busybox/Config.in

711 lines
22 KiB
Plaintext

#
# For a description of the syntax of this configuration file,
# see scripts/kbuild/config-language.txt.
#
mainmenu "Configuration"
config HAVE_DOT_CONFIG
bool
default y
menu "Settings"
config DESKTOP
bool "Enable compatibility for full-blown desktop systems"
default y
help
Enable applet options and features which are not essential.
Many applet options have dedicated config options to (de)select them
under that applet; this options enables those options which have no
individual config item for them.
Select this if you plan to use busybox on full-blown desktop machine
with common Linux distro, which needs higher level of command-line
compatibility.
If you are preparing your build to be used on an embedded box
where you have tighter control over the entire set of userspace
tools, you can unselect this option for smaller code size.
config EXTRA_COMPAT
bool "Provide compatible behavior for rare corner cases (bigger code)"
default n
help
This option makes grep, sed etc handle rare corner cases
(embedded NUL bytes and such). This makes code bigger and uses
some GNU extensions in libc. You probably only need this option
if you plan to run busybox on desktop.
config FEDORA_COMPAT
bool "Building for Fedora distribution"
default n
help
This option makes some tools behave like they do on Fedora.
At the time of this writing (2017-08) this only affects uname:
normally, uname -p (processor) and uname -i (platform)
are shown as "unknown", but with this option uname -p
shows the same string as uname -m (machine type),
and so does uname -i unless machine type is i486/i586/i686 -
then uname -i shows "i386".
config INCLUDE_SUSv2
bool "Enable obsolete features removed before SUSv3"
default y
help
This option will enable backwards compatibility with SuSv2,
specifically, old-style numeric options ('command -1 <file>')
will be supported in head, tail, and fold. (Note: should
affect renice too.)
config LONG_OPTS
bool "Support --long-options"
default y
help
Enable this if you want busybox applets to use the gnu --long-option
style, in addition to single character -a -b -c style options.
config SHOW_USAGE
bool "Show applet usage messages"
default y
help
Enabling this option, applets will show terse help messages
when invoked with wrong arguments.
If you do not want to show any (helpful) usage message when
issuing wrong command syntax, you can say 'N' here,
saving approximately 7k.
config FEATURE_VERBOSE_USAGE
bool "Show verbose applet usage messages"
default y
depends on SHOW_USAGE
help
All applets will show verbose help messages when invoked with --help.
This will add a lot of text to the binary.
config FEATURE_COMPRESS_USAGE
bool "Store applet usage messages in compressed form"
default y
depends on SHOW_USAGE
help
Store usage messages in .bz2 compressed form, uncompress them
on-the-fly when "APPLET --help" is run.
If you have a really tiny busybox with few applets enabled (and
bunzip2 isn't one of them), the overhead of the decompressor might
be noticeable. Also, if you run executables directly from ROM
and have very little memory, this might not be a win. Otherwise,
you probably want this.
config LFS
bool "Support files > 2 GB"
default y
help
If you need to work with large files, enable this option.
This will have no effect if your kernel or your C
library lacks large file support for large files. Some of the
programs that can benefit from large file support include dd, gzip,
cp, mount, tar.
config PAM
bool "Support PAM (Pluggable Authentication Modules)"
default n
help
Use PAM in some applets (currently login and httpd) instead
of direct access to password database.
config FEATURE_DEVPTS
bool "Use the devpts filesystem for Unix98 PTYs"
default y
help
Enable if you want to use Unix98 PTY support. If enabled,
busybox will use /dev/ptmx for the master side of the pseudoterminal
and /dev/pts/<number> for the slave side. Otherwise, BSD style
/dev/ttyp<number> will be used. To use this option, you should have
devpts mounted.
config FEATURE_UTMP
bool "Support utmp file"
default y
help
The file /var/run/utmp is used to track who is currently logged in.
With this option on, certain applets (getty, login, telnetd etc)
will create and delete entries there.
"who" applet requires this option.
config FEATURE_WTMP
bool "Support wtmp file"
default y
depends on FEATURE_UTMP
help
The file /var/run/wtmp is used to track when users have logged into
and logged out of the system.
