087815f8bc
ENABLE_SUID_SSH being defined reenable it for those that want it. This follows discussion favoring the change from September. It is not usually necessary to be setuid root, possibly less safe, and less convenient (cannot use $HOSTALIASES, for example). Submitted by: jedgar
323 lines
12 KiB
Plaintext
323 lines
12 KiB
Plaintext
# $FreeBSD$
|
|
#
|
|
# This file, if present, will be read by make (see /usr/share/mk/sys.mk).
|
|
# It allows you to override macro definitions to make without changing
|
|
# your source tree, or anything the source tree installs.
|
|
#
|
|
# This file must be in valid Makefile syntax.
|
|
#
|
|
# You have to find the things you can put here in the Makefiles and
|
|
# documentation of the source tree.
|
|
#
|
|
# CFLAGS controls the compiler settings used when compiling C code.
|
|
# Note that optimisation settings above -O (-O2, ...) are not recommended
|
|
# or supported for compiling the world or the kernel - please revert any
|
|
# nonstandard optimisation settings to "-O" before submitting bug reports
|
|
# to the developers.
|
|
# Note also that at this time the -O2 setting is known to produce BROKEN
|
|
# CODE on the Alpha platform.
|
|
#
|
|
#CFLAGS= -O -pipe
|
|
#
|
|
# CXXFLAGS controls the compiler settings used when compiling C++ code.
|
|
# Note that CXXFLAGS is initially set to the value of CFLAGS. If you wish
|
|
# to add to CXXFLAGS value, "+=" must be used rather than "=". Using "="
|
|
# alone will remove the often needed contents of CFLAGS from CXXFLAGS.
|
|
#
|
|
#CXXFLAGS+= -fmemoize-lookups -fsave-memoized
|
|
#
|
|
# BDECFLAGS are a set of gcc warning settings that Bruce Evans has suggested
|
|
# for use in developing FreeBSD and testing changes. They can be used by
|
|
# putting "CFLAGS+=${BDECFLAGS}" in /etc/make.conf.
|
|
#
|
|
BDECFLAGS= -W -Wall -ansi -pedantic -Wbad-function-cast -Wcast-align \
|
|
-Wcast-qual -Wchar-subscripts -Wconversion -Winline \
|
|
-Wmissing-prototypes -Wnested-externs -Wpointer-arith \
|
|
-Wredundant-decls -Wshadow -Wstrict-prototypes -Wwrite-strings
|
|
#
|
|
# To compile just the kernel with special optimisations, you should use
|
|
# this instead of CFLAGS (which is not applicable to kernel builds anyway).
|
|
# There is very little to gain by using higher optimization levels, and doing
|
|
# so can cause problems.
|
|
#
|
|
#COPTFLAGS= -O -pipe
|
|
#
|
|
# Compare before install
|
|
#INSTALL=install -C
|
|
#
|
|
# Mtree will follow symlinks
|
|
#MTREE_FOLLOWS_SYMLINKS= -L
|
|
#
|
|
# To enable installing suidperl with the setuid bit turned on
|
|
#ENABLE_SUIDPERL= true
|
|
#
|
|
# To build perl with thread support
|
|
#PERL_THREADED= true
|
|
#
|
|
# To build ppp with normal permissions
|
|
#PPP_NOSUID= true
|
|
#
|
|
# To enable installing ssh(1) with the setuid bit turned on
|
|
#ENABLE_SUID_SSH= true
|
|
#
|
|
# To avoid building various parts of the base system:
|
|
#NO_CVS= true # do not build CVS
|
|
#NO_BIND= true # do not build BIND
|
|
#NO_FORTRAN= true # do not build g77 and related libraries
|
|
#NO_LPR= true # do not build lpr and related programs
|
|
#NO_MAILWRAPPER=true # do not build the mailwrapper(8) MTA selector
|
|
#NO_MODULES= true # do not build modules with the kernel
|
|
#NO_OBJC= true # do not build Objective C support
|
|
#NO_OPENSSH= true # do not build OpenSSH
|
|
#NO_OPENSSL= true # do not build OpenSSL (implies NO_OPENSSH)
|
|
#NO_SENDMAIL= true # do not build sendmail and related programs
|
|
#NO_SHAREDOCS= true # do not build the 4.4BSD legacy docs
|
|
#NO_TCSH= true # do not build and install /bin/csh (which is tcsh)
|
|
#NO_X= true # do not compile in XWindows support (e.g. doscmd)
|
|
#NOCRYPT= true # do not build any crypto code
|
|
#NODESCRYPTLINKS=true # do not replace libcrypt -> libscrypt links
|
|
#NOGAMES= true # do not build games (games/ subdir)
|
|
#NOINFO= true # do not make or install info files
|
|
#NOLIBC_R= true # do not build libc_r (re-entrant version of libc)
