Share your make.conf and src.conf

ldgc

ldgc

Hello :)

It would be nice that experienced users shared their make.conf and src.conf to help new users like me :)
I know that there are man pages and I read both of them, but real user's configurations are IMHO also helpful!
 
The only option new users should use: rm -f /etc/make.conf /etc/src.conf.

Seriously, unless you know what you are doing I would advice to stay away from them. If you know what you are doing you don't need this list.
 
SirDice said:
The only option new users should use: rm -f /etc/make.conf /etc/src.conf.

Seriously, unless you know what you are doing I would advice to stay away from them. If you know what you are doing you don't need this list.
Click to expand...

I don't think so. Some options become obsolete and the posting of the configurations can also help experienced users to noticed them faster :)
 
I see nothing wrong with sharing make.confs. Then we can receive and provide some feedback on them. Maybe even nip some future problems in the bud before they even happen.

Or the whole thread could be a train wreck. Only one way to find out :p

Here is the make.conf I use for building desktop packages:
https://github.com/t6/freebsd-ports-sndio/blob/sndio-rebase/poudriere.d/fbsd12-amd64-sndio-make.conf

and for building a server package set:
https://github.com/t6/freebsd-ports-sndio/blob/sndio-rebase/poudriere.d/server-make.conf

On my workstation I also locally set this in /etc/make.conf
Code: 
DEFAULT_VERSIONS=	ssl=libressl
DEVELOPER=		yes
DEV_WARNING_WAIT=	0
SU_CMD=			/usr/local/bin/sudo -E sh -c

And the /etc/make.conf for building FreeBSD base packages:
Code: 
MALLOC_PRODUCTION=	yes
KERNCONF=		TOBIK
PKGSIGNKEY=		/root/pkgbase-private.key
REPODIR=		/pkgbase

/etc/src.conf is empty.
 
pensador_13 said:
I don't think so. Some options become obsolete and the posting of the configurations can also help experienced users to noticed them faster
Click to expand...
If/When you run into problems the first thing everybody is going to suggest is to remove /etc/make.conf and /etc/src.conf.
 
There's really not much to share. Especially the sharing of src.conf is pretty useless in my opinion because this is only useful if you need to specifically customize your system. For example, on my main server I use these options (amongst many others):

Code: 
WITHOUT_EXAMPLES=
WITHOUT_FREEBSD_UPDATE=
WITHOUT_PC_SYSINSTALL=
WITHOUT_PF=
WITHOUT_PKGBOOTSTRAP=
WITHOUT_SENDMAIL=
WITHOUT_SVNLITE=
WITHOUT_IPFW=
WITHOUT_LDNS=
So the problem here is that if you, as unexperienced user, would blindly use my src.conf without understanding what these options do then you'll probably end up with a messed up system. For starters you won't have a working firewall anymore. That's because I'm using IPFilter on this system, which has to be specifically enabled in your kernel configuration. Which you didn't ask for ;)

Next you won't have Sendmail. So unless you installed an MTA from the ports collection (I'm using mail/postfix on this server) then you'll end up without mail. And I could go on... I also disabled freebsd-update so you'd be forced into using the source tree, no local DNS utilities (I dislike drill, but that's only because I'm very used to dig) so resolving could become tricky and no subversion.

Seriously... If you wish you customize your system then there's only 1 smart way to do it. Check out the source tree, then run man -M /usr/src/share/man src.conf to study all the new ("current") customization options and then add whatever you (don't) need.

I realize the others already mentioned all the caveats, but I figured I'd share an hands-on example.
 
FWIW make.conf

Code: 
KERNCONF=MACMINI    # MacMini 3,1 hardware custom kernel config file
#
# Modules
#
# Modules to build instead of all
# MODULES_OVERRIDE = linux
# Modules not to build
# WITHOUT_MODULES = linux acpi
# Rebuild nvidia ports driver with kernel builds (ie keep in sync)
PORTS_MODULES+=x11/nvidia-driver-340
#
# Legacy binary library support
#
# If you want the "compat" shared libraries installed as part of your normal builds:
##COMPAT2X=yes
##COMPAT3X=yes
##COMPAT4X=yes
##COMPAT5X=yes
##COMPAT6X=yes
##COMPAT7X=yes
##COMPAT8X=yes
# Now use ports - see eg /usr/ports/misc/compat4x - for legacy binaries that depend on them.
#
# Sendmail config
#
SENDMAIL_CFLAGS= -UNETINET6     # no ISP IPv6 rDNS, so ditch IPv6 for sendmail
SENDMAIL_MC=/etc/mail/shadow.mc
SENDMAIL_SUBMIT_MC=/etc/mail/shadow.submit.cf
#
# PORTS BUILDS ONLY
#
MAKE_JOBS_NUMBER?=3
DEFAULT_VERSIONS+=ssl=openssl
DEFAULT_VERSIONS+=perl5=5.24
OPENSSLBASE=/usr/local  # Use ports version of openssl with TLS 1.2
OPTIONS_SET+=IPV6       # Build ports with IPv6 option
OPTIONS_UNSET+=GNOME    # Build ports w/o Gnome
OPTIONS_UNSET+=HAL      # Build ports w/o HAL
OPTIONS_UNSET+=DBUS     # Build ports w/o dbus
OPTIONS_UNSET+=GSSAPI   # Build ports w/o kerberos
 
getopt said:
You got best practice advice from

Well, if you are that smart why bothering us? Candidate for ignore list! Unfortunately the FreeBSD forums get flooded with such supersmart newbees. Reading their output here is just a waste of lifetime.
Click to expand...

