amounts of the low 640k space, making a precise limit for 175everybody impossible. 176.Pp 177See also 178.Va WITH_LOADER_PXEBOOT 179for other considerations. 180When set, these options are also in effect: 181.Pp 182.Bl -inset -compact 183.It Va WITH_LOADER_EFI_SECUREBOOT 184(unless 185.Va WITHOUT_LOADER_EFI_SECUREBOOT 186is set explicitly) 187.It Va WITH_LOADER_VERIEXEC 188(unless 189.Va WITHOUT_LOADER_VERIEXEC 190is set explicitly) 191.It Va WITH_LOADER_VERIEXEC_VECTX 192(unless 193.Va WITHOUT_LOADER_VERIEXEC_VECTX 194is set explicitly) 195.It Va WITH_VERIEXEC 196(unless 197.Va WITHOUT_VERIEXEC 198is set explicitly) 199.El 200.It Va WITHOUT_BHYVE 201Do not build or install 202.Xr bhyve 8 , 203associated utilities, and examples. 204.Pp 205This option only affects amd64/amd64 and arm64/aarch64. 206.It Va WITH_BHYVE_SNAPSHOT 207Include support for save and restore (snapshots) in 208.Xr bhyve 8 209and 210.Xr bhyvectl 8 . 211.Pp 212This option only affects amd64/amd64. 213.It Va WITH_BIND_NOW 214Build all binaries with the 215.Dv DF_BIND_NOW 216flag set to indicate that the run-time loader should perform all relocation 217processing at process startup rather than on demand. 218The combination of the 219.Va BIND_NOW 220and 221.Va RELRO 222options provide "full" Relocation Read-Only (RELRO) support. 223With full RELRO the entire GOT is made read-only after performing relocation at 224startup, avoiding GOT overwrite attacks. 225.It Va WITHOUT_BLACKLIST 226Set this if you do not want to build 227.Xr blacklistd 8 228and 229.Xr blacklistctl 8 . 230When set, these options are also in effect: 231.Pp 232.Bl -inset -compact 233.It Va WITHOUT_BLACKLIST_SUPPORT 234(unless 235.Va WITH_BLACKLIST_SUPPORT 236is set explicitly) 237.El 238.It Va WITHOUT_BLACKLIST_SUPPORT 239Build some programs without 240.Xr libblacklist 3 241support, like 242.Xr fingerd 8 , 243.Xr ftpd 8 , 244and 245.Xr sshd 8 . 246.It Va WITHOUT_BLUETOOTH 247Do not build Bluetooth related kernel modules, programs and libraries. 248.It Va WITHOUT_BOOT 249Do not build the boot blocks and loader. 250.It Va WITHOUT_BOOTPARAMD 251Do not build or install 252.Xr bootparamd 8 . 253.It Va WITHOUT_BOOTPD 254Do not build or install 255.Xr bootpd 8 . 256.It Va WITH_BRANCH_PROTECTION 257Build with branch protection enabled. 258On arm64 enable the use of pointer authentication and 259branch target identification instructions on arm64. 260These can be used to help mitigate some exploit techniques. 261.It Va WITHOUT_BSDINSTALL 262Do not build 263.Xr bsdinstall 8 , 264.Xr sade 8 , 265and related programs. 266.It Va WITHOUT_BSD_CPIO 267Do not build the BSD licensed version of cpio based on 268.Xr libarchive 3 . 269.It Va WITHOUT_BSNMP 270Do not build or install 271.Xr bsnmpd 1 272and related libraries and data files. 273.It Va WITHOUT_BZIP2 274Do not build contributed bzip2 software as a part of the base system. 275.Bf -symbolic 276The option has no effect yet. 277.Ef 278When set, these options are also in effect: 279.Pp 280.Bl -inset -compact 281.It Va WITHOUT_BZIP2_SUPPORT 282(unless 283.Va WITH_BZIP2_SUPPORT 284is set explicitly) 285.El 286.It Va WITHOUT_BZIP2_SUPPORT 287Build some programs without optional bzip2 support. 288.It Va WITHOUT_CALENDAR 289Do not build 290.Xr calendar 1 . 291.It Va WITHOUT_CAROOT 292Do not add the trusted certificates from the Mozilla NSS bundle to 293base. 294.It Va WITHOUT_CASPER 295This option has no effect. 296.It Va WITH_CCACHE_BUILD 297Use 298.Xr ccache 1 299for the build. 300No configuration is required except to install the 301.Sy devel/ccache 302package. 303When using with 304.Xr distcc 1 , 305set 306.Sy CCACHE_PREFIX=/usr/local/bin/distcc . 307The default cache directory of 308.Pa $HOME/.ccache 309will be used, which can be overridden by setting 310.Sy CCACHE_DIR . 311The 312.Sy CCACHE_COMPILERCHECK 313option defaults to 314.Sy content 315when using the in-tree bootstrap compiler, 316and 317.Sy mtime 318when using an external compiler. 319The 320.Sy CCACHE_CPP2 321option is used for Clang but not GCC. 322.Pp 323Sharing a cache between multiple work directories requires using a layout 324similar to 325.Pa /some/prefix/src 326.Pa /some/prefix/obj 327and an environment such as: 328.Bd -literal -offset indent 329CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj' 330.Ed 331.Pp 332See 333.Xr ccache 1 334for more configuration options. 335.It Va WITHOUT_CCD 336Do not build 337.Xr geom_ccd 4 338and related utilities. 339.It Va WITHOUT_CDDL 340Do not build code licensed under Sun's CDDL. 341When set, it enforces these options: 342.Pp 343.Bl -item -compact 344.It 345.Va WITHOUT_CTF 346.It 347.Va WITHOUT_DTRACE 348.It 349.Va WITHOUT_LOADER_ZFS 350.It 351.Va WITHOUT_ZFS 352.El 353.It Va WITHOUT_CLANG 354Do not build the Clang C/C++ compiler during the regular phase of the build. 355When set, it enforces these options: 356.Pp 357.Bl -item -compact 358.It 359.Va WITHOUT_CLANG_EXTRAS 360.It 361.Va WITHOUT_CLANG_FORMAT 362.It 363.Va WITHOUT_CLANG_FULL 364.It 365.Va WITHOUT_LLVM_COV 366.El 367.Pp 368When set, these options are also in effect: 369.Pp 370.Bl -inset -compact 371.It Va WITHOUT_LLVM_TARGET_AARCH64 372(unless 373.Va WITH_LLVM_TARGET_AARCH64 374is set explicitly) 375.It Va WITHOUT_LLVM_TARGET_ALL 376(unless 377.Va WITH_LLVM_TARGET_ALL 378is set explicitly) 379.It Va WITHOUT_LLVM_TARGET_ARM 380(unless 381.Va WITH_LLVM_TARGET_ARM 382is set explicitly) 383.It Va WITHOUT_LLVM_TARGET_POWERPC 384(unless 385.Va WITH_LLVM_TARGET_POWERPC 386is set explicitly) 387.It Va WITHOUT_LLVM_TARGET_RISCV 388(unless 389.Va WITH_LLVM_TARGET_RISCV 390is set explicitly) 391.El 392.It Va WITHOUT_CLANG_BOOTSTRAP 393Do not build the Clang C/C++ compiler during the bootstrap phase of 394the build. 395To be able to build the system, either gcc or clang bootstrap must be 396enabled unless an alternate compiler is provided via XCC. 397.It Va WITH_CLANG_EXTRAS 398Build additional clang and llvm tools, such as bugpoint and 399clang-format. 400.It Va WITH_CLANG_FORMAT 401Build clang-format. 402.It Va WITHOUT_CLANG_FULL 403Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of 404the Clang C/C++ compiler. 