With this option on, certain applets (getty, login, telnetd etc)
will append new entries there.
"last" applet requires this option.
config FEATURE_PIDFILE
bool "Support writing pidfiles"
default y
help
This option makes some applets (e.g. crond, syslogd, inetd) write
a pidfile at the configured PID_FILE_PATH. It has no effect
on applets which require pidfiles to run.
config PID_FILE_PATH
string "Directory for pidfiles"
default "/var/run"
depends on FEATURE_PIDFILE
help
This is the default path where pidfiles are created. Applets which
allow you to set the pidfile path on the command line will override
this value. The option has no effect on applets that require you to
specify a pidfile path.
config BUSYBOX
bool "Include busybox applet"
default y
help
The busybox applet provides general help message and allows
the included applets to be listed. It also provides
optional --install command to create applet links. If you unselect
this option, running busybox without any arguments will give
just a cryptic error message:
$ busybox
busybox: applet not found
Running "busybox APPLET [ARGS...]" will still work, of course.
config FEATURE_INSTALLER
bool "Support --install [-s] to install applet links at runtime"
default y
depends on BUSYBOX
help
Enable 'busybox --install [-s]' support. This will allow you to use
busybox at runtime to create hard links or symlinks for all the
applets that are compiled into busybox.
config INSTALL_NO_USR
bool "Don't use /usr"
default n
help
Disable use of /usr. "busybox --install" and "make install"
will install applets only to /bin and /sbin,
never to /usr/bin or /usr/sbin.
config FEATURE_SUID
bool "Drop SUID state for most applets"
default y
help
With this option you can install the busybox binary belonging
to root with the suid bit set, enabling some applets to perform
root-level operations even when run by ordinary users
(for example, mounting of user mounts in fstab needs this).
With this option enabled, busybox drops privileges for applets
that don't need root access, before entering their main() function.
If you are really paranoid and don't want even initial busybox code
to run under root for every applet, build two busybox binaries with
different applets in them (and the appropriate symlinks pointing
to each binary), and only set the suid bit on the one that needs it.
Some applets which require root rights (need suid bit on the binary
or to be run by root) and will refuse to execute otherwise:
crontab, login, passwd, su, vlock, wall.
The applets which will use root rights if they have them
(via suid bit, or because run by root), but would try to work
without root right nevertheless:
findfs, ping[6], traceroute[6], mount.
Note that if you DO NOT select this option, but DO make busybox
suid root, ALL applets will run under root, which is a huge
security hole (think "cp /some/file /etc/passwd").
config FEATURE_SUID_CONFIG
bool "Enable SUID configuration via /etc/busybox.conf"
default y
depends on FEATURE_SUID
help
Allow the SUID/SGID state of an applet to be determined at runtime
by checking /etc/busybox.conf. (This is sort of a poor man's sudo.)
The format of this file is as follows:
APPLET = [Ssx-][Ssx-][x-] [USER.GROUP]
s: USER or GROUP is allowed to execute APPLET.
APPLET will run under USER or GROUP
(regardless of who's running it).
S: USER or GROUP is NOT allowed to execute APPLET.
APPLET will run under USER or GROUP.
This option is not very sensical.
x: USER/GROUP/others are allowed to execute APPLET.
No UID/GID change will be done when it is run.
-: USER/GROUP/others are not allowed to execute APPLET.
An example might help:
|[SUID]
|su = ssx root.0 # applet su can be run by anyone and runs with
| # euid=0,egid=0
|su = ssx # exactly the same
|
|mount = sx- root.disk # applet mount can be run by root and members
| # of group disk (but not anyone else)
| # and runs with euid=0 (egid is not changed)
|
|cp = --- # disable applet cp for everyone
The file has to be owned by user root, group root and has to be
writeable only by root:
(chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf)
The busybox executable has to be owned by user root, group
root and has to be setuid root for this to work:
(chown 0.0 /bin/busybox; chmod 4755 /bin/busybox)
Robert 'sandman' Griebl has more information here:
<url: http://www.softforge.de/bb/suid.html >.
config FEATURE_SUID_CONFIG_QUIET
bool "Suppress warning message if /etc/busybox.conf is not readable"
default y
depends on FEATURE_SUID_CONFIG
help
/etc/busybox.conf should be readable by the user needing the SUID,
check this option to avoid users to be notified about missing
permissions.
config FEATURE_PREFER_APPLETS
bool "exec prefers applets"
default n
help
This is an experimental option which directs applets about to
call 'exec' to try and find an applicable busybox applet before
searching the PATH. This is typically done by exec'ing
/proc/self/exe.