You have misunderstood me, I don´t consider me a supersmart newbie as you stated. In fact, when I disagreed with SirDice opinion, I gave a reason why with politeness. Now if you don´t agree with me, that´s ok for me, but please be polite with other people. It´s something very important to a healthy community :)
 
Partial src.conf
Code: 
#Network
WITHOUT_CTM=yes
WITHOUT_FINGER=yes
WITHOUT_FTP=yes
WITHOUT_HAST=yes
WITHOUT_HTML=yes
WITHOUT_IPFILTER=yes
WITHOUT_OPENSSH=yes
WITHOUT_RCMDS=yes
WITHOUT_SENDMAIL=yes
WITH_SVN=yes
WITHOUT_TALK=yes
WITHOUT_TELNET=yes
WITHOUT_TFTP=yes

#Other
WITHOUT_BHYVE=yes
WITHOUT_BOOTPARAMD=yes
WITHOUT_BOOTPD=yes
WITHOUT_CCD=yes
WITHOUT_EE=yes
WITHOUT_FLOPPY=yes
WITHOUT_GAMES=yes
WITHOUT_GPIO=yes
WITHOUT_GNU_GREP_COMPAT=yes
WITHOUT_HYPERV=yes
WITHOUT_SYSCONS=yes
WITHOUT_ZFS=yes
WITH_BSD_GREP=yes
For #Network, I've mostly disabled clear text services. In #Other I'm using VT exclusively, instead of SYSCONS (for VESA). Virtualization is removed too. GPIO is for controlling breadboard electronics, and other small electronics with your computer. HTML is for HTML docs. HAST is for network storage. I've left off my buildtools/toolchain options from the above, which I am still sorting out.

make.conf
Code: 
WITH_PKGNG=yes
CPUTYPE?=k8
KERNCONF=MINIMAL
WRKDIRPREFIX=/tmp/bport
NO_MODULES=yes
#MODULES_WITH_WORLD=yes
#PORTS_MODULES=shells/mksh ports-mgmt/psearch ports-mgmt/portmaster security/doas

COMPILER_TYPE=  clang
CC=             /usr/local/llvm40/bin/clang
CXX=            /usr/local/llvm40/bin/clang++
CPP=            /usr/local/llvm40/bin/clang-cpp
LD=             /usr/local/llvm40/bin/ld.lld
NM=             /usr/local/llvm40/bin/llvm-nm
OBJDUMP=     /usr/local/llvm40/bin/llvm-objdump
STRINGS=        /usr/local/llvm40/bin/llvm-strings

OPTIONS_SET=    SNDIO ATI JOYSTICK SOUNDEX LIBINPUT CRYPTO \
                SPEEX CURL IDN SQLITE IDN PYGMENTS \
                EXAMPLES RUST TCLTK HUNSPELL UTF8 \
                NOTIFY CPU_CLIP SASL TZDATA \
                PNG SVG OPENGL NLS
OPTIONS_SET+=   PORTAUDIO XAW3DXFT XVIDEO PORT_LLVM
OPTIONS_UNSET=  PULSEAUDIO PULSE ALSA NAS JACK \
                CUPS VESA SCFB WGET GCC COLORD \
                TWM XCONSOLE XCLOCK XAUTH XBACKLIGHT XGC XSETROOT ICEAUTH \
                GDBM BASH GNUTLS \
                CANBERRA VAAPI QT5 V4L \
                VV BONJOUR GG SAMETIME SILC IRC NOVELL OSCAR QQ SIMPLE ZEPHYR \
                GNOME GNOMEVFS
QT4_OPTIONS=    -CUPS

DEFAULT_VERSIONS+=     python=3.6
I've intentionally left commented out options pertaining to MODULES, because those I'm still figuring out and considering those. As for my LD, NM, OBJECTDUMP, and STRING options, I'm considering installing devel/binutils, and pointing to there. CUPS is mentioned twice, because that's what it takes to remove it with QT4 as well.

Enabling ATI, and disabling VESA, sets options for x11-drivers/xorg-drivers for the corresponding card.

* Edits - I see how using binutils from ports would affect developers, bc then it forces everyone to use its ports dependencies for that code, and for that code to be less portable.
It was supposed to be OBJDUMP, not OBJECTDUMP.
 
Last edited:
Here is some of my /etc/make.conf. Parts are stolen from other users in the forum, some are from my own
trial and error and many poudriere builds.

I have some trouble with my particular processor and compiling things with CPUTYPE?=native.
You may or may not. The main problem for me is with erroneous avx avx2 instructions popping up despite
disabling them.

I can include some other patches to files in /usr/ports/Mk that I use to work around this if there is interest.
My guess is that sandybridge and above processors won't run into the troubles I do.