405.It Va WITH_CLEAN 406Clean before building world and/or kernel. 407.It Va WITHOUT_CPP 408Do not build 409.Xr cpp 1 . 410.It Va WITHOUT_CROSS_COMPILER 411Do not build any cross compiler in the cross-tools stage of buildworld. 412When compiling a different version of 413.Fx 414than what is installed on the system, provide an alternate 415compiler with XCC to ensure success. 416When compiling with an identical version of 417.Fx 418to the host, this option may be safely used. 419This option may also be safe when the host version of 420.Fx 421is close to the sources being built, but all bets are off if there have 422been any changes to the toolchain between the versions. 423When set, it enforces these options: 424.Pp 425.Bl -item -compact 426.It 427.Va WITHOUT_CLANG_BOOTSTRAP 428.It 429.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 430.It 431.Va WITHOUT_LLD_BOOTSTRAP 432.El 433.It Va WITHOUT_CRYPT 434Do not build any crypto code. 435When set, it enforces these options: 436.Pp 437.Bl -item -compact 438.It 439.Va WITHOUT_DMAGENT 440.It 441.Va WITHOUT_KERBEROS 442.It 443.Va WITHOUT_KERBEROS_SUPPORT 444.It 445.Va WITHOUT_LDNS 446.It 447.Va WITHOUT_LDNS_UTILS 448.It 449.Va WITHOUT_LOADER_ZFS 450.It 451.Va WITHOUT_OPENSSH 452.It 453.Va WITHOUT_OPENSSL 454.It 455.Va WITHOUT_OPENSSL_KTLS 456.It 457.Va WITHOUT_PKGBOOTSTRAP 458.It 459.Va WITHOUT_UNBOUND 460.It 461.Va WITHOUT_ZFS 462.El 463.Pp 464When set, these options are also in effect: 465.Pp 466.Bl -inset -compact 467.It Va WITHOUT_GSSAPI 468(unless 469.Va WITH_GSSAPI 470is set explicitly) 471.El 472.It Va WITH_CTF 473Compile with CTF (Compact C Type Format) data. 474CTF data encapsulates a reduced form of debugging information 475similar to DWARF and the venerable stabs and is required for DTrace. 476.It Va WITHOUT_CUSE 477Do not build CUSE-related programs and libraries. 478.It Va WITHOUT_CXGBETOOL 479Do not build 480.Xr cxgbetool 8 481.Pp 482This is a default setting on 483arm/armv7, powerpc/powerpc and riscv/riscv64. 484.It Va WITH_CXGBETOOL 485Build 486.Xr cxgbetool 8 487.Pp 488This is a default setting on 489amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 490.It Va WITHOUT_DEBUG_FILES 491Avoid building or installing standalone debug files for each 492executable binary and shared library. 493.It Va WITH_DETECT_TZ_CHANGES 494Make the time handling code detect changes to the timezone files. 495.It Va WITH_DIALOG 496Do build 497.Xr dialog 1 , 498.Xr dialog 3 , 499.Xr dpv 1 , 500and 501.Xr dpv 3 . 502.It Va WITHOUT_DICT 503Do not build the Webster dictionary files. 504.It Va WITH_DIRDEPS_BUILD 505This is an alternate build system. 506For details see 507https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm. 508Build commands can be seen from the top-level with: 509.Dl make show-valid-targets 510The build is driven by dirdeps.mk using 511.Va DIRDEPS 512stored in 513Makefile.depend files found in each directory. 514.Pp 515The build can be started from anywhere, and behaves the same. 516The initial instance of 517.Xr make 1 518recursively reads 519.Va DIRDEPS 520from 521.Pa Makefile.depend , 522computing a graph of tree dependencies from the current origin. 523Setting 524.Va NO_DIRDEPS 525skips checking dirdep dependencies and will only build in the current 526and child directories. 527.Va NO_DIRDEPS_BELOW 528skips building any dirdeps and only build the current directory. 529.Pp 530This also utilizes the 531.Va WITH_META_MODE 532logic for incremental builds. 533.Pp 534The build hides commands executed unless 535.Va NO_SILENT 536is defined. 537.Pp 538Note that there is currently no mass install feature for this. 539This build is designed for producing packages, that can then be installed 540on a target system. 541.Pp 542The implementation in 543.Fx 544is incomplete. 545Completion would require leaf directories for building each kernel 546and package so that their dependencies can be tracked. 547When set, it enforces these options: 548.Pp 549.Bl -item -compact 550.It 551.Va WITH_INSTALL_AS_USER 552.El 553.Pp 554When set, these options are also in effect: 555.Pp 556.Bl -inset -compact 557.It Va WITH_META_ERROR_TARGET 558(unless 559.Va WITHOUT_META_ERROR_TARGET 560is set explicitly) 561.It Va WITH_META_MODE 562(unless 563.Va WITHOUT_META_MODE 564is set explicitly) 565.It Va WITH_STAGING 566(unless 567.Va WITHOUT_STAGING 568is set explicitly) 569.It Va WITH_STAGING_MAN 570(unless 571.Va WITHOUT_STAGING_MAN 572is set explicitly) 573.It Va WITH_STAGING_PROG 574(unless 575.Va WITHOUT_STAGING_PROG 576is set explicitly) 577.It Va WITH_SYSROOT 578(unless 579.Va WITHOUT_SYSROOT 580is set explicitly) 581.El 582.Pp 583This must be set in the environment, make command line, or 584.Pa /etc/src-env.conf , 585not 586.Pa /etc/src.conf . 587.It Va WITH_DIRDEPS_CACHE 588Cache result of dirdeps.mk which can save significant time 589for subsequent builds. 590Depends on 591.Va WITH_DIRDEPS_BUILD . 592.Pp 593This must be set in the environment, make command line, or 594.Pa /etc/src-env.conf , 595not 596.Pa /etc/src.conf . 597.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP 598Build 599.Xr etdump 1 , 600.Xr makefs 8 601and 602.Xr mkimg 1 603as bootstrap tools. 604.It Va WITHOUT_DMAGENT 605Do not build dma Mail Transport Agent. 606.It Va WITHOUT_DOCCOMPRESS 607Do not install compressed system documentation. 608Only the uncompressed version will be installed. 609.It Va WITHOUT_DTRACE 610Do not build DTrace framework kernel modules, libraries, and user commands. 611When set, it enforces these options: 612.Pp 613.Bl -item -compact 614.It 615.Va WITHOUT_CTF 616.El 617.It Va WITH_DTRACE_ASAN 618Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1)) 619with address and undefined behavior sanitizers. 620Requires that Clang be used as the base system compiler 621and that the runtime support library is available. 622.It Va WITH_DTRACE_TESTS 623Build and install the DTrace test suite in 624.Pa /usr/tests/cddl/usr.sbin/dtrace . 625This test suite is considered experimental on architectures other than 626amd64/amd64 and running it may cause system instability. 627.It Va WITHOUT_DYNAMICROOT 628Set this if you do not want to link 629.Pa /bin 630and 631.Pa /sbin 632dynamically. 