This may affect shell, find -exec, xargs and similar applets.
They will use applets even if /bin/APPLET -> busybox link
is missing (or is not a link to busybox). However, this causes
problems in chroot jails without mounted /proc and with ps/top
(command name can be shown as 'exe' for applets started this way).
config BUSYBOX_EXEC_PATH
string "Path to busybox executable"
default "/proc/self/exe"
help
When applets need to run other applets, busybox
sometimes needs to exec() itself. When the /proc filesystem is
mounted, /proc/self/exe always points to the currently running
executable. If you haven't got /proc, set this to wherever you
want to run busybox from.
config SELINUX
bool "Support NSA Security Enhanced Linux"
default n
select PLATFORM_LINUX
help
Enable support for SELinux in applets ls, ps, and id. Also provide
the option of compiling in SELinux applets.
If you do not have a complete SELinux userland installed, this stuff
will not compile. Specifially, libselinux 1.28 or better is
directly required by busybox. If the installation is located in a
non-standard directory, provide it by invoking make as follows:
CFLAGS=-I<libselinux-include-path> \
LDFLAGS=-L<libselinux-lib-path> \
make
Most people will leave this set to 'N'.
config FEATURE_CLEAN_UP
bool "Clean up all memory before exiting (usually not needed)"
default n
help
As a size optimization, busybox normally exits without explicitly
freeing dynamically allocated memory or closing files. This saves
space since the OS will clean up for us, but it can confuse debuggers
like valgrind, which report tons of memory and resource leaks.
Don't enable this unless you have a really good reason to clean
things up manually.
# These are auto-selected by other options
config FEATURE_SYSLOG
bool #No description makes it a hidden option
default n
#help
#This option is auto-selected when you select any applet which may
#send its output to syslog. You do not need to select it manually.
config PLATFORM_LINUX
bool #No description makes it a hidden option
default n
#help
#For the most part, busybox requires only POSIX compatibility
#from the target system, but some applets and features use
#Linux-specific interfaces.
#
#This is automatically selected if any applet or feature requires
#Linux-specific interfaces. You do not need to select it manually.
comment 'Build Options'
config STATIC
bool "Build static binary (no shared libs)"
default n
help
If you want to build a static binary, which does not use
or require any shared libraries, enable this option.
Static binaries are larger, but do not require functioning
dynamic libraries to be present, which is important if used
as a system rescue tool.
config PIE
bool "Build position independent executable"
default n
depends on !STATIC
help
Hardened code option. PIE binaries are loaded at a different
address at each invocation. This has some overhead,
particularly on x86-32 which is short on registers.
Most people will leave this set to 'N'.
config NOMMU
bool "Force NOMMU build"
default n
help
Busybox tries to detect whether architecture it is being
built against supports MMU or not. If this detection fails,
or if you want to build NOMMU version of busybox for testing,
you may force NOMMU build here.
Most people will leave this set to 'N'.
# PIE can be made to work with BUILD_LIBBUSYBOX, but currently
# build system does not support that
config BUILD_LIBBUSYBOX
bool "Build shared libbusybox"
default n
depends on !FEATURE_PREFER_APPLETS && !PIE && !STATIC
help
Build a shared library libbusybox.so.N.N.N which contains all
busybox code.
