pkgsrc/mk/defaults/mk.conf
khorben dc4ad6b750 Add support for a number of security features
- Revisit (and rename) support for FORTIFY as PKGSRC_USE_FORTIFY (instead
  of PKGSRC_USE_FORT) for easier support outside NetBSD/gcc;
- PKGSRC_USE_SSP is no longer enabled by default when PKGSRC_USE_FORTIFY
  is enabled;
- PKGSRC_MKPIE builds executables as PIE (to leverage userland ASLR)
- PKGSRC_USE_RELRO builds with a read-only GOT to prevent some exploits
  from functioning.

Tested on NetBSD/amd64 by myself, in every combination, with and without
pkgtools/cwrappers. MKPIE is not supported at the moment with cwrappers.
Also, MKPIE is known to still break a number of packages when enabled (and
actually supported).

Tested on SunOS by jperkin@, thank you!

As discussed on tech-pkg@, the default behavior is not changed, except
where noted above.

ok bsiegert@
2016-03-11 23:03:31 +00:00

1867 lines
60 KiB
Text

# $NetBSD: mk.conf,v 1.263 2016/03/11 23:03:31 khorben Exp $
#
# This file provides default values for variables that may be overridden
# in the MAKECONF file, which is /etc/mk.conf by default.
#
# Note: This file is included after the MAKECONF file, so you cannot query
# these default values in the MAKECONF using the ".if" and ".for"
# preprocessing directives.
# ************************************************************************
# NOTE TO PEOPLE EDITING THIS FILE - USE LEADING SPACES, NOT LEADING TABS.
# ************************************************************************
USE_CWRAPPERS?= no
# build packages using the newer pkgtools/cwrappers infrastructure.
# WARNING: Experimental!
# Possible: yes, no
# Default: no
#ALLOW_VULNERABLE_PACKAGES=
# allow the user to build packages which are known to be vulnerable to
# security exploits
# Possible: defined, not defined
# Default: not defined
#AUDIT_PACKAGES_FLAGS=
# List of flags passed to ``pkg_admin audit-pkg''.
#
# Possible: See pkg_admin(1)
# Default: (no option)
MANINSTALL?= maninstall catinstall
# Specify manpage installation types.
# Possible: maninstall, catinstall, both types or empty
# Default: maninstall catinstall
# FIXME: This variable is not user-settable and must be moved away from here.
#MANZ=
# gzip manual pages at installation time
# Possible: defined, not defined
# Default: not defined
GZIP?= -9
# default compression level when compressing files with gzip
# Possible: -[0-9], --fast, --best (see gzip(1))
# Default: -9
#MAKE_JOBS= 3
# When defined, specifies the maximum number of jobs ("make -j")
# that are run in parallel when building packages with the default
# do-build action. MAKE_JOBS only affects the "build" target,
# neither "test" nor "install".
#
# Possible values: any positive integer. Useful values are around
# the number of processors on the machine.
#
# Default value: (undefined)
#
# Warning: This is experimental. Some packages will not build with
# this. Disabling this for an individual package can be done by
# setting MAKE_JOBS_SAFE=NO within the per package Makefile.
#MKCRYPTO= no
# If not YES or yes, don't fetch, build or install crypto packages.
# Possible: not defined, no
# Default: yes
#OBJHOSTNAME=
# use hostname-specific object directories, e.g. work.amnesiac, work.localhost
# OBJHOSTNAME takes precedence over OBJMACHINE (see below).
# Possible: defined, not defined
# Default: not defined
#OBJMACHINE=
# use machine-specific object directories, e.g. work.i386, work.sparc
# Possible: defined, not defined
# Default: not defined
#SIGN_PACKAGES=
# sign the packages generated with the method specified.
# Possible: gpg, x509, not defined
# Default: not defined
#X509_KEY=
# key to use when signing packages with an X509 certificate.
# Possible: pathname to the key file, not defined
# Default: not defined
#X509_CERTIFICATE=
# certificate to use when signing packages with an X509 certificate.
# Possible: pathname to the X509 certificate, not defined
# Default: not defined
.if ${PKG_DEVELOPER:Uno} != "no"
PATCH_DEBUG?=
.endif
# Used to debug patches as they are applied
# Possible: defined, not defined
# Default: not defined
PKG_COMPRESSION?= gzip
# Compression algorithm for binary packages.
# Possible: gzip, bzip2, none
# Default: gzip
# Supersedes the PKG_SUFX option and keeps the name consistent.
PKGSRC_LOCKTYPE?= none
# The type of locking that will be done if competing processes
# attempt to do work on one package directory simultaneously.
#
# Possible values:
# * none: No locking takes place at all.
# * once: When the lock has already been aquired by another
# process, the current process is terminated.
# * sleep: When the lock has already been acquired by another
# process, the current process will sleep for PKGSRC_SLEEPSECS
# seconds and then try again.
#
# You should also set OBJHOSTNAME when you are using the same
# copy of pkgsrc on different hosts, maybe via NFS. This is because
# the locking process writes its process ID into the lockfile,
# and process IDs on different hosts are unrelated.
#
# See also: LOCALBASE_LOCKTYPE, WRKDIR_LOCKTYPE.
#
# Keywords: lock locking parallel
#
PKGSRC_SLEEPSECS?= 5
# The number of seconds to wait when PKGSRC_LOCKTYPE is sleep.
#
# Possible values: any positive integer
#
#
# The following values are used to manage the packages collection as a whole.
#
#ABI=
# The Application Binary Interface (ABI) to be used, if supported by the
# Operating System and/or compiler.
#
# Only change this if you really know what you're doing -- libraries of
# one ABI can not be linked with libraries of another!
#
# Currently only usable on IRIX or Solaris. On IRIX, it is set
# automatically by the bootstrap script, on Solaris, it is not.
#
# If you change it, be sure that _all_ the installed libraries and
# programs have the same API and use consistent compiler options. It is
# recommended that this variable be only changed directly after
# bootstrapping pkgsrc.
#
# Possible values:
# * 64 (64 bit ABI; both IRIX or Solaris)
# * 32 (SGI's N32 ABI; only IRIX)
# * undefined (SGI's old o32 ABI; only IRIX)
#
# Default: undefined, but see above.
#PKG_DEVELOPER= yes
#
# If defined and not "no" it enables some sanity checks to raise the quality
# of the installed packages. See the files pkgsrc/mk/check/check-*.mk for
# details and further configuration options.
#
# Possible: defined, not defined, no
# Default: not defined
USE_ABI_DEPENDS?= yes
# Honor package prerequisite ABI recommendations. If this is set
# to "yes", all entries in ABI_DEPENDS will be added to DEPENDS.
# If set to "no", a warning will be printed if recommendations
# are possibly ignored.
#
# WARNING: This should only be changed if you know what you're doing.
# Please read pkgsrc/doc/pkgsrc.txt for details.
#
# Possible: yes, no
# Default: yes
#PKG_REGISTER_SHELLS= YES
# Automatically register shells in /etc/shells
# Possible: YES, NO
# Default: YES
PKGSRC_COMPILER?= gcc
# Compiler type(s) to use for building packages
# Possible: (see comments in mk/compiler.mk)
# Default: "gcc"
PKGSRC_MESSAGE_RECIPIENTS?=
# login names of recipients of any MESSAGE files which will be mailed
# Possible: any login names
# Default: none
PKGSRC_SHOW_BUILD_DEFS?=