# # For a description of the syntax of this configuration file, # see scripts/kbuild/config-language.txt. # mainmenu "Configuration" config HAVE_DOT_CONFIG bool default y menu "Settings" config DESKTOP bool "Enable compatibility for full-blown desktop systems" default y help Enable applet options and features which are not essential. Many applet options have dedicated config options to (de)select them under that applet; this options enables those options which have no individual config item for them. Select this if you plan to use busybox on full-blown desktop machine with common Linux distro, which needs higher level of command-line compatibility. If you are preparing your build to be used on an embedded box where you have tighter control over the entire set of userspace tools, you can unselect this option for smaller code size. config EXTRA_COMPAT bool "Provide compatible behavior for rare corner cases (bigger code)" default n help This option makes grep, sed etc handle rare corner cases (embedded NUL bytes and such). This makes code bigger and uses some GNU extensions in libc. You probably only need this option if you plan to run busybox on desktop. config FEDORA_COMPAT bool "Building for Fedora distribution" default n help This option makes some tools behave like they do on Fedora. At the time of this writing (2017-08) this only affects uname: normally, uname -p (processor) and uname -i (platform) are shown as "unknown", but with this option uname -p shows the same string as uname -m (machine type), and so does uname -i unless machine type is i486/i586/i686 - then uname -i shows "i386". config INCLUDE_SUSv2 bool "Enable obsolete features removed before SUSv3" default y help This option will enable backwards compatibility with SuSv2, specifically, old-style numeric options ('command -1 <file>') will be supported in head, tail, and fold. (Note: should affect renice too.) config LONG_OPTS bool "Support --long-options" default y help Enable this if you want busybox applets to use the gnu --long-option style, in addition to single character -a -b -c style options. config SHOW_USAGE bool "Show applet usage messages" default y help Enabling this option, applets will show terse help messages when invoked with wrong arguments. If you do not want to show any (helpful) usage message when issuing wrong command syntax, you can say 'N' here, saving approximately 7k. config FEATURE_VERBOSE_USAGE bool "Show verbose applet usage messages" default y depends on SHOW_USAGE help All applets will show verbose help messages when invoked with --help. This will add a lot of text to the binary. config FEATURE_COMPRESS_USAGE bool "Store applet usage messages in compressed form" default y depends on SHOW_USAGE help Store usage messages in .bz2 compressed form, uncompress them on-the-fly when "APPLET --help" is run. If you have a really tiny busybox with few applets enabled (and bunzip2 isn't one of them), the overhead of the decompressor might be noticeable. Also, if you run executables directly from ROM and have very little memory, this might not be a win. Otherwise, you probably want this. config LFS bool "Support files > 2 GB" default y help If you need to work with large files, enable this option. This will have no effect if your kernel or your C library lacks large file support for large files. Some of the programs that can benefit from large file support include dd, gzip, cp, mount, tar. config PAM bool "Support PAM (Pluggable Authentication Modules)" default n help Use PAM in some applets (currently login and httpd) instead of direct access to password database. config FEATURE_DEVPTS bool "Use the devpts filesystem for Unix98 PTYs" default y help Enable if you want to use Unix98 PTY support. If enabled, busybox will use /dev/ptmx for the master side of the pseudoterminal and /dev/pts/<number> for the slave side. Otherwise, BSD style /dev/ttyp<number> will be used. To use this option, you should have devpts mounted. config FEATURE_UTMP bool "Support utmp file" default y help The file /var/run/utmp is used to track who is currently logged in. With this option on, certain applets (getty, login, telnetd etc) will create and delete entries there. "who" applet requires this option. config FEATURE_WTMP bool "Support wtmp file" default y depends on FEATURE_UTMP help The file /var/run/wtmp is used to track when users have logged into and logged out of the system. With this option on, certain applets (getty, login, telnetd etc) will append new entries there. "last" applet requires this option. config FEATURE_PIDFILE bool "Support writing pidfiles" default y help This option makes some applets (e.g. crond, syslogd, inetd) write a pidfile at the configured PID_FILE_PATH. It has no effect on applets which require pidfiles to run. config PID_FILE_PATH string "Directory for pidfiles" default "/var/run" depends on FEATURE_PIDFILE help This is the default path where pidfiles are created. Applets which allow you to set the pidfile path on the command line will override this value. The option has no effect on applets that require you to specify a pidfile path. config BUSYBOX bool "Include busybox applet" default y help The busybox applet provides general help message and allows the included applets to be listed. It also provides optional --install command to create applet links. If you unselect this option, running busybox without any arguments will