|
|
#NOPERL= true # To avoid building perl
|
|
#NOPROFILE= true # Avoid compiling profiled libraries
|
|
#NOSECURE= true # do not build crypto code in secure/ subdir
|
|
#NOSHARE= true # do not go into the share subdir
|
|
#NOUUCP= true # do not build uucp related programs
|
|
#
|
|
# To build sys/modules when building the world (our old way of doing things)
|
|
#MODULES_WITH_WORLD=true # do not build modules when building kernel
|
|
#
|
|
#
|
|
# Controls for building various OPTIONAL parts of the crypto system.
|
|
# Patents are involved - you must not use these unless you either have
|
|
# a license or would be within patent 'fair use' provisions.
|
|
# Generally 'educational use' is OK, but personal (even non-commercial)
|
|
# use is not.
|
|
# *** It is YOUR RESPONSIBILITY to determine if you can use these! ***
|
|
#
|
|
# Patented in the USA and many european countries - thought to be OK to
|
|
# use for any non-commercial use. This is optional.
|
|
#MAKE_IDEA= YES # IDEA (128 bit symmetric encryption)
|
|
#
|
|
# To avoid running MAKEDEV all on /dev during install:
|
|
#NO_MAKEDEV= true
|
|
#
|
|
# If you do not want unformatted manual pages to be compressed
|
|
# when they are installed:
|
|
#
|
|
#NOMANCOMPRESS= true
|
|
#
|
|
#
|
|
# If you want the "compat" shared libraries installed as part of your normal
|
|
# builds, uncomment these:
|
|
#
|
|
#COMPAT1X= yes
|
|
#COMPAT20= yes
|
|
#COMPAT21= yes
|
|
#COMPAT22= yes
|
|
#COMPAT3X= yes
|
|
#
|
|
#
|
|
# If you do not want additional documentation (some of which are
|
|
# a few hundred KB's) for ports to be installed:
|
|
#
|
|
#NOPORTDOCS= true
|
|
#
|
|
#
|
|
# Default format for system documentation, depends on your printer.
|
|
# Set this to "ascii" for simple printers or screen
|
|
#
|
|
#PRINTERDEVICE= ps
|
|
#
|
|
#
|
|
# How long to wait for a console keypress before booting the default kernel.
|
|
# This value is approximately in milliseconds. Keypresses are accepted by the
|
|
# BIOS before booting from disk, making it possible to give custom boot
|
|
# parameters even when this is set to 0.
|
|
#
|
|
#BOOTWAIT=0
|
|
#BOOTWAIT=30000
|
|
#
|
|
# By default, the system will always use the keyboard/video card as system
|
|
# console. However, the boot blocks may be dynamically configured to use a
|
|
# serial port in addition to or instead of the keyboard/video console.
|
|
#
|
|
# By default we use COM1 as our serial console port *if* we're going to use
|
|
# a serial port as our console at all. Alter as necessary.
|
|
#
|
|
# COM1: = 0x3F8, COM2: = 0x2F8, COM3: = 0x3E8, COM4: = 0x2E8
|
|
#
|
|
#BOOT_COMCONSOLE_PORT= 0x3F8
|
|
#
|
|
# The default serial console speed is 9600. Set the speed to a larger value
|
|
# for better interactive response.
|
|
#
|
|
#BOOT_COMCONSOLE_SPEED= 115200
|
|
#
|
|
# By default the 'pxeboot' loader retrieves the kernel via NFS. Defining
|
|
# this and recompiling /usr/src/sys/boot will cause it to retrieve the kernel
|
|
# via TFTP. This allows pxeboot to load a custom BOOTP diskless kernel yet
|
|
# still mount the server's '/' (i.e. rather then load the server's kernel).
|
|
#
|
|
#LOADER_TFTP_SUPPORT= YES
|
|
#
|
|
# By default, this points to /usr/X11R6 for XFree86 releases 3.0 or earlier.
|
|
# If you have a XFree86 from before 3.0 that has the X distribution in
|
|