633.It Va WITHOUT_EE 634Do not build and install 635.Xr edit 1 , 636.Xr ee 1 , 637and related programs. 638.It Va WITHOUT_EFI 639Set not to build 640.Xr efivar 3 641and 642.Xr efivar 8 . 643.Pp 644This is a default setting on 645i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 646.It Va WITH_EFI 647Build 648.Xr efivar 3 649and 650.Xr efivar 8 . 651.Pp 652This is a default setting on 653amd64/amd64, arm/armv7 and arm64/aarch64. 654.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP 655Do not build ELF Tool Chain tools 656(addr2line, nm, size, strings and strip) 657as part of the bootstrap process. 658.Bf -symbolic 659An alternate bootstrap tool chain must be provided. 660.Ef 661.It Va WITHOUT_EXAMPLES 662Avoid installing examples to 663.Pa /usr/share/examples/ . 664.It Va WITH_EXPERIMENTAL 665Include experimental features in the build. 666.It Va WITHOUT_FDT 667Do not build Flattened Device Tree support as part of the base system. 668This includes the device tree compiler (dtc) and libfdt support library. 669.Pp 670This is a default setting on 671amd64/amd64 and i386/i386. 672.It Va WITH_FDT 673Build Flattened Device Tree support as part of the base system. 674This includes the device tree compiler (dtc) and libfdt support library. 675.Pp 676This is a default setting on 677arm/armv7, arm64/aarch64, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 678.It Va WITHOUT_FILE 679Do not build 680.Xr file 1 681and related programs. 682.It Va WITHOUT_FINGER 683Do not build or install 684.Xr finger 1 685and 686.Xr fingerd 8 . 687.It Va WITHOUT_FLOPPY 688Do not build or install programs 689for operating floppy disk driver. 690.It Va WITHOUT_FORMAT_EXTENSIONS 691Do not enable 692.Fl fformat-extensions 693when compiling the kernel. 694Also disables all format checking. 695.It Va WITHOUT_FORTH 696Build bootloaders without Forth support. 697.It Va WITHOUT_FP_LIBC 698Build 699.Nm libc 700without floating-point support. 701.It Va WITHOUT_FREEBSD_UPDATE 702Do not build 703.Xr freebsd-update 8 . 704.It Va WITHOUT_FTP 705Do not build or install 706.Xr ftp 1 707and 708.Xr ftpd 8 . 709.It Va WITHOUT_GAMES 710Do not build games. 711.It Va WITHOUT_GH_BC 712Install the traditional FreeBSD 713.Xr bc 1 714and 715.Xr dc 1 716programs instead of the enhanced versions. 717.It Va WITHOUT_GNU_DIFF 718Do not build GNU 719.Xr diff3 1 . 720.It Va WITHOUT_GOOGLETEST 721Neither build nor install 722.Lb libgmock , 723.Lb libgtest , 724and dependent tests. 725.It Va WITHOUT_GPIO 726Do not build 727.Xr gpioctl 8 728as part of the base system. 729.It Va WITHOUT_GSSAPI 730Do not build libgssapi. 731.It Va WITHOUT_HAST 732Do not build 733.Xr hastd 8 734and related utilities. 735.It Va WITH_HESIOD 736Build Hesiod support. 737.It Va WITHOUT_HTML 738Do not build HTML docs. 739.It Va WITHOUT_HYPERV 740Do not build or install HyperV utilities. 741.Pp 742This is a default setting on 743arm/armv7, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 744.It Va WITH_HYPERV 745Build or install HyperV utilities. 746.Pp 747This is a default setting on 748amd64/amd64, arm64/aarch64 and i386/i386. 749.It Va WITHOUT_ICONV 750Do not build iconv as part of libc. 751.It Va WITHOUT_INCLUDES 752Do not install header files. 753This option used to be spelled 754.Va NO_INCS . 755.Bf -symbolic 756The option does not work for build targets. 757.Ef 758.It Va WITHOUT_INET 759Do not build programs and libraries related to IPv4 networking. 760When set, it enforces these options: 761.Pp 762.Bl -item -compact 763.It 764.Va WITHOUT_INET_SUPPORT 765.El 766.It Va WITHOUT_INET6 767Do not build 768programs and libraries related to IPv6 networking. 769When set, it enforces these options: 770.Pp 771.Bl -item -compact 772.It 773.Va WITHOUT_INET6_SUPPORT 774.El 775.It Va WITHOUT_INET6_SUPPORT 776Build libraries, programs, and kernel modules without IPv6 support. 777.It Va WITHOUT_INETD 778Do not build 779.Xr inetd 8 . 780.It Va WITHOUT_INET_SUPPORT 781Build libraries, programs, and kernel modules without IPv4 support. 782.It Va WITHOUT_INSTALLLIB 783Set this to not install optional libraries. 784For example, when creating a 785.Xr nanobsd 8 786image. 787.Bf -symbolic 788The option does not work for build targets. 789.Ef 790.It Va WITH_INSTALL_AS_USER 791Make install targets succeed for non-root users by installing 792files with owner and group attributes set to that of the user running 793the 794.Xr make 1 795command. 796The user still must set the 797.Va DESTDIR 798variable to point to a directory where the user has write permissions. 799.It Va WITHOUT_IPFILTER 800Do not build IP Filter package. 801.It Va WITHOUT_IPFW 802Do not build IPFW tools. 803.It Va WITHOUT_IPSEC_SUPPORT 804Do not build the kernel with 805.Xr ipsec 4 806support. 807This option is needed for 808.Xr ipsec 4 809and 810.Xr tcpmd5 4 . 811.It Va WITHOUT_ISCSI 812Do not build 813.Xr iscsid 8 814and related utilities. 815.It Va WITHOUT_JAIL 816Do not build tools for the support of jails; e.g., 817.Xr jail 8 . 818.It Va WITHOUT_KDUMP 819Do not build 820.Xr kdump 1 821and 822.Xr truss 1 . 823.It Va WITHOUT_KERBEROS 824Set this to not build Kerberos 5 (KTH Heimdal). 825When set, these options are also in effect: 826.Pp 827.Bl -inset -compact 828.It Va WITHOUT_GSSAPI 829(unless 830.Va WITH_GSSAPI 831is set explicitly) 832.It Va WITHOUT_KERBEROS_SUPPORT 833(unless 834.Va WITH_KERBEROS_SUPPORT 835is set explicitly) 836.El 837.It Va WITHOUT_KERBEROS_SUPPORT 838Build some programs without Kerberos support, like 839.Xr ssh 1 , 840.Xr telnet 1 , 841and 842.Xr sshd 8 . 843.It Va WITH_KERNEL_BIN 844Generate and install kernel.bin from kernel as part of the normal build and 845install processes for the kernel. Available only on arm and arm64. 846 847Usually this will be added to the kernel config file with: 848 849makeoptions WITH_KERNEL_BIN=1 850 851though it can also be used on the command line. 852.It Va WITH_KERNEL_RETPOLINE 853Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel 854build. 855.It Va WITHOUT_KERNEL_SYMBOLS 856Do not install standalone kernel debug symbol files. 