Code: 
################################################################################
#       /usr/src things
#
KERNCONF?=beastie
PORTS_MODULES+=emulators/virtualbox-ose-kmod sysutils/lsof

################################################################################
#       Intel(R) Pentium(R) CPU G850 @ 2.90GHz (K8-class CPU)
#
CPUTYPE?=corei7

################################################################################
#       Override default versions
#
DEFAULT_VERSIONS+=ssl=openssl

################################################################################
#       Quiet some clang flags
#
.if ${CC:T} == "clang"
 CFLAGS+=-Qunused-arguments -Wno-dev
.endif

################################################################################
#       Add custom port category
#
VALID_CATEGORIES+=local

################################################################################
#       Default GLOBAL port options
#
OPTIONS_SET+=\
        OPTIMIZATIONS OPTIMIZED_CFLAGS OPTIMIZED_FLAGS \
        PTHREAD PTHREADS THREAD THREADS THREADSAFE TTB \
        RTCPU RUNTIME DYNAMIC_ARCH OPENBLAS OPENMP OPENMPI OPENSSL \
        CPU_OPTS SSE SSE2 SSE3 SSSE3 SSE41 SSE42 \
        DC1394 DVDREAD FFMPEG LIBBLURAY MAD XVID X264 X265 DECRYPT \
        AVAHI DBUS HAL ICONV NCURSES NLS LDAP \
        DYNAMIC PYTHON SUID SYSLOG \
        MAN MANPAGES VERBOSE VERBOSE_BUILD \
        COMPOSITE GALLIUM GLX GUI OPENGL X11 \
        ALSA PORTAUDIO FLAC MP3 OGG XMMS 7ZIP \
        GIF IMAGEMAGICK JPEG PANGO PNG PNM RAR TIFF ZIP ZLIB \
        DVDCSS FDK_AAC VTKMPEG2 NONFREE
OPTIONS_UNSET+=\
        AVX AVX2 NETLIB\
        DEVD MDNS MDNSRESPONDER NSS GNUTLS POLARSSL WOLFSSL \
        OSS CPU_CLIP ESOUND JACK NAS OPENAL PULSEAUDIO VDPAU \
        APIDOCS APIDOC DOCS DOXYGEN EXAMPLES HTMLDOCS INFO \
        PDFDOCS PROFILE RUBY TEST

#       Fix some problems with the GLOBAL port options above
#       Reset mod_info to build. In apache info did not refer to info pages
www_apache24_SET+=INFO

#       override OPTIONS_SET+=NCURSES at top of this file
#       back to the default one of TTY
security_pinentry_SET+=TTY
security_pinentry_UNSET+=QT4 NCURSES GTK2 GNOME3

#       Unset unexepected use of runtime
audio_espeak_UNSET+=RUNTIME

################################################################################
#       UNSET a few foreign languages
#
OPTIONS_UNSET+=\
        LADSPA LANG_AF LANG_AK LANG_AM LANG_AR LANG_AST LANG_BB \
        LANG_BE LANG_BG LANG_BN LANG_BR LANG_BS LANG_CA LANG_CS \
        LANG_CY LANG_DA LANG_DE LANG_EL LANG_EO LANG_ES LANG_ET \
        LANG_EU LANG_FA LANG_FI LANG_FR LANG_FY LANG_GA LANG_GB \
        LANG_GD LANG_GL LANG_GU LANG_HE LANG_HI LANG_HR LANG_HU \
        LANG_ID LANG_IS LANG_IT LANG_JA LANG_JP LANG_KK LANG_KN \
        LANG_KO LANG_KU LANG_LG LANG_LK LANG_LT LANG_LV LANG_MAI \
        LANG_MK LANG_ML LANG_MN LANG_MR LANG_NB LANG_NL LANG_NN \
        LANG_NSO LANG_OR LANG_PA LANG_PBR LANG_PL LANG_PT LANG_RM \
        LANG_RO LANG_RU LANG_SA LANG_SC LANG_SE LANG_SI LANG_SK \
        LANG_SL LANG_SM LANG_SON LANG_SQ LANG_SR LANG_SV LANG_TA \
        LANG_TE LANG_TH LANG_TR LANG_UA LANG_UK LANG_VI LANG_ZA \
        LANG_ZU LANG_TW

################################################################################
#       XOrg -- Only build xorg with drivers below
#
x11-drivers_xorg-drivers_SET+=\
        APM INTEL MOUSE KEYBOARD VESA SYNAPTICS FBDEV VMWARE VMMOUSE WACOM
x11-drivers_xorg-drivers_UNSET+=\
        ATI MACH64 NV R128 RADEONHD OPENCHROME ACECAD ELOGRAPHICS \
        HYPERPEN JOYSTICK MAGICTOUCH MUTOUCH PENMOUNT \
        VMMOUSE VOID ARK CHIPS CIRRUS CYRIX DUMMY \
        GLINT I128 I740 IMSTT MGA NEOMAGIC NEWPORT RENDITION \
        S3 S3VIRGE SAVAGE SILICONMOTION SIS TDFX TGA TRIDENT \
        TSENG VIA VOODOO