This feature allows every applet to be built as a really tiny
separate executable linked against the library:
|$ size 0_lib/l*
| text data bss dec hex filename
| 939 212 28 1179 49b 0_lib/last
| 939 212 28 1179 49b 0_lib/less
| 919138 8328 1556 929022 e2cfe 0_lib/libbusybox.so.1.N.M
This is useful on NOMMU systems which are not capable
of sharing executables, but are capable of sharing code
in dynamic libraries.
config FEATURE_LIBBUSYBOX_STATIC
bool "Pull in all external references into libbusybox"
default n
depends on BUILD_LIBBUSYBOX
help
Make libbusybox library independent, not using or requiring
any other shared libraries.
config FEATURE_INDIVIDUAL
bool "Produce a binary for each applet, linked against libbusybox"
default y
depends on BUILD_LIBBUSYBOX
help
If your CPU architecture doesn't allow for sharing text/rodata
sections of running binaries, but allows for runtime dynamic
libraries, this option will allow you to reduce memory footprint
when you have many different applets running at once.
If your CPU architecture allows for sharing text/rodata,
having single binary is more optimal.
Each applet will be a tiny program, dynamically linked
against libbusybox.so.N.N.N.
You need to have a working dynamic linker.
config FEATURE_SHARED_BUSYBOX
bool "Produce additional busybox binary linked against libbusybox"
default y
depends on BUILD_LIBBUSYBOX
help
Build busybox, dynamically linked against libbusybox.so.N.N.N.
You need to have a working dynamic linker.
### config BUILD_AT_ONCE
### bool "Compile all sources at once"
### default n
### help
### Normally each source-file is compiled with one invocation of
### the compiler.
### If you set this option, all sources are compiled at once.
### This gives the compiler more opportunities to optimize which can
### result in smaller and/or faster binaries.
###
### Setting this option will consume alot of memory, e.g. if you
### enable all applets with all features, gcc uses more than 300MB
### RAM during compilation of busybox.
###
### This option is most likely only beneficial for newer compilers
### such as gcc-4.1 and above.
###
### Say 'N' unless you know what you are doing.
config CROSS_COMPILER_PREFIX
string "Cross compiler prefix"
default ""
help
If you want to build busybox with a cross compiler, then you
will need to set this to the cross-compiler prefix, for example,
"i386-uclibc-".
Note that CROSS_COMPILE environment variable or
"make CROSS_COMPILE=xxx ..." will override this selection.
Native builds leave this empty.
config SYSROOT
string "Path to sysroot"
default ""
help
If you want to build busybox with a cross compiler, then you
might also need to specify where /usr/include and /usr/lib
will be found.
For example, busybox can be built against an installed
Android NDK, platform version 9, for ARM ABI with
CONFIG_SYSROOT=/opt/android-ndk/platforms/android-9/arch-arm
Native builds leave this empty.
config EXTRA_CFLAGS
string "Additional CFLAGS"
default ""
help
Additional CFLAGS to pass to the compiler verbatim.
config EXTRA_LDFLAGS
string "Additional LDFLAGS"
default ""
help
Additional LDFLAGS to pass to the linker verbatim.
config EXTRA_LDLIBS
string "Additional LDLIBS"
default ""
help
Additional LDLIBS to pass to the linker with -l.
config USE_PORTABLE_CODE
bool "Avoid using GCC-specific code constructs"
default n
help
Use this option if you are trying to compile busybox with
compiler other than gcc.
If you do use gcc, this option may needlessly increase code size.
comment 'Installation Options ("make install" behavior)'
choice
prompt "What kind of applet links to install"
default INSTALL_APPLET_SYMLINKS
help
Choose what kind of links to applets are created by "make install".
config INSTALL_APPLET_SYMLINKS
bool "as soft-links"
help
Install applets as soft-links to the busybox binary. This needs some
free inodes on the filesystem, but might help with filesystem
generators that can't cope with hard-links.
config INSTALL_APPLET_HARDLINKS
bool "as hard-links"
help
Install applets as hard-links to the busybox binary. This might
count on a filesystem with few inodes.
config INSTALL_APPLET_SCRIPT_WRAPPERS
bool "as script wrappers"
help
Install applets as script wrappers that call the busybox binary.
config INSTALL_APPLET_DONT
bool "not installed"
help
Do not install applet links. Useful when you plan to use
busybox --install for installing links, or plan to use
a standalone shell and thus don't need applet links.