857This option has no effect at build time. 858.It Va WITHOUT_KVM 859Do not build the 860.Nm libkvm 861library as a part of the base system. 862.Bf -symbolic 863The option has no effect yet. 864.Ef 865When set, these options are also in effect: 866.Pp 867.Bl -inset -compact 868.It Va WITHOUT_KVM_SUPPORT 869(unless 870.Va WITH_KVM_SUPPORT 871is set explicitly) 872.El 873.It Va WITHOUT_KVM_SUPPORT 874Build some programs without optional 875.Nm libkvm 876support. 877.It Va WITHOUT_LDNS 878Setting this variable will prevent the LDNS library from being built. 879When set, it enforces these options: 880.Pp 881.Bl -item -compact 882.It 883.Va WITHOUT_LDNS_UTILS 884.It 885.Va WITHOUT_UNBOUND 886.El 887.It Va WITHOUT_LDNS_UTILS 888Setting this variable will prevent building the LDNS utilities 889.Xr drill 1 890and 891.Xr host 1 . 892.It Va WITHOUT_LEGACY_CONSOLE 893Do not build programs that support a legacy PC console; e.g., 894.Xr kbdcontrol 1 895and 896.Xr vidcontrol 1 . 897.It Va WITHOUT_LIB32 898On 64-bit platforms, do not build 32-bit library set and a 899.Nm ld-elf32.so.1 900runtime linker. 901.Pp 902This is a default setting on 903arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64. 904.It Va WITH_LIB32 905On 64-bit platforms, build the 32-bit library set and a 906.Nm ld-elf32.so.1 907runtime linker. 908.Pp 909This is a default setting on 910amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 911.It Va WITHOUT_LLD 912Do not build LLVM's lld linker. 913.It Va WITHOUT_LLDB 914Do not build the LLDB debugger. 915.Pp 916This is a default setting on 917arm/armv7 and riscv/riscv64. 918.It Va WITH_LLDB 919Build the LLDB debugger. 920.Pp 921This is a default setting on 922amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 923.It Va WITHOUT_LLD_BOOTSTRAP 924Do not build the LLD linker during the bootstrap phase of 925the build. 926To be able to build the system an alternate linker must be provided via XLD. 927.It Va WITHOUT_LLVM_ASSERTIONS 928Disable debugging assertions in LLVM. 929.It Va WITH_LLVM_BINUTILS 930Install LLVM's binutils (without an llvm- prefix), 931instead of ELF Tool Chain's tools. 932This includes 933.Xr addr2line 1 , 934.Xr ar 1 , 935.Xr nm 1 , 936.Xr objcopy 1 , 937.Xr ranlib 1 , 938.Xr readelf 1 , 939.Xr size 1 , 940and 941.Xr strip 1 . 942Regardless of this setting, LLVM tools are used for 943.Xr c++filt 1 944and 945.Xr objdump 1 . 946.Xr strings 1 947is always provided by ELF Tool Chain. 948.It Va WITHOUT_LLVM_COV 949Do not build the 950.Xr llvm-cov 1 951tool. 952.It Va WITHOUT_LLVM_CXXFILT 953Install ELF Tool Chain's cxxfilt as c++filt, instead of LLVM's llvm-cxxfilt. 954.It Va WITH_LLVM_FULL_DEBUGINFO 955Generate full debug information for LLVM libraries and tools, which uses 956more disk space and build resources, but allows for easier debugging. 957.It Va WITHOUT_LLVM_TARGET_AARCH64 958Do not build LLVM target support for AArch64. 959The 960.Va LLVM_TARGET_ALL 961option should be used rather than this in most cases. 962.It Va WITHOUT_LLVM_TARGET_ALL 963Only build the required LLVM target support. 964This option is preferred to specific target support options. 965When set, these options are also in effect: 966.Pp 967.Bl -inset -compact 968.It Va WITHOUT_LLVM_TARGET_AARCH64 969(unless 970.Va WITH_LLVM_TARGET_AARCH64 971is set explicitly) 972.It Va WITHOUT_LLVM_TARGET_ARM 973(unless 974.Va WITH_LLVM_TARGET_ARM 975is set explicitly) 976.It Va WITHOUT_LLVM_TARGET_POWERPC 977(unless 978.Va WITH_LLVM_TARGET_POWERPC 979is set explicitly) 980.It Va WITHOUT_LLVM_TARGET_RISCV 981(unless 982.Va WITH_LLVM_TARGET_RISCV 983is set explicitly) 984.El 985.It Va WITHOUT_LLVM_TARGET_ARM 986Do not build LLVM target support for ARM. 987The 988.Va LLVM_TARGET_ALL 989option should be used rather than this in most cases. 990.It Va WITH_LLVM_TARGET_BPF 991Build LLVM target support for BPF. 992The 993.Va LLVM_TARGET_ALL 994option should be used rather than this in most cases. 995.It Va WITH_LLVM_TARGET_MIPS 996Build LLVM target support for MIPS. 997The 998.Va LLVM_TARGET_ALL 999option should be used rather than this in most cases. 1000.It Va WITHOUT_LLVM_TARGET_POWERPC 1001Do not build LLVM target support for PowerPC. 1002The 1003.Va LLVM_TARGET_ALL 1004option should be used rather than this in most cases. 1005.It Va WITHOUT_LLVM_TARGET_RISCV 1006Do not build LLVM target support for RISC-V. 1007The 1008.Va LLVM_TARGET_ALL 1009option should be used rather than this in most cases. 1010.It Va WITHOUT_LLVM_TARGET_X86 1011Do not build LLVM target support for X86. 1012The 1013.Va LLVM_TARGET_ALL 1014option should be used rather than this in most cases. 1015.It Va WITH_LOADER_BIOS_TEXTONLY 1016Use the old, FreeBSD 12 vidconsole.c. 1017This only supports text mode without teken, without any graphics, font or video mode support. 1018This setting only affects the i386 and amd64 BIOS boot loader. 1019.It Va WITH_LOADER_EFI_SECUREBOOT 1020Enable building 1021.Xr loader 8 1022with support for verification based on certificates obtained from UEFI. 1023.It Va WITHOUT_LOADER_GELI 1024Disable inclusion of GELI crypto support in the boot chain binaries. 1025.Pp 1026This is a default setting on 1027powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 1028.It Va WITH_LOADER_GELI 1029Build GELI bootloader support. 1030.Pp 1031This is a default setting on 1032amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1033.It Va WITHOUT_LOADER_KBOOT 1034Do not build kboot, a linuxboot environment loader 1035.Pp 1036This is a default setting on 1037arm/armv7, i386/i386, powerpc/powerpc, powerpc/powerpc64le and riscv/riscv64. 1038.It Va WITH_LOADER_KBOOT 1039Build kboot, a linuxboot environment loader 1040.Pp 1041This is a default setting on 1042amd64/amd64, arm64/aarch64 and powerpc/powerpc64. 1043.It Va WITHOUT_LOADER_LUA 1044Do not build LUA bindings for the boot loader. 1045.Pp 1046This is a default setting on 1047powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 1048.It Va WITH_LOADER_LUA 1049Build LUA bindings for the boot loader. 1050.Pp 1051This is a default setting on 1052amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1053.It Va WITHOUT_LOADER_OFW 1054Disable building of openfirmware bootloader components. 