################################################################################
#       php5-extensions
#
lang_php56-extensions_SET+=\
        BZ2 CTYPE DOM FILEINFO FILTER GD GETTEXT HASH ICONV JSON \
        LDAP OPCACHE OPENSSL PDO PDO_SQLITE PHAR POSIX SESSION SIMPLEXML \
        SQLITE3 TOKENIZER XML XMLREADER XMLWRITER XSL ZIP ZLIB

################################################################################
#       Override TESSERACT_LANGS in port Makefile
#
TESSERACT_LANGS=eng
graphics_yagf_SET+=TESSERACT
graphics_yagf_UNSET+=CUNEIFORM

################################################################################
#       Try to match FreeBSD package distribution flags
#
www_firefox_SET+=ALSA BUNDLED_CAIRO DBUS DTRACE FFMPEG GCONF JACK OPTIMIZED_CFLAGS PROFILE PULSEAUDIO
www_firefox_UNSET+=CANBERRA DEBUG INTEGER_SAMPLES LIBPROXY SNDIO TEST

################################################################################
#       Make port non-interactive when doing kernel build/install
#
emulators_virtualbox-ose_SET+=GUESTADDITIONS
.if ${.CURDIR:M*/emulators/virtualbox-ose*}
 BATCH=yes
.endif

################################################################################
#       Some port specific overrides
#
editors_libreoffice_SET+=KDE4 SYSTRAY
graphics_blender_SET+=CAMERATRACK MOD_OCEANSIM RAYOPTIMIZATION
multimedia_dvdauthor_SET+=NTSC IMAGEMAGICK
ports-mgmt_poudriere_SET+=EXAMPLES QEMU
ports-mgmt_poudriere-devel_SET+=EXAMPLES QEMU
print_foomatic-filters_SET+=ENSCRIPT_LETTER
print_foomatic-filters_UNSET+=ENSCRIPT_A4
security_sudo_SET+=INSULTS
sysutils_udfclient_SET+=FUSE
sysutils_apcupsd_SET+=CGI
www_lynx_SET+=DEFAULT_COLORS

################################################################################
#       Override unset TEST global at top TEST=off fails:
#       https://bugs.kde.org/show_bug.cgi?id=366110
devel_kf5-extra-cmake-modules_SET+=TEST


my /etc/src.conf is minimal:

Code: 
WITHOUT_KERNEL_SYMBOLS=
WITHOUT_SYSCONS=
 
A little old thread, but I figure I'd dump mine too:

make.conf:
Code: 
FORCE_MAKE_JOBS=YES
MAKE_JOBS_NUMBER=30

#BATCH="YES"

OPTIONS_SET+=SAFESTACK CFIHARDEN PIE RELRO IPV6 SSL PERL TCL \
             PYTHON DOCS THREADS MANPAGES OPENSSL PCRE PTHREAD KQUEUE

OPTIONS_UNSET+=NLS EXAMPLES DEBUG ASPELL GNUTLS IDN X11 GUI

oidentd_UNSET=MASQ

DEFAULT_VERSIONS+=perl5=5.26
DEFAULT_VERSIONS+=python=3.6

src.conf:

Code: 
KERNCONFDIR=/usr/KERNCONF
KERNCONF=PERSEPHONE-HBSD-SMP

#other tmpdir (/tmp is mounted noexec, will fail installworld)
TMPDIR=/usr/tmp

#debug symbols in world, etc.
#CFLAGS=-pipe
#DEBUG_FLAGS=-g

#FORCE_MAKE_JOBS=YES
MAKE_JOBS_NUMBER=30

#also build 32-bit libs (together with options COMPAT_FREEBSD32)
WITH_LIB32=YES

#using opensmtpd from ports
WITHOUT_SENDMAIL=YES
WITHOUT_DMAGENT=YES

#using unbound from ports
WITHOUT_UNBOUND=YES

#using xinetd from ports
WITHOUT_INETD=YES

#using openntpd from ports
WITHOUT_NTP=YES

#BSD grep instead of GNU grep
WITH_BSD_GREP=YES

#using git to sync ports tree
WITHOUT_PORTSNAP=YES
WITHOUT_FREEBSD_UPDATE=YES
WITHOUT_HBSD_UPDATE=YES

#Hyper-V guest tools
WITHOUT_HYPERV=YES

#other crud we don't need
WITHOUT_AMD=YES
WITHOUT_APM=YES
WITHOUT_ATM=YES
WITHOUT_BHYVE=YES
WITHOUT_BLUETOOTH=YES
WITHOUT_BOOTPARAMD=YES
WITHOUT_BOOTPD=YES
WITHOUT_BSNMP=YES
WITHOUT_CCD=YES
WITHOUT_CTM=YES
WITHOUT_FINGER=YES
WITHOUT_FLOPPY=YES
WITHOUT_GSSAPI=YES
WITHOUT_HAST=YES
WITHOUT_HTML=YES
WITHOUT_INFO=YES
WITHOUT_IPFILTER=YES
WITHOUT_IPX=YES
WITHOUT_ISCSI=YES
WITHOUT_KERBEROS=YES
WITHOUT_LPR=YES
WITHOUT_NDIS=YES
WITHOUT_NIS=YES
WITHOUT_NLS=YES
WITHOUT_NLS_CATALOGS=YES
WITHOUT_NS_CACHING=YES
WITHOUT_PF=YES
WITHOUT_AUTHPF=YES
WITHOUT_PPP=YES
WITHOUT_RADIUS_SUPPORT=YES
WITHOUT_RBOOTD=YES
WITHOUT_RCMDS=YES
WITHOUT_RCS=YES
WITHOUT_ROUTED=YES
#WITHOUT_SVNLITE=YES
WITHOUT_TCP_WRAPPERS=YES
WITHOUT_TFTP=YES
WITHOUT_TIMED=YES
WITHOUT_WIRELESS=YES
WITHOUT_ZFS=YES