give just a cryptic error message: $ busybox busybox: applet not found Running "busybox APPLET [ARGS...]" will still work, of course. config FEATURE_INSTALLER bool "Support --install [-s] to install applet links at runtime" default y depends on BUSYBOX help Enable 'busybox --install [-s]' support. This will allow you to use busybox at runtime to create hard links or symlinks for all the applets that are compiled into busybox. config INSTALL_NO_USR bool "Don't use /usr" default n help Disable use of /usr. "busybox --install" and "make install" will install applets only to /bin and /sbin, never to /usr/bin or /usr/sbin. config FEATURE_SUID bool "Drop SUID state for most applets" default y help With this option you can install the busybox binary belonging to root with the suid bit set, enabling some applets to perform root-level operations even when run by ordinary users (for example, mounting of user mounts in fstab needs this). With this option enabled, busybox drops privileges for applets that don't need root access, before entering their main() function. If you are really paranoid and don't want even initial busybox code to run under root for every applet, build two busybox binaries with different applets in them (and the appropriate symlinks pointing to each binary), and only set the suid bit on the one that needs it. Some applets which require root rights (need suid bit on the binary or to be run by root) and will refuse to execute otherwise: crontab, login, passwd, su, vlock, wall. The applets which will use root rights if they have them (via suid bit, or because run by root), but would try to work without root right nevertheless: findfs, ping[6], traceroute[6], mount. Note that if you DO NOT select this option, but DO make busybox suid root, ALL applets will run under root, which is a huge security hole (think "cp /some/file /etc/passwd"). config FEATURE_SUID_CONFIG bool "Enable SUID configuration via /etc/busybox.conf" default y depends on FEATURE_SUID help Allow the SUID/SGID state of an applet to be determined at runtime by checking /etc/busybox.conf. (This is sort of a poor man's sudo.) The format of this file is as follows: APPLET = [Ssx-][Ssx-][x-] [USER.GROUP] s: USER or GROUP is allowed to execute APPLET. APPLET will run under USER or GROUP (regardless of who's running it). S: USER or GROUP is NOT allowed to execute APPLET. APPLET will run under USER or GROUP. This option is not very sensical. x: USER/GROUP/others are allowed to execute APPLET. No UID/GID change will be done when it is run. -: USER/GROUP/others are not allowed to execute APPLET. An example might help: |[SUID] |su = ssx root.0 # applet su can be run by anyone and runs with | # euid=0,egid=0 |su = ssx # exactly the same | |mount = sx- root.disk # applet mount can be run by root and members | # of group disk (but not anyone else) | # and runs with euid=0 (egid is not changed) | |cp = --- # disable applet cp for everyone The file has to be owned by user root, group root and has to be writeable only by root: (chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf) The busybox executable has to be owned by user root, group root and has to be setuid root for this to work: (chown 0.0 /bin/busybox; chmod 4755 /bin/busybox) Robert 'sandman' Griebl has more information here: <url: http://www.softforge.de/bb/suid.html >. config FEATURE_SUID_CONFIG_QUIET bool "Suppress warning message if /etc/busybox.conf is not readable" default y depends on FEATURE_SUID_CONFIG help /etc/busybox.conf should be readable by the user needing the SUID, check this option to avoid users to be notified about missing permissions. config FEATURE_PREFER_APPLETS bool "exec prefers applets" default n help This is an experimental option which directs applets about to call 'exec' to try and find an applicable busybox applet before searching the PATH. This is typically done by exec'ing /proc/self/exe. This may affect shell, find -exec, xargs and similar applets. They will use applets even if /bin/APPLET -> busybox link is missing (or is not a link to busybox). However, this causes problems in chroot jails without mounted /proc and with ps/top (command name can be shown as 'exe' for applets started this way). config BUSYBOX_EXEC_PATH string "Path to busybox executable" default "/proc/self/exe" help When applets need to run other applets, busybox sometimes needs to exec() itself. When the /proc filesystem is mounted, /proc/self/exe always points to the currently running executable. If you haven't got /proc, set this to wherever you want to run busybox from. config SELINUX bool "Support NSA Security Enhanced Linux" default n select PLATFORM_LINUX help Enable support for SELinux in applets ls, ps, and id. Also provide the option of compiling in SELinux applets. If you do not have a complete SELinux userland installed, this stuff will not compile. Specifially, libselinux 1.28 or better is directly required by busybox. If the installation is located in a non-standard directory, provide it by invoking make as follows: CFLAGS=-I<libselinux-include-path> \ LDFLAGS=-L<libselinux-lib-path> \ make Most people will leave this set to 'N'. config FEATURE_CLEAN_UP bool "Clean up all memory before exiting (usually not needed)" default n help As a size optimization, busybox normally exits without explicitly freeing dynamically allocated memory or closing files. This saves space since the OS will