1055.Pp 1056This is a default setting on 1057amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64. 1058.It Va WITH_LOADER_OFW 1059Build openfirmware bootloader components. 1060.Pp 1061This is a default setting on 1062powerpc/powerpc, powerpc/powerpc64 and powerpc/powerpc64le. 1063.It Va WITHOUT_LOADER_PXEBOOT 1064Do not build pxeboot on i386/amd64. 1065When the pxeboot is too large, or unneeded, it may be disabled with this option. 1066See 1067.Va WITH_LOADER_PXEBOOT 1068for how to adjust the defaults when you need both a larger 1069.Pa /boot/loader 1070and 1071.Pa /boot/pxeboot 1072.Pp 1073This option only has an effect on x86. 1074.It Va WITHOUT_LOADER_UBOOT 1075Disable building of ubldr. 1076.Pp 1077This is a default setting on 1078amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64. 1079.It Va WITH_LOADER_UBOOT 1080Build ubldr. 1081.Pp 1082This is a default setting on 1083arm/armv7, powerpc/powerpc and powerpc/powerpc64. 1084.It Va WITH_LOADER_VERBOSE 1085Build with extra verbose debugging in the loader. 1086May explode already nearly too large loader over the limit. 1087Use with care. 1088.It Va WITH_LOADER_VERIEXEC 1089Enable building 1090.Xr loader 8 1091with support for verification similar to Verified Exec. 1092.Pp 1093Depends on 1094.Va WITH_BEARSSL . 1095May require a larger 1096.Va LOADERSIZE . 1097When set, these options are also in effect: 1098.Pp 1099.Bl -inset -compact 1100.It Va WITH_LOADER_EFI_SECUREBOOT 1101(unless 1102.Va WITHOUT_LOADER_EFI_SECUREBOOT 1103is set explicitly) 1104.It Va WITH_LOADER_VERIEXEC_VECTX 1105(unless 1106.Va WITHOUT_LOADER_VERIEXEC_VECTX 1107is set explicitly) 1108.El 1109.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST 1110Enable building 1111.Xr loader 8 1112with support to pass a verified manifest to the kernel. 1113The kernel has to be built with a module to parse the manifest. 1114.Pp 1115Depends on 1116.Va WITH_LOADER_VERIEXEC . 1117.It Va WITH_LOADER_VERIEXEC_VECTX 1118Enable building 1119.Xr loader 8 1120with support for hashing and verifying kernel and modules as a side effect 1121of loading. 1122.Pp 1123Depends on 1124.Va WITH_LOADER_VERIEXEC . 1125.It Va WITHOUT_LOADER_ZFS 1126Do not build ZFS file system boot loader support. 1127.It Va WITHOUT_LOCALES 1128Do not build localization files; see 1129.Xr locale 1 . 1130.It Va WITHOUT_LOCATE 1131Do not build 1132.Xr locate 1 1133and related programs. 1134.It Va WITHOUT_LPR 1135Do not build 1136.Xr lpr 1 1137and related programs. 1138.It Va WITHOUT_LS_COLORS 1139Build 1140.Xr ls 1 1141without support for colors to distinguish file types. 1142.It Va WITHOUT_MACHDEP_OPTIMIZATIONS 1143Prefer machine-independent non-assembler code in libc and libm. 1144.It Va WITHOUT_MAIL 1145Do not build any mail support (MUA or MTA). 1146When set, it enforces these options: 1147.Pp 1148.Bl -item -compact 1149.It 1150.Va WITHOUT_DMAGENT 1151.It 1152.Va WITHOUT_MAILWRAPPER 1153.It 1154.Va WITHOUT_SENDMAIL 1155.El 1156.It Va WITHOUT_MAILWRAPPER 1157Do not build the 1158.Xr mailwrapper 8 1159MTA selector. 1160.It Va WITHOUT_MAKE 1161Do not install 1162.Xr make 1 1163and related support files. 1164.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX 1165Do not execute 1166.Dq Li "make check" 1167in limited sandbox mode. 1168This option should be paired with 1169.Va WITH_INSTALL_AS_USER 1170if executed as an unprivileged user. 1171See 1172.Xr tests 7 1173for more details. 1174.It Va WITH_MALLOC_PRODUCTION 1175Disable assertions and statistics gathering in 1176.Xr malloc 3 . 1177It also defaults the A and J runtime options to off. 1178.It Va WITHOUT_MAN 1179Do not build manual pages. 1180When set, these options are also in effect: 1181.Pp 1182.Bl -inset -compact 1183.It Va WITHOUT_MAN_UTILS 1184(unless 1185.Va WITH_MAN_UTILS 1186is set explicitly) 1187.El 1188.It Va WITHOUT_MANCOMPRESS 1189Do not install compressed man pages. 1190Only the uncompressed versions will be installed. 1191.It Va WITHOUT_MANSPLITPKG 1192Do not split man pages into their own packages during make package. 1193.It Va WITHOUT_MAN_UTILS 1194Do not build utilities for manual pages, 1195.Xr apropos 1 , 1196.Xr makewhatis 1 , 1197.Xr man 1 , 1198.Xr whatis 1 , 1199.Xr manctl 8 , 1200and related support files. 1201.It Va WITH_META_ERROR_TARGET 1202Enable the META_MODE .ERROR target. 1203.Pp 1204This target will copy the meta file of a failed target 1205to 1206.Va ERROR_LOGDIR 1207(default is 1208.Ql ${SRCTOP:H}/error ) 1209to help with failure analysis. 1210Depends on 1211.Va WITH_META_MODE . 1212This default when 1213.Va WITH_DIRDEPS_BUILD 1214is set. 1215.Pp 1216This must be set in the environment, make command line, or 1217.Pa /etc/src-env.conf , 1218not 1219.Pa /etc/src.conf . 1220.It Va WITH_META_MODE 1221Create 1222.Xr make 1 1223meta files when building, which can provide a reliable incremental build when 1224using 1225.Xr filemon 4 . 1226The meta file is created in OBJDIR as 1227.Pa target.meta . 1228These meta files track the command that was executed, its output, and the 1229current directory. 1230The 1231.Xr filemon 4 1232module is required unless 1233.Va NO_FILEMON 1234is defined. 1235When the module is loaded, any files used by the commands executed are 1236tracked as dependencies for the target in its meta file. 1237The target is considered out-of-date and rebuilt if any of these 1238conditions are true compared to the last build: 1239.Bl -bullet -compact 1240.It 1241The command to execute changes. 1242.It 1243The current working directory changes. 1244.It 1245The target's meta file is missing. 1246.It 1247The target's meta file is missing filemon data when filemon is loaded 1248and a previous run did not have it loaded. 1249.It 1250[requires 1251.Xr filemon 4 ] 1252Files read, executed or linked to are newer than the target. 1253.It 1254[requires 1255.Xr filemon 4 ] 1256Files read, written, executed or linked are missing. 1257.El 1258The meta files can also be useful for debugging. 1259.Pp 1260The build hides commands that are executed unless 1261.Va NO_SILENT 1262is defined. 1263Errors cause 1264.Xr make 1 1265to show some of its environment for further debugging. 