Notes:

-These files are actually from a HardenedBSD system, so that's what the extra WITHOUT_HBSD_UPDATE is for.

-KERNCONFDIR is handy to store the KERNCONF outside /usr/src, so if you're syncing the entire /usr/src with SVN or GIT it's not removed as extra.

-I see a lot of people putting KERNCONF= in make.conf. AFAIK the KERNCONF= is best placed in src.conf, since it only concerns kernel builds. Correct me if I'm wrong :)

-If you turn off parts of world to build & install in src.conf, be sure to actually do a "make check-old" & "make check-old-libs" and (after checking) "yes|make delete-old" & "yes|make delete-old-libs". If you skip this, the old binaries of these parts (installed when the system was installed, some of which suid) will hang around on the filesystem without getting upgraded with the system. The idea is to actually remove these parts from the system, not just turning off upgrading them while keeping a very old version (possibly suid and exploitable) around :P
 
Are there any flags to prevent the build of clang (when building world) from including unwanted architectures?
For example, I only need x86 and x64, not ARM, AArch64, MIPS, Sparc, etc. But the build will include everything (which seems to take a large portion of total build time).
 
JAW said:
Are there any flags to prevent the build of clang (when building world) from including unwanted architectures?
For example, I only need x86 and x64, not ARM, AArch64, MIPS, Sparc, etc.
Click to expand...
Code: 
CPUTYPE?=
tells it to build for a specific processor, but I'm not sure how to tell it to use a limited amount of architectures. The ? is used to allow ports to build, which won't build when the specific processor instruction is forced.
 
Code: 
PORTSDIR=/data/poudriere/ports/default
DISTDIR=/data/cache/distfiles
WRKDIRPREFIX=/var/tmp
PORT_DBDIR=/tmp

.include "/usr/local/etc/poudriere.d/make.conf"

No src.conf.
 
make.conf:
Code: 
KERNCONF=MYKERNCONF
WRKDIRPREFIX=/usr/buildport
WITHOUT_MODULES=i915 i915kms mach64 mga r128 savage sis tdfx via ipfilter zfs
PORTS_MODULES=graphics/drm-stable-kmod shells/mksh ports-mgmt/psearch net/svnup

COMPILER_TYPE=  clang
CC=             /usr/local/bin/clang60
CXX=            /usr/local/bin/clang++60
CPP=            /usr/local/bin/clang-cpp60
LD=             /usr/bin/ld # default
#XLD=           /usr/local/llvm60/bin/ld.lld
#CROSS_BINUTILS_PREFIX=/var/empty

OPTIONS_SET=    SNDIO SOUNDEX OGG \
                CRYPTO LIBBLURAY \
                SPEEX SQLITE PYGMENTS \
                EXAMPLES HUNSPELL UTF8 \
                CPU_CLIP SASL TZDATA \
                PNG OPENGL VDPAU VAAPI NONFREE \
                XCONSOLE XCLOCK XSETROOT \
                IPV6 IDN CURL GSSAPI_MIT \
                TCLTK RUST \
                SYSTRAY NOTIFY
OPTIONS_SET+=   PORTAUDIO XAW3DXFT XVIDEO PORT_LLVM QT4
OPTIONS_UNSET=  PULSEAUDIO PULSE ALSA NAS JACK \
                CUPS WGET GCC COLORD AVAHI \
                TWM XAUTH XBACKLIGHT XGC ICEAUTH \
                GDBM BASH GNUTLS NLS \
                CANBERRA QT5 V4L DOXYGEN SVG \
                VV BONJOUR GG SAMETIME SILC IRC NOVELL OSCAR QQ SIMPLE ZEPHYR \
                GNOME GNOMEVFS GCONF HTTPD LIVEMEDIA \
                GSSAPI_BASE
x11-drivers_xorg-drivers_SET=AMDGPU ATI JOYSTICK LIBINPUT
x11-drivers_xorg-drivers_UNSET=SCFB VESA
emulators_i386-wine_SET=MONO GECKO
mail_thunderbird_UNSET=LIGHTNING FFMPEG
net-im_libpurple_UNSET=GSTREAMER # using command interface to waveplay or wavplay
net-im_pidgin_UNSET=GSTREAMER
textproc_libe-book_UNSET=DOCS
audio_libsamplerate_UNSET=EXAMPLES
editors_libreoffice_UNSET=MMEDIA
QT4_OPTIONS=    -CUPS

src.conf:
Code: 
# NETWORK
WITHOUT_CTM=yes
WITHOUT_FINGER=yes
WITHOUT_FTP=yes
WITHOUT_HAST=yes
WITHOUT_HTML=yes
WITHOUT_IPFILTER=yes
WITHOUT_OPENSSH=yes
WITHOUT_RCMDS=yes
WITHOUT_SENDMAIL=yes
WITH_SVN=yes
WITHOUT_TALK=yes
WITHOUT_TELNET=yes
WITHOUT_TFTP=yes
WITHOUT_GSSAPI=yes      # LibreSSL can't use base's GSSAPI, alternate can be set from make.conf
WITHOUT_NTP=yes # needed for LibreSSL