clean up for us, but it can confuse debuggers like valgrind, which report tons of memory and resource leaks. Don't enable this unless you have a really good reason to clean things up manually. # These are auto-selected by other options config FEATURE_SYSLOG bool #No description makes it a hidden option default n #help #This option is auto-selected when you select any applet which may #send its output to syslog. You do not need to select it manually. config FEATURE_HAVE_RPC bool #No description makes it a hidden option default n #help #This is automatically selected if any of enabled applets need it. #You do not need to select it manually. config PLATFORM_LINUX bool #No description makes it a hidden option default n #help #For the most part, busybox requires only POSIX compatibility #from the target system, but some applets and features use #Linux-specific interfaces. # #This is automatically selected if any applet or feature requires #Linux-specific interfaces. You do not need to select it manually. comment 'Build Options' config STATIC bool "Build static binary (no shared libs)" default n help If you want to build a static binary, which does not use or require any shared libraries, enable this option. Static binaries are larger, but do not require functioning dynamic libraries to be present, which is important if used as a system rescue tool. config PIE bool "Build position independent executable" default n depends on !STATIC help Hardened code option. PIE binaries are loaded at a different address at each invocation. This has some overhead, particularly on x86-32 which is short on registers. Most people will leave this set to 'N'. config NOMMU bool "Force NOMMU build" default n help Busybox tries to detect whether architecture it is being built against supports MMU or not. If this detection fails, or if you want to build NOMMU version of busybox for testing, you may force NOMMU build here. Most people will leave this set to 'N'. # PIE can be made to work with BUILD_LIBBUSYBOX, but currently # build system does not support that config BUILD_LIBBUSYBOX bool "Build shared libbusybox" default n depends on !FEATURE_PREFER_APPLETS && !PIE && !STATIC help Build a shared library libbusybox.so.N.N.N which contains all busybox code. This feature allows every applet to be built as a really tiny separate executable linked against the library: |$ size 0_lib/l* | text data bss dec hex filename | 939 212 28 1179 49b 0_lib/last | 939 212 28 1179 49b 0_lib/less | 919138 8328 1556 929022 e2cfe 0_lib/libbusybox.so.1.N.M This is useful on NOMMU systems which are not capable of sharing executables, but are capable of sharing code in dynamic libraries. config FEATURE_LIBBUSYBOX_STATIC bool "Pull in all external references into libbusybox" default n depends on BUILD_LIBBUSYBOX help Make libbusybox library independent, not using or requiring any other shared libraries. config FEATURE_INDIVIDUAL bool "Produce a binary for each applet, linked against libbusybox" default y depends on BUILD_LIBBUSYBOX help If your CPU architecture doesn't allow for sharing text/rodata sections of running binaries, but allows for runtime dynamic libraries, this option will allow you to reduce memory footprint when you have many different applets running at once. If your CPU architecture allows for sharing text/rodata, having single binary is more optimal. Each applet will be a tiny program, dynamically linked against libbusybox.so.N.N.N. You need to have a working dynamic linker. config FEATURE_SHARED_BUSYBOX bool "Produce additional busybox binary linked against libbusybox" default y depends on BUILD_LIBBUSYBOX help Build busybox, dynamically linked against libbusybox.so.N.N.N. You need to have a working dynamic linker. ### config BUILD_AT_ONCE ### bool "Compile all sources at once" ### default n ### help ### Normally each source-file is compiled with one invocation of ### the compiler. ### If you set this option, all sources are compiled at once. ### This gives the compiler more opportunities to optimize which can ### result in smaller and/or faster binaries. ### ### Setting this option will consume alot of memory, e.g. if you ### enable all applets with all features, gcc uses more than 300MB ### RAM during compilation of busybox. ### ### This option is most likely only beneficial for newer compilers ### such as gcc-4.1 and above. ### ### Say 'N' unless you know what you are doing. config CROSS_COMPILER_PREFIX string "Cross compiler prefix" default "" help If you want to build busybox with a cross compiler, then you will need to set this to the cross-compiler prefix, for example, "i386-uclibc-". Note that CROSS_COMPILE environment variable or "make CROSS_COMPILE=xxx ..." will override this selection. Native builds leave this empty. config SYSROOT string "Path to sysroot" default "" help If you want to build busybox with a cross compiler, then you might also need to specify where /usr/include and /usr/lib will be found. For example, busybox can be built against an installed Android NDK, platform version 9, for ARM ABI with CONFIG_SYSROOT=/opt/android-ndk/platforms/android-9/arch-arm Native builds leave this empty. config EXTRA_CFLAGS string "Additional CFLAGS" default "" help Additional CFLAGS to pass to the compiler verbatim. config EXTRA_LDFLAGS string "Additional LDFLAGS" default "" help Additional LDFLAGS to pass to the linker verbatim. config EXTRA_LDLIBS