1266.Pp 1267The build operates as it normally would otherwise. 1268This option originally invoked a different build system but that was renamed 1269to 1270.Va WITH_DIRDEPS_BUILD . 1271.Pp 1272This must be set in the environment, make command line, or 1273.Pa /etc/src-env.conf , 1274not 1275.Pa /etc/src.conf . 1276.It Va WITHOUT_MLX5TOOL 1277Do not build 1278.Xr mlx5tool 8 1279.Pp 1280This is a default setting on 1281arm/armv7, powerpc/powerpc and riscv/riscv64. 1282.It Va WITH_MLX5TOOL 1283Build 1284.Xr mlx5tool 8 1285.Pp 1286This is a default setting on 1287amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. 1288.It Va WITHOUT_NETCAT 1289Do not build 1290.Xr nc 1 1291utility. 1292.It Va WITHOUT_NETGRAPH 1293Do not build applications to support 1294.Xr netgraph 4 . 1295When set, it enforces these options: 1296.Pp 1297.Bl -item -compact 1298.It 1299.Va WITHOUT_BLUETOOTH 1300.El 1301.Pp 1302When set, these options are also in effect: 1303.Pp 1304.Bl -inset -compact 1305.It Va WITHOUT_NETGRAPH_SUPPORT 1306(unless 1307.Va WITH_NETGRAPH_SUPPORT 1308is set explicitly) 1309.El 1310.It Va WITHOUT_NETGRAPH_SUPPORT 1311Build libraries, programs, and kernel modules without netgraph support. 1312.It Va WITHOUT_NETLINK 1313Do not build 1314.Xr genl 1 1315utility. 1316.It Va WITHOUT_NETLINK_SUPPORT 1317Make libraries and programs use rtsock and 1318.Xr sysctl 3 1319interfaces instead of 1320.Xr snl 3 . 1321.It Va WITHOUT_NIS 1322Do not build 1323.Xr NIS 8 1324support and related programs. 1325If set, you might need to adopt your 1326.Xr nsswitch.conf 5 1327and remove 1328.Sq nis 1329entries. 1330.It Va WITHOUT_NLS 1331Do not build NLS catalogs. 1332When set, it enforces these options: 1333.Pp 1334.Bl -item -compact 1335.It 1336.Va WITHOUT_NLS_CATALOGS 1337.El 1338.It Va WITHOUT_NLS_CATALOGS 1339Do not build NLS catalog support for 1340.Xr csh 1 . 1341.It Va WITHOUT_NS_CACHING 1342Disable name caching in the 1343.Pa nsswitch 1344subsystem. 1345The generic caching daemon, 1346.Xr nscd 8 , 1347will not be built either if this option is set. 1348.It Va WITHOUT_NTP 1349Do not build 1350.Xr ntpd 8 1351and related programs. 1352.It Va WITHOUT_NUAGEINIT 1353Do not install the limited cloud init support scripts. 1354.It Va WITHOUT_OFED 1355Do not build the 1356.Dq "OpenFabrics Enterprise Distribution" 1357InfiniBand software stack, including kernel modules and userspace libraries. 1358.Pp 1359This is a default setting on 1360arm/armv7. 1361When set, it enforces these options: 1362.Pp 1363.Bl -item -compact 1364.It 1365.Va WITHOUT_OFED_EXTRA 1366.El 1367.It Va WITH_OFED 1368Build the 1369.Dq "OpenFabrics Enterprise Distribution" 1370InfiniBand software stack, including kernel modules and userspace libraries. 1371.Pp 1372This is a default setting on 1373amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1374.It Va WITH_OFED_EXTRA 1375Build the non-essential components of the 1376.Dq "OpenFabrics Enterprise Distribution" 1377Infiniband software stack, mostly examples. 1378.It Va WITH_OPENLDAP 1379Enable building LDAP support for kerberos using an openldap client from ports. 1380.It Va WITHOUT_OPENMP 1381Do not build LLVM's OpenMP runtime. 1382.Pp 1383This is a default setting on 1384arm/armv7 and powerpc/powerpc. 1385.It Va WITH_OPENMP 1386Build LLVM's OpenMP runtime. 1387.Pp 1388This is a default setting on 1389amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1390.It Va WITHOUT_OPENSSH 1391Do not build OpenSSH. 1392.It Va WITHOUT_OPENSSL 1393Do not build OpenSSL. 1394When set, it enforces these options: 1395.Pp 1396.Bl -item -compact 1397.It 1398.Va WITHOUT_DMAGENT 1399.It 1400.Va WITHOUT_KERBEROS 1401.It 1402.Va WITHOUT_KERBEROS_SUPPORT 1403.It 1404.Va WITHOUT_LDNS 1405.It 1406.Va WITHOUT_LDNS_UTILS 1407.It 1408.Va WITHOUT_LOADER_ZFS 1409.It 1410.Va WITHOUT_OPENSSH 1411.It 1412.Va WITHOUT_OPENSSL_KTLS 1413.It 1414.Va WITHOUT_PKGBOOTSTRAP 1415.It 1416.Va WITHOUT_UNBOUND 1417.It 1418.Va WITHOUT_ZFS 1419.El 1420.Pp 1421When set, these options are also in effect: 1422.Pp 1423.Bl -inset -compact 1424.It Va WITHOUT_GSSAPI 1425(unless 1426.Va WITH_GSSAPI 1427is set explicitly) 1428.El 1429.It Va WITHOUT_OPENSSL_KTLS 1430Do not include kernel TLS support in OpenSSL. 1431.Pp 1432This is a default setting on 1433arm/armv7, i386/i386, powerpc/powerpc and riscv/riscv64. 1434.It Va WITH_OPENSSL_KTLS 1435Include kernel TLS support in OpenSSL. 1436.Pp 1437This is a default setting on 1438amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le. 1439.It Va WITHOUT_PAM 1440Do not build PAM library and modules. 1441.Bf -symbolic 1442This option is deprecated and does nothing. 1443.Ef 1444When set, these options are also in effect: 1445.Pp 1446.Bl -inset -compact 1447.It Va WITHOUT_PAM_SUPPORT 1448(unless 1449.Va WITH_PAM_SUPPORT 1450is set explicitly) 1451.El 1452.It Va WITHOUT_PAM_SUPPORT 1453Build some programs without PAM support, particularly 1454.Xr ftpd 8 1455and 1456.Xr ppp 8 . 1457.It Va WITHOUT_PF 1458Do not build PF firewall package. 1459When set, it enforces these options: 1460.Pp 1461.Bl -item -compact 1462.It 1463.Va WITHOUT_AUTHPF 1464.El 1465.It Va WITHOUT_PIE 1466Do not build dynamically linked binaries as 1467Position-Independent Executable (PIE). 1468.Pp 1469This is a default setting on 1470arm/armv7, i386/i386 and powerpc/powerpc. 1471.It Va WITH_PIE 1472Build dynamically linked binaries as 1473Position-Independent Executable (PIE). 1474.Pp 1475This is a default setting on 1476amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64. 1477.It Va WITHOUT_PKGBOOTSTRAP 1478Do not build 1479.Xr pkg 7 1480bootstrap tool. 1481.It Va WITHOUT_PMC 1482Do not build 1483.Xr pmccontrol 8 1484and related programs. 1485.It Va WITHOUT_PPP 1486Do not build 1487.Xr ppp 8 1488and related programs. 1489.It Va WITH_PROFILE 1490Build profiled libraries for use with 1491.Xr gprof 8 . 1492This option is deprecated and may not be present in a future version of 1493.Fx . 1494.It Va WITHOUT_PTHREADS_ASSERTIONS 1495Disable debugging assertions in pthreads library. 1496.It Va WITHOUT_QUOTAS 1497Do not build 1498.Xr quota 1 1499and related programs. 