# TOOLCHAIN
WITHOUT_CLANG=yes
WITHOUT_CXX=yes
WITHOUT_CPP=yes
WITHOUT_LLD=yes
WITHOUT_GCC_BOOTSTRAP=yes
WITHOUT_GCC=yes
WITHOUT_GDB=yes
WITHOUT_GPL_DTC=yes
WITHOUT_GNU=yes
WITHOUT_GNUCXX=yes
WITHOUT_GNU_SUPPORT=yes

# OTHER
WITHOUT_BHYVE=yes
WITHOUT_BOOTPARAMD=yes
WITHOUT_BOOTPD=yes
WITHOUT_CCD=yes
WITHOUT_EE=yes
WITHOUT_FLOPPY=yes
WITHOUT_GAMES=yes
WITHOUT_GPIO=yes
WITHOUT_GNU_GREP=yes
WITHOUT_HYPERV=yes
WITHOUT_ZFS=yes
WITH_BSD_GREP=yes
Left syscons in the base and module, in case of urgent need of VESA driver for any available card. Syscons, VESA and related drivers/arguments can likely be left out of the kernel build, because then that can hopefully be loaded from module if needed. I forgot if linux and linux64 modules are needed for certain FreeBSD modules, including for graphics cards, but if so, I can use VESA if that temporary need arises.

The compiler parts left out of src.conf, are referenced to clang from ports in make.conf. GSSAPI_BASE must be unset, before an alternate can be set.
 
JAW said:
Are there any flags to prevent the build of clang (when building world) from including unwanted architectures?
For example, I only need x86 and x64, not ARM, AArch64, MIPS, Sparc, etc. But the build will include everything (which seems to take a large portion of total build time).
Click to expand...

I've noticed that the following have been added recently (July), https://reviews.freebsd.org/rS335875
so I've been adding to my src.conf. I have not benchmarked it myself.

Code: 
WITHOUT_LLVM_TARGET_AARCH64=
WITHOUT_LLVM_TARGET_ARM=
WITHOUT_LLVM_TARGET_MIPS=
WITHOUT_LLVM_TARGET_POWERPC=
WITHOUT_LLVM_TARGET_SPARC=
 
tobik@ said:
Or the whole thread could be a train wreck.
Click to expand...
Hopefully I don't wreck it...