# /usr/X386, you want to uncomment this.
|
|
#
|
|
#X11BASE= /usr/X386
|
|
#
|
|
#
|
|
# If you have Motif on your system, uncomment this.
|
|
#
|
|
#HAVE_MOTIF= yes
|
|
#MOTIF_STATIC= yes
|
|
#
|
|
# If the default location of the Motif library (specified below) is NOT
|
|
# appropriate for you, uncomment this and change it to the correct value.
|
|
# If your motif is in ${X11BASE}/lib, you don't need to touch this line.
|
|
#
|
|
#MOTIFLIB= -L${X11BASE}/lib -lXm
|
|
#
|
|
#
|
|
# If you're resident in the USA, this will help various ports to determine
|
|
# whether or not they should attempt to comply with the various U.S.
|
|
# export regulations on certain types of software which do not apply to
|
|
# anyone else in the world.
|
|
#
|
|
#USA_RESIDENT= YES
|
|
#
|
|
#
|
|
# Override "don't install a port that's already installed" behavior.
|
|
# One might wish to do this for ports debugging or to unconditionally
|
|
# reinstall a set of suspect/broken ports.
|
|
#
|
|
#FORCE_PKG_REGISTER= YES
|
|
#
|
|
#
|
|
# If you're behind a firewall and need FTP or HTTP proxy services for
|
|
# ports collection fetching to work, the following examples give the
|
|
# necessary syntax.
|
|
#
|
|
#FTP_PROXY= 10.0.0.1:21
|
|
#HTTP_PROXY= 10.0.0.1:80
|
|
#
|
|
#
|
|
# Port master sites.
|
|
#
|
|
# If you want your port fetches to go somewhere else than the default
|
|
# (specified below) in case the distfile/patchfile was not found,
|
|
# uncomment this and change it to a location nearest you. (Don't
|
|
# remove the "/${DIST_SUBDIR}/" part.)
|
|
#
|
|
#MASTER_SITE_BACKUP?= \
|
|
# ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/${DIST_SUBDIR}/
|
|
#
|
|
# If you want your port fetches to check the above site first (before
|
|
# the MASTER_SITES specified in the port Makefiles), uncomment the
|
|
# line below. You can also change the right side to point to wherever
|
|
# you want.
|
|
#
|
|
#MASTER_SITE_OVERRIDE?= ${MASTER_SITE_BACKUP}
|
|
#
|
|
# Some ports use a special variable to point to a collection of
|
|
# mirrors of well-known software archives. If you have a mirror close
|
|
# to you, uncomment any of the following lines and change it to that
|
|
# address. (Don't remove the "/%SUBDIR%/" part.)
|
|
#
|
|
# Note: the right hand sides of the following lines are only for your
|
|
# information. For a full list of default sites, take a look at
|
|
# bsd.sites.mk.
|
|
#
|
|
#MASTER_SITE_XCONTRIB= ftp://ftp.x.org/contrib/%SUBDIR%/
|
|
#MASTER_SITE_XFREE= ftp://ftp.freesoftware.com/pub/XFree86/%SUBDIR%/source/
|
|
#MASTER_SITE_GNU= ftp://ftp.gnu.org/gnu/%SUBDIR%/
|
|
#MASTER_SITE_PERL_CPAN= ftp://ftp.digital.com/pub/plan/perl/CPAN/modules/by-module/%SUBDIR%/
|
|
#MASTER_SITE_TEX_CTAN= ftp://ftp.tex.ac.uk/tex-archive/%SUBDIR%/
|
|
#MASTER_SITE_SUNSITE= ftp://metalab.unc.edu/pub/Linux/%SUBDIR%/
|
|
#MASTER_SITE_RINGSERVER= ftp://ring.ocn.ad.jp/pub/%SUBDIR%/
|
|
#MASTER_SITE_KDE= ftp://ftp.kde.org/pub/kde/%SUBDIR%/
|
|
#MASTER_SITE_COMP_SOURCES= ftp://gatekeeper.dec.com/pub/usenet/comp.sources.%SUBDIR%/
|
|
#MASTER_SITE_GNOME= ftp://ftp.gnome.org/pub/GNOME/sources/%SUBDIR%/
|
|
#MASTER_SITE_AFTERSTEP= ftp://ftp.afterstep.org/%SUBDIR%/
|
|
#MASTER_SITE_WINDOWMAKER= ftp://ftp.windowmaker.org/pub/%SUBDIR%/
|
|
#MASTER_SITE_MOZILLA= ftp://ftp.yggdrasil.com/mirrors/site/ftp.mozilla.org/pub/%SUBDIR%/