1500.It Va WITHOUT_RADIUS_SUPPORT 1501Do not build radius support into various applications, like 1502.Xr pam_radius 8 1503and 1504.Xr ppp 8 . 1505.It Va WITH_RATELIMIT 1506Build the system with rate limit support. 1507.Pp 1508This makes 1509.Dv SO_MAX_PACING_RATE 1510effective in 1511.Xr getsockopt 2 , 1512and 1513.Ar txrlimit 1514support in 1515.Xr ifconfig 8 , 1516by proxy. 1517.It Va WITHOUT_RBOOTD 1518Do not build or install 1519.Xr rbootd 8 . 1520.It Va WITHOUT_RELRO 1521Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation. 1522See also the 1523.Va BIND_NOW 1524option. 1525.It Va WITH_REPRODUCIBLE_BUILD 1526Exclude build metadata (such as the build time, user, or host) 1527from the kernel, boot loaders, and uname output, so that builds produce 1528bit-for-bit identical output. 1529.It Va WITHOUT_RESCUE 1530Do not build 1531.Xr rescue 8 . 1532.It Va WITH_RETPOLINE 1533Build the base system with the retpoline speculative execution 1534vulnerability mitigation for CVE-2017-5715. 1535.It Va WITHOUT_ROUTED 1536Do not build 1537.Xr routed 8 1538utility. 1539.It Va WITH_RPCBIND_WARMSTART_SUPPORT 1540Build 1541.Xr rpcbind 8 1542with warmstart support. 1543.It Va WITHOUT_SCTP_SUPPORT 1544Disable support in the kernel for the 1545.Xr sctp 4 1546Stream Control Transmission Protocol 1547loadable kernel module. 1548.It Va WITHOUT_SENDMAIL 1549Do not build 1550.Xr sendmail 8 1551and related programs. 1552.It Va WITHOUT_SERVICESDB 1553Do not install 1554.Pa /var/db/services.db . 1555.It Va WITHOUT_SETUID_LOGIN 1556Set this to disable the installation of 1557.Xr login 1 1558as a set-user-ID root program. 1559.It Va WITHOUT_SHAREDOCS 1560Do not build the 1561.Bx 4.4 1562legacy docs. 1563.It Va WITH_SORT_THREADS 1564Enable threads in 1565.Xr sort 1 . 1566.It Va WITHOUT_SOURCELESS 1567Do not build kernel modules that include sourceless code (either microcode or native code for host CPU). 1568When set, it enforces these options: 1569.Pp 1570.Bl -item -compact 1571.It 1572.Va WITHOUT_SOURCELESS_HOST 1573.It 1574.Va WITHOUT_SOURCELESS_UCODE 1575.El 1576.It Va WITHOUT_SOURCELESS_HOST 1577Do not build kernel modules that include sourceless native code for host CPU. 1578.It Va WITHOUT_SOURCELESS_UCODE 1579Do not build kernel modules that include sourceless microcode. 1580.It Va WITHOUT_SPLIT_KERNEL_DEBUG 1581Do not build standalone kernel debug files. 1582Debug data (if enabled by the kernel configuration file) 1583will be included in the kernel and modules. 1584When set, it enforces these options: 1585.Pp 1586.Bl -item -compact 1587.It 1588.Va WITHOUT_KERNEL_SYMBOLS 1589.El 1590.It Va WITHOUT_SSP 1591Do not build world with stack smashing protection. 1592See 1593.Xr security 7 1594for more information. 1595.It Va WITH_STAGING 1596Enable staging of files to a stage tree. 1597This can be best thought of as auto-install to 1598.Va DESTDIR 1599with some extra meta data to ensure dependencies can be tracked. 1600Depends on 1601.Va WITH_DIRDEPS_BUILD . 1602When set, these options are also in effect: 1603.Pp 1604.Bl -inset -compact 1605.It Va WITH_STAGING_MAN 1606(unless 1607.Va WITHOUT_STAGING_MAN 1608is set explicitly) 1609.It Va WITH_STAGING_PROG 1610(unless 1611.Va WITHOUT_STAGING_PROG 1612is set explicitly) 1613.El 1614.Pp 1615This must be set in the environment, make command line, or 1616.Pa /etc/src-env.conf , 1617not 1618.Pa /etc/src.conf . 1619.It Va WITH_STAGING_MAN 1620Enable staging of man pages to stage tree. 1621.It Va WITH_STAGING_PROG 1622Enable staging of PROGs to stage tree. 1623.It Va WITH_STALE_STAGED 1624Check staged files are not stale. 1625.It Va WITHOUT_STATS 1626Neither build nor install 1627.Lb libstats 1628and dependent binaries. 1629.It Va WITHOUT_SYSCONS 1630Do not build 1631.Xr syscons 4 1632support files such as keyboard maps, fonts, and screen output maps. 1633.It Va WITH_SYSROOT 1634Enable use of sysroot during build. 1635Depends on 1636.Va WITH_DIRDEPS_BUILD . 1637.Pp 1638This must be set in the environment, make command line, or 1639.Pa /etc/src-env.conf , 1640not 1641.Pa /etc/src.conf . 1642.It Va WITHOUT_SYSTEM_COMPILER 1643Do not opportunistically skip building a cross-compiler during the 1644bootstrap phase of the build. 1645Normally, if the currently installed compiler matches the planned bootstrap 1646compiler type and revision, then it will not be built. 1647This does not prevent a compiler from being built for installation though, 1648only for building one for the build itself. 1649The 1650.Va WITHOUT_CLANG 1651option controls that. 1652.It Va WITHOUT_SYSTEM_LINKER 1653Do not opportunistically skip building a cross-linker during the 1654bootstrap phase of the build. 1655Normally, if the currently installed linker matches the planned bootstrap 1656linker type and revision, then it will not be built. 1657This does not prevent a linker from being built for installation though, 1658only for building one for the build itself. 1659The 1660.Va WITHOUT_LLD 1661option controls that. 1662.Pp 1663This option is only relevant when 1664.Va WITH_LLD_BOOTSTRAP 1665is set. 1666.It Va WITHOUT_TALK 1667Do not build or install 1668.Xr talk 1 1669and 1670.Xr talkd 8 . 1671.It Va WITHOUT_TCP_WRAPPERS 1672Do not build or install 1673.Xr tcpd 8 , 1674and related utilities. 1675.It Va WITHOUT_TCSH 1676Do not build and install 1677.Pa /bin/csh 1678(which is 1679.Xr tcsh 1 ) . 1680.It Va WITHOUT_TELNET 1681Do not build 1682.Xr telnet 1 1683and related programs. 1684.It Va WITHOUT_TESTS 1685Do not build nor install the 1686.Fx 1687Test Suite in 1688.Pa /usr/tests/ . 1689See 1690.Xr tests 7 1691for more details. 1692This also disables the build of all test-related dependencies, including ATF. 1693When set, it enforces these options: 1694.Pp 1695.Bl -item -compact 1696.It 1697.Va WITHOUT_DTRACE_TESTS 1698.El 1699.Pp 1700When set, these options are also in effect: 1701.Pp 1702.Bl -inset -compact 1703.It Va WITHOUT_GOOGLETEST 1704(unless 1705.Va WITH_GOOGLETEST 1706is set explicitly) 1707.It Va WITHOUT_TESTS_SUPPORT 1708(unless 1709.Va WITH_TESTS_SUPPORT 1710is set explicitly) 1711.El 1712.It Va WITHOUT_TESTS_SUPPORT 1713Disable the build of all test-related dependencies, including ATF. 1714When set, it enforces these options: 1715.Pp 1716.Bl -item -compact 1717.It 1718.Va WITHOUT_GOOGLETEST 1719.El 1720.It Va WITHOUT_TEXTPROC 1721Do not build 1722programs used for text processing. 