I wanted to move my big list from NanoBSD but it was stale. So I started over on FreeBSD 12.
This is so minimal I don't recommend it for anyone without maximum caution. Firewalls removed.
I don't use a src.conf. I am building images from a custom makefile directory, modified from /usr/src/release.
I copy my /etc/make.conf in to position after building world and kernel.
The below makefile WITHOUT_ directives were found in /usr/src/tools/build/options/
/etc/make.conf
Code: 
TARGET_ARCH=amd64
TARGET_CPUTYPE=amd64
TARGET=amd64
#######  FROM FREEBSD 12.0-STABLE SOURCE r342891  ##########
WITHOUT_ACCT=
WITHOUT_AMD=
WITHOUT_APM=
WITHOUT_ASSERT_DEBUG=
WITHOUT_AT=
WITHOUT_ATM=
WITHOUT_AUDIT=
WITHOUT_AUTHPF=
WITHOUT_AUTOFS=
WITHOUT_AUTO_OBJ=
WITHOUT_BHYVE=
WITHOUT_BINUTILS=
WITHOUT_BINUTILS_BOOTSTRAP=
WITHOUT_BLACKLIST_SUPPORT=
WITHOUT_BLUETOOTH=
WITHOUT_BMAKE=
WITHOUT_BOOTPARAMD=
WITHOUT_BOOTPD=
WITHOUT_BSDINSTALL=
WITHOUT_BSD_CPIO=
WITHOUT_BSNMP=
WITHOUT_BZIP2=
WITHOUT_BZIP2_SUPPORT=
WITHOUT_CALENDAR=
WITHOUT_CCD=
WITHOUT_CDDL=
WITHOUT_CLANG=
WITHOUT_CLANG_BOOTSTRAP=
WITHOUT_CLANG_FULL=
WITHOUT_CLANG_IS_CC=
WITHOUT_CPP=
WITHOUT_CROSS_COMPILER=
WITHOUT_CTM=
WITHOUT_CUSE=
WITHOUT_CVS=
WITHOUT_CXGBETOOL=
WITHOUT_DEBUG_FILES=
WITHOUT_DIALOG=
WITHOUT_DICT=
WITHOUT_DMAGENT=
WITHOUT_DOCCOMPRESS=
WITHOUT_DYNAMICROOT=
WITHOUT_ED_CRYPTO=
WITHOUT_ELFTOOLCHAIN_BOOTSTRAP=
WITHOUT_EXAMPLES=
WITHOUT_FDT=
WITHOUT_FINGER=
WITHOUT_FLOPPY=
WITHOUT_FMTREE=
WITHOUT_FORMAT_EXTENSIONS=
WITHOUT_FORTH=
WITHOUT_FP_LIBC=
WITHOUT_FREEBSD_UPDATE=
WITHOUT_FTP=
WITHOUT_GAMES=
WITHOUT_GCC=
WITHOUT_GCC_BOOTSTRAP=
WITHOUT_GCOV=
WITHOUT_GDB=
WITHOUT_GDB_LIBEXEC=
WITHOUT_GNUCXX=
WITHOUT_GNU_DIFF=
WITHOUT_GNU_GREP_COMPAT=
WITHOUT_GPIO=
WITHOUT_GPL_DTC=
WITHOUT_HAST=
WITHOUT_HTML=
WITHOUT_HYPERV=
WITHOUT_ICONV=
WITHOUT_INCLUDES=
WITHOUT_INET6=
WITHOUT_INET6_SUPPORT=
WITHOUT_INFO=
WITHOUT_INSTALLLIB=
WITHOUT_IPFILTER=
WITHOUT_IPFW=
WITHOUT_ISCSI=
WITHOUT_JAIL=
WITHOUT_KDUMP=
WITHOUT_KERNEL_RETPOLINE=
WITHOUT_KERNEL_SYMBOLS=
WITHOUT_KVM=
WITHOUT_KVM_SUPPORT=
WITHOUT_LIB32=
WITHOUT_LIBCPLUSPLUS=
WITHOUT_LLD=
WITHOUT_LLDB=
WITHOUT_LLD_BOOTSTRAP=
WITHOUT_LLD_IS_LD=
WITHOUT_LLVM_COV=
WITHOUT_LLVM_TARGET_AARCH64=
WITHOUT_LLVM_TARGET_ALL=
WITHOUT_LLVM_TARGET_ARM=
WITHOUT_LLVM_TARGET_MIPS=
WITHOUT_LLVM_TARGET_POWERPC=
WITHOUT_LLVM_TARGET_SPARC=
WITHOUT_LLVM_TARGET_X86=
WITHOUT_LOADER_GELI=
WITHOUT_LOADER_OFW=
WITHOUT_LOADER_UBOOT=
WITHOUT_LOCALES=
WITHOUT_LOCATE=
WITHOUT_LPR=
WITHOUT_LS_COLORS=
WITHOUT_LZMA_SUPPORT=
WITHOUT_MAIL=
WITHOUT_MAILWRAPPER=
WITHOUT_MAKE=
WITHOUT_MAKE_CHECK_USE_SANDBOX=
WITHOUT_MAN=
WITHOUT_MANCOMPRESS=
WITHOUT_MAN_UTILS=
WITHOUT_MLX5TOOL=
WITHOUT_MODULE_DRM=
WITHOUT_MODULE_DRM2=
WITHOUT_NAND=
WITHOUT_NCP=
WITHOUT_NDIS=
WITHOUT_NETCAT=
WITHOUT_NETGRAPH=
WITHOUT_NETGRAPH_SUPPORT=
WITHOUT_NLS=
WITHOUT_NLS_CATALOGS=
WITHOUT_NS_CACHING=
WITHOUT_NTP=
WITHOUT_PC_SYSINSTALL=
WITHOUT_PF=
WITHOUT_PMC=
WITHOUT_PORTSNAP=
WITHOUT_PPP=
WITHOUT_PROFILE=
WITHOUT_QUOTAS=
WITHOUT_RADIUS_SUPPORT=
WITHOUT_RBOOTD=
WITHOUT_REPRODUCIBLE_BUILD=
WITHOUT_RESCUE=
WITHOUT_ROUTED=
WITHOUT_SENDMAIL=
WITHOUT_SERVICESDB=
WITHOUT_SETUID_LOGIN=
WITHOUT_SHAREDOCS=
WITHOUT_SOURCELESS=
WITHOUT_SOURCELESS_HOST=
WITHOUT_SOURCELESS_UCODE=
WITHOUT_SSP=
WITHOUT_SVNLITE=
WITHOUT_SYMVER=
WITHOUT_SYSCONS=
WITHOUT_SYSTEM_COMPILER=
WITHOUT_SYSTEM_LINKER=
WITHOUT_TALK=
WITHOUT_TCP_WRAPPERS=
WITHOUT_TELNET=
WITHOUT_TESTS=
WITHOUT_TESTS_SUPPORT=
WITHOUT_TEXTPROC=
WITHOUT_TFTP=
WITHOUT_TIMED=
WITHOUT_TOOLCHAIN=
WITHOUT_UNBOUND=
WITHOUT_UNIFIED_OBJDIR=
WITHOUT_USB_GADGET_EXAMPLES=
WITHOUT_UTMPX=
WITHOUT_VI=
WITHOUT_WARNS=
WITHOUT_WIRELESS=
WITHOUT_WIRELESS_SUPPORT=
WITHOUT_WPA_SUPPLICANT_EAPOL=
WITHOUT_ZFS=
WITHOUT_ZONEINFO=


How low can you go?? I have mine down to 205MB for starting embedded builds.
# ls -ll /usr/obj/usr/src/amd64.amd64/custom/memstick.img
-rw-r--r-- 1 root wheel 205103616 Jun 6 21:45 /usr/obj/usr/src/amd64.amd64/custom/memstick.img

This is as low as I can go with networking, sshd and dhclient available. I can install software with pkg.
How awesome is it that FreeBSD is so configurable.
 