|
|
#MASTER_SITE_XEMACS= ftp://ftp.sunsite.utk.edu/pub/xemacs/%SUBDIR%/
|
|
#MASTER_SITE_TCLTK= ftp://ftp.uu.net/languages/tcl/%SUBDIR%/
|
|
#MASTER_SITE_RUBY= ftp://ftp.fu-berlin.de/unix/languages/ruby/%SUBDIR%/
|
|
#
|
|
# Also it is highly recommended that you configure MASTER_SORT_REGEX
|
|
# to choose better mirror sites for you. List awk(1)-style regular
|
|
# expressions separated by space so MASTER_SITES will be sorted in
|
|
# that order. The following example is for Japanese users; change
|
|
# "jp" part to your ccTLD ("de", "ru", "uk", etc.) or the domain names
|
|
# of your nearest/upstream networks to meet your needs.
|
|
#
|
|
#MASTER_SORT_REGEX?= ^file: ^ftp://ftp\.FreeBSD\.org/pub/FreeBSD/ports/local-distfiles/ ://[^/]*\.jp/ ://[^/]*\.jp\.
|
|
#
|
|
# Kerberos IV
|
|
# If you want KerberosIV (KTH eBones), define this:
|
|
#
|
|
#MAKE_KERBEROS4= yes
|
|
#
|
|
#
|
|
# Kerberos 5
|
|
# If you want KerberosIV (KTH Heimdal), define this:
|
|
# ** WARNING **
|
|
# ** WARNING ** This is very experimental at this stage. If you
|
|
# ** WARNING ** need stable Kerberos5, rather use the port(s).
|
|
# ** WARNING **
|
|
#
|
|
#MAKE_KERBEROS5= yes
|
|
#
|
|
#
|
|
# Kerberos5
|
|
# If you want to install MIT Kerberos5 port somewhere other than /usr/local,
|
|
# define this (this is also used to tell ssh1 that kerberos is needed):
|
|
#
|
|
#KRB5_HOME= /usr/local
|
|
#
|
|
#
|
|
# CVSup update flags. Edit SUPFILE settings to reflect whichever distribution
|
|
# file(s) you use on your site (see /usr/share/examples/cvsup/README for more
|
|
# information on CVSup and these files). To use, do "make update" in /usr/src.
|
|
#
|
|
#SUP_UPDATE= yes
|
|
#
|
|
#SUP= /usr/local/bin/cvsup
|
|
#SUPFLAGS= -g -L 2
|
|
#SUPHOST= cvsup.uk.FreeBSD.org
|
|
#SUPFILE= /usr/share/examples/cvsup/standard-supfile
|
|
#SUPFILE1= /usr/share/examples/cvsup/secure-supfile
|
|
#PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile
|
|
#DOCSUPFILE= /usr/share/examples/cvsup/doc-supfile
|
|
#
|
|
# top(1) uses a hash table for the user names. The size of this hash
|
|
# can be tuned to match the number of local users. The table size should
|
|
# be a prime number approximately twice as large as the number of lines in
|
|
# /etc/passwd. The default number is 20011.
|
|
#
|
|
#TOP_TABLE_SIZE= 101
|
|
#
|
|
# Documentation
|
|
#
|
|
# The list of languages and encodings to build and install
|
|
#
|
|
#DOC_LANG= en_US.ISO_8859-1 ru_RU.KOI8-R
|
|
#
|
|
#
|
|
# sendmail
|
|
# Setting the following variables modifes the build environment for
|
|
# sendmail and its related utilities. For example, SASL support can be
|
|
# added with settings such as:
|
|
#
|
|
# SENDMAIL_CFLAGS=-I/usr/local/include -DSASL
|
|
# SENDMAIL_LDFLAGS=-L/usr/local/lib
|
|
# SENDMAIL_LDADD=-lsasl
|
|
#
|
|
#SENDMAIL_CFLAGS=
|
|
#SENDMAIL_LDFLAGS=
|
|
#SENDMAIL_LDADD=
|
|
#SENDMAIL_DPADD=
|