1723.It Va WITHOUT_TFTP 1724Do not build or install 1725.Xr tftp 1 1726and 1727.Xr tftpd 8 . 1728.It Va WITHOUT_TOOLCHAIN 1729Do not install 1730programs used for program development, 1731compilers, debuggers etc. 1732When set, it enforces these options: 1733.Pp 1734.Bl -item -compact 1735.It 1736.Va WITHOUT_CLANG 1737.It 1738.Va WITHOUT_CLANG_EXTRAS 1739.It 1740.Va WITHOUT_CLANG_FORMAT 1741.It 1742.Va WITHOUT_CLANG_FULL 1743.It 1744.Va WITHOUT_LLD 1745.It 1746.Va WITHOUT_LLDB 1747.It 1748.Va WITHOUT_LLVM_COV 1749.El 1750.It Va WITH_UBSAN 1751Build the base system with Undefined Behavior Sanitizer (UBSan) to detect 1752various kinds of undefined behavior at runtime. 1753Requires that Clang be used as the base system compiler 1754and that the runtime support library is available 1755.It Va WITHOUT_UNBOUND 1756Do not build 1757.Xr unbound 8 1758and related programs. 1759.It Va WITH_UNDEFINED_VERSION 1760Link libraries with --undefined-version which permits version maps to 1761contain symbols that are not present in the library. 1762If this is necessary to build a particular configuration, a bug is 1763present and the configuration should be reported. 1764.It Va WITHOUT_UNIFIED_OBJDIR 1765Use the historical object directory format for 1766.Xr build 7 1767targets. 1768For native-builds and builds done directly in sub-directories the format of 1769.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR} 1770is used, 1771while for cross-builds 1772.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR} 1773is used. 1774.Pp 1775This option is transitional and will be removed in a future version of 1776.Fx , 1777at which time 1778.Va WITH_UNIFIED_OBJDIR 1779will be enabled permanently. 1780.Pp 1781This must be set in the environment, make command line, or 1782.Pa /etc/src-env.conf , 1783not 1784.Pa /etc/src.conf . 1785.It Va WITHOUT_USB 1786Do not build USB-related programs and libraries. 1787.It Va WITHOUT_USB_GADGET_EXAMPLES 1788Do not build USB gadget kernel modules. 1789.It Va WITHOUT_UTMPX 1790Do not build user accounting tools such as 1791.Xr last 1 , 1792.Xr users 1 , 1793.Xr who 1 , 1794.Xr ac 8 , 1795.Xr lastlogin 8 1796and 1797.Xr utx 8 . 1798.It Va WITH_VERIEXEC 1799Enable building 1800.Xr veriexec 8 1801which loads the contents of verified manifests into the kernel 1802for use by 1803.Xr mac_veriexec 4 1804.Pp 1805Depends on 1806.Va WITH_BEARSSL . 1807.It Va WITHOUT_VI 1808Do not build and install vi, view, ex and related programs. 1809.It Va WITHOUT_VT 1810Do not build 1811.Xr vt 4 1812support files (fonts and keymaps). 1813.It Va WITHOUT_WARNS 1814Set this to not add warning flags to the compiler invocations. 1815Useful as a temporary workaround when code enters the tree 1816which triggers warnings in environments that differ from the 1817original developer. 1818.It Va WITHOUT_WERROR 1819Set this to not treat compiler warnings as errors. 1820Useful as a temporary workaround when working on fixing compiler warnings. 1821When set, warnings are still printed in the build log but do not fail the build. 1822.It Va WITHOUT_WIRELESS 1823Do not build programs used for 802.11 wireless networks; especially 1824.Xr wpa_supplicant 8 1825and 1826.Xr hostapd 8 . 1827When set, these options are also in effect: 1828.Pp 1829.Bl -inset -compact 1830.It Va WITHOUT_WIRELESS_SUPPORT 1831(unless 1832.Va WITH_WIRELESS_SUPPORT 1833is set explicitly) 1834.El 1835.It Va WITHOUT_WIRELESS_SUPPORT 1836Build libraries, programs, and kernel modules without 1837802.11 wireless support. 1838.It Va WITHOUT_WPA_SUPPLICANT_EAPOL 1839Build 1840.Xr wpa_supplicant 8 1841without support for the IEEE 802.1X protocol and without 1842support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS 1843protocols (usable only via 802.1X). 1844.It Va WITHOUT_ZFS 1845Do not build the ZFS file system kernel module, libraries such as 1846.Xr libbe 3 , 1847and user commands such as 1848.Xr zpool 8 1849or 1850.Xr zfs 8 . 1851Also disable ZFS support in utilities and libraries which implement 1852ZFS-specific functionality. 1853.It Va WITHOUT_ZONEINFO 1854Do not build the timezone database. 1855When set, it enforces these options: 1856.Pp 1857.Bl -item -compact 1858.It 1859.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT 1860.El 1861.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT 1862Build leapsecond information in to the timezone database. 1863.El 1864.Pp 1865The following options accept a single value from a list of valid values. 1866.Bl -tag -width indent 1867.It Va INIT_ALL 1868Control default initialization of stack variables in C and C++ code. 1869Options other than 1870.Li none 1871require the Clang compiler or GCC 12.0 or later. 1872The default value is 1873.Li none . 1874Valid values are: 1875.Bl -tag -width indent 1876.It Li none 1877Do not initialize stack variables (standard C/C++ behavior). 1878.It Li pattern 1879Build the base system or kernel with stack variables initialized to 1880.Pq compiler defined 1881debugging patterns on function entry. 1882.It Li zero 1883Build the base system or kernel with stack variables initialized 1884to zero on function entry. 1885This value is converted to 1886.Li none 1887for amd64 kernel builds due to incompatability with ifunc memset. 1888.El 1889.It Va LIBC_MALLOC 1890Specify the 1891.Xr malloc 3 1892implementation used by libc. 1893The default value is 1894.Li jemalloc . 1895Valid values are: 1896.Bl -tag -width indent 1897.It Li jemalloc 1898.El 1899.Pp 1900Other implementations are expected in the future in both 1901.Fx 1902and downstream consumers. 1903.El 1904.Sh FILES 1905.Bl -tag -compact -width Pa 1906.It Pa /etc/src.conf 1907.It Pa /etc/src-env.conf 1908.It Pa /usr/share/mk/bsd.own.mk 1909.El 1910.Sh SEE ALSO 1911.Xr make 1 , 1912.Xr make.conf 5 , 1913.Xr build 7 , 1914.Xr ports 7 1915.Sh HISTORY 1916The 1917.Nm 1918file appeared in 1919.Fx 7.0 . 1920.Sh AUTHORS 1921This manual page was autogenerated by 1922.An tools/build/options/makeman . 1923