string "Additional LDLIBS" default "" help Additional LDLIBS to pass to the linker with -l. config USE_PORTABLE_CODE bool "Avoid using GCC-specific code constructs" default n help Use this option if you are trying to compile busybox with compiler other than gcc. If you do use gcc, this option may needlessly increase code size. comment 'Installation Options ("make install" behavior)' choice prompt "What kind of applet links to install" default INSTALL_APPLET_SYMLINKS help Choose what kind of links to applets are created by "make install". config INSTALL_APPLET_SYMLINKS bool "as soft-links" help Install applets as soft-links to the busybox binary. This needs some free inodes on the filesystem, but might help with filesystem generators that can't cope with hard-links. config INSTALL_APPLET_HARDLINKS bool "as hard-links" help Install applets as hard-links to the busybox binary. This might count on a filesystem with few inodes. config INSTALL_APPLET_SCRIPT_WRAPPERS bool "as script wrappers" help Install applets as script wrappers that call the busybox binary. config INSTALL_APPLET_DONT bool "not installed" help Do not install applet links. Useful when you plan to use busybox --install for installing links, or plan to use a standalone shell and thus don't need applet links. endchoice choice prompt "/bin/sh applet link" default INSTALL_SH_APPLET_SYMLINK depends on INSTALL_APPLET_SCRIPT_WRAPPERS help Choose how you install /bin/sh applet link. config INSTALL_SH_APPLET_SYMLINK bool "as soft-link" help Install /bin/sh applet as soft-link to the busybox binary. config INSTALL_SH_APPLET_HARDLINK bool "as hard-link" help Install /bin/sh applet as hard-link to the busybox binary. config INSTALL_SH_APPLET_SCRIPT_WRAPPER bool "as script wrapper" help Install /bin/sh applet as script wrapper that calls the busybox binary. endchoice config PREFIX string "Destination path for 'make install'" default "./_install" help Where "make install" should install busybox binary and links. comment 'Debugging Options' config DEBUG bool "Build with debug information" default n help Say Y here to compile with debug information. This increases the size of the binary considerably, and should only be used when doing development. This adds -g option to gcc command line. Most people should answer N. config DEBUG_PESSIMIZE bool "Disable compiler optimizations" default n depends on DEBUG help The compiler's optimization of source code can eliminate and reorder code, resulting in an executable that's hard to understand when stepping through it with a debugger. This switches it off, resulting in a much bigger executable that more closely matches the source code. This replaces -Os/-O2 with -O0 in gcc command line. config DEBUG_SANITIZE bool "Enable runtime sanitizers (ASAN/LSAN/USAN/etc...)" default n help Say Y here if you want to enable runtime sanitizers. These help catch bad memory accesses (e.g. buffer overflows), but will make the executable larger and slow down runtime a bit. This adds -fsanitize=foo options to gcc command line. If you aren't developing/testing busybox, say N here. config UNIT_TEST bool "Build unit tests" default n help Say Y here if you want to build unit tests (both the framework and test cases) as an applet. This results in bigger code, so you probably don't want this option in production builds. config WERROR bool "Abort compilation on any warning" default n help This adds -Werror to gcc command line. Most people should answer N. choice prompt "Additional debugging library" default NO_DEBUG_LIB help Using an additional debugging library will make busybox become considerably larger and will cause it to run more slowly. You should always leave this option disabled for production use. dmalloc support: ---------------- This enables compiling with dmalloc ( http://dmalloc.com/ ) which is an excellent public domain mem leak and malloc problem detector. To enable dmalloc, before running busybox you will want to properly set your environment, for example: export DMALLOC_OPTIONS=debug=0x34f47d83,inter=100,log=logfile The 'debug=' value is generated using the following command dmalloc -p log-stats -p log-non-free -p log-bad-space \ -p log-elapsed-time -p check-fence -p check-heap \ -p check-lists -p check-blank -p check-funcs -p realloc-copy \ -p allow-free-null Electric-fence support: ----------------------- This enables compiling with Electric-fence support. Electric fence is another very useful malloc debugging library which uses your computer's virtual memory hardware to detect illegal memory accesses. This support will make busybox be considerably larger and run slower, so you should leave this option disabled unless you are hunting a hard to find memory problem. config NO_DEBUG_LIB bool "None" config DMALLOC bool "Dmalloc" config EFENCE bool "Electric-fence" endchoice source libbb/Config.in endmenu comment "Applets" source archival/Config.in source coreutils/Config.in source console-tools/Config.in source debianutils/Config.in source editors/Config.in source findutils/Config.in source init/Config.in source loginutils/Config.in source e2fsprogs/Config.in source modutils/Config.in source util-linux/Config.in source miscutils/Config.in source networking/Config.in source printutils/Config.in source mailutils/Config.in source procps/Config.in source runit/Config.in source selinux/Config.in source shell/Config.in source sysklogd/Config.in