endchoice
choice
prompt "/bin/sh applet link"
default INSTALL_SH_APPLET_SYMLINK
depends on INSTALL_APPLET_SCRIPT_WRAPPERS
help
Choose how you install /bin/sh applet link.
config INSTALL_SH_APPLET_SYMLINK
bool "as soft-link"
help
Install /bin/sh applet as soft-link to the busybox binary.
config INSTALL_SH_APPLET_HARDLINK
bool "as hard-link"
help
Install /bin/sh applet as hard-link to the busybox binary.
config INSTALL_SH_APPLET_SCRIPT_WRAPPER
bool "as script wrapper"
help
Install /bin/sh applet as script wrapper that calls
the busybox binary.
endchoice
config PREFIX
string "Destination path for 'make install'"
default "./_install"
help
Where "make install" should install busybox binary and links.
comment 'Debugging Options'
config DEBUG
bool "Build with debug information"
default n
help
Say Y here to compile with debug information.
This increases the size of the binary considerably, and
should only be used when doing development.
This adds -g option to gcc command line.
Most people should answer N.
config DEBUG_PESSIMIZE
bool "Disable compiler optimizations"
default n
depends on DEBUG
help
The compiler's optimization of source code can eliminate and reorder
code, resulting in an executable that's hard to understand when
stepping through it with a debugger. This switches it off, resulting
in a much bigger executable that more closely matches the source
code.
This replaces -Os/-O2 with -O0 in gcc command line.
config DEBUG_SANITIZE
bool "Enable runtime sanitizers (ASAN/LSAN/USAN/etc...)"
default n
help
Say Y here if you want to enable runtime sanitizers. These help
catch bad memory accesses (e.g. buffer overflows), but will make
the executable larger and slow down runtime a bit.
This adds -fsanitize=foo options to gcc command line.
If you aren't developing/testing busybox, say N here.
config UNIT_TEST
bool "Build unit tests"
default n
help
Say Y here if you want to build unit tests (both the framework and
test cases) as an applet. This results in bigger code, so you
probably don't want this option in production builds.
config WERROR
bool "Abort compilation on any warning"
default n
help
This adds -Werror to gcc command line.
Most people should answer N.
choice
prompt "Additional debugging library"
default NO_DEBUG_LIB
help
Using an additional debugging library will make busybox become
considerably larger and will cause it to run more slowly. You
should always leave this option disabled for production use.
dmalloc support:
----------------
This enables compiling with dmalloc ( http://dmalloc.com/ )
which is an excellent public domain mem leak and malloc problem
detector. To enable dmalloc, before running busybox you will
want to properly set your environment, for example:
export DMALLOC_OPTIONS=debug=0x34f47d83,inter=100,log=logfile
The 'debug=' value is generated using the following command
dmalloc -p log-stats -p log-non-free -p log-bad-space \
-p log-elapsed-time -p check-fence -p check-heap \
-p check-lists -p check-blank -p check-funcs -p realloc-copy \
-p allow-free-null
Electric-fence support:
-----------------------
This enables compiling with Electric-fence support. Electric
fence is another very useful malloc debugging library which uses
your computer's virtual memory hardware to detect illegal memory
accesses. This support will make busybox be considerably larger
and run slower, so you should leave this option disabled unless
you are hunting a hard to find memory problem.
config NO_DEBUG_LIB
bool "None"
config DMALLOC
bool "Dmalloc"
config EFENCE
bool "Electric-fence"
endchoice
source libbb/Config.in
endmenu
comment "Applets"
source archival/Config.in
source coreutils/Config.in
source console-tools/Config.in
source debianutils/Config.in
source klibc-utils/Config.in
source editors/Config.in
source findutils/Config.in
source init/Config.in
source loginutils/Config.in
source e2fsprogs/Config.in
source modutils/Config.in
source util-linux/Config.in
source miscutils/Config.in
source networking/Config.in
source printutils/Config.in
source mailutils/Config.in
source procps/Config.in
source runit/Config.in
source selinux/Config.in
source shell/Config.in
source sysklogd/Config.in