As you can see here, I'm not a fan of the C shell:
Code: 
vmhost# cat /etc/src.conf

# unwanted base components/options:
WITHOUT_ASSERT_DEBUG=yes
WITHOUT_ATM=yes
WITHOUT_AUDIT=yes
WITHOUT_AUTHPF=yes
WITHOUT_BOOTPARAMD=yes
WITHOUT_BOOTPD=yes
WITHOUT_ED_CRYPTO=yes
WITHOUT_EE=yes
WITHOUT_EXAMPLES=yes
WITHOUT_FLOPPY=yes
WITHOUT_GPIB=yes
WITHOUT_HTML=yes
WITHOUT_IPFILTER=yes
WITHOUT_IPFW=yes
WITHOUT_IPX=yes
WITHOUT_PC_SYSINSTALL=yes
WITHOUT_KERBEROS=yes
WITHOUT_OPENSSH=yes
WITHOUT_PROFILE=yes
WITHOUT_RBOOTD=yes
WITHOUT_RCS=yes
WITHOUT_SENDMAIL=yes
WITHOUT_SHAREDOCS=yes
WITHOUT_SVNLITE=yes
WITHOUT_SYSCONS=yes
WITHOUT_TCSH=yes
WITHOUT_TESTS=yes
WITHOUT_VI=yes
WITHOUT_MODULE_DRM=yes
WITHOUT_MODULE_DRM2=yes

# build options
MALLOC_PRODUCTION=yes

KERNCONF=GENERIC ROUTER DESKTOP
The MALLOC_PRODUCTION is a leftover from using 11-CURRENT -- btw, any good ideas about maintenance of all these options? How do you discover any of these got obsolete?

The ROUTER kernel includes some ALTQ stuff, the DESKTOP kernel has the "sg" device, so I can use MakeMKV.

Packages are built with poudriere, using this config:
Code: 
builder# cat /usr/local/etc/poudriere.d/make.conf
DEFAULT_VERSIONS+= ssl=libressl samba=4.8 php=7.2 pgsql=10 linux=c7

OPTIONS_UNSET+= GSSAPI_BASE GSSAPI_NONE HEIMDAL ALSA JACK PULSE PULSEAUDIO
OPTIONS_SET+=   GSSAPI_MIT SNDIO PORTAUDIO
net_samba48_UNSET+=    GSSAPI_BUILTIN DEBUG
net_samba48_SET+=    CUPS BIND914
www_elinks_SET+=    ICONV IDN
www_firefox_UNSET+=    ALSA JACK
java_openjdk8_SET+=    ALSA
net_freerdp_SET+=    ALSA
devel_electron4_SET+=    ALSA
www_node_SET+=    BUNDLED_SSL
news_tin_SET+=    SLRNFACE
games_eduke32_SET+=    HRP OFFENSIVE FULL
irc_irssi_SET+=    OTR PROXY
irc_bitlbee_SET+=    LIBPURPLE OTR
irc_bitlbee_UNSET+=    SKYPE MSN TWITTER JABBER OSCAR
editors_libreoffice_UNSET+=    GTK2 GTK3
editors_libreoffice_SET+=    JAVA KDE5 SYSTRAY WEBDAV
emulators_playonbsd_UNSET+=    GECKO MONO
emulators_wine_SET+=    CUPS HAL LIBXSLT MPG123
graphics_gimp-app_SET+=    GHOSTSCRIPT
graphics_mesa-dri_SET+= VAAPI VDPAU
graphics_sane-frontends_SET+=    GIMP
multimedia_mplayer_SET+=    BLURAY XVMC
net-im_pidgin_SET+=    SASL
net_freeradius3_SET+=    WINBIND MITKRB_PORT
security_openssh-portable_SET+=    KERB_GSSAPI MIT
security_sudo_UNSET+=    GSSAPI_MIT
ftp_curl_UNSET+=    TLS_SRP

DISABLE_VULNERABILITIES=yes
LICENSES_ACCEPTED+=    MAKEMKV

ICA_CERTS=Addtrust_External_CA_Root.pem
DUKE3DFULLDIR=/distfiles/duke3d
 
JAW said:
Are there any flags to prevent the build of clang (when building world) from including unwanted architectures?
For example, I only need x86 and x64, not ARM, AArch64, MIPS, Sparc, etc. But the build will include everything (which seems to take a large portion of total build time).
Click to expand...
Put this into src.conf:
Code: 
WITHOUT_LLVM_TARGET_ALL=
 
You must log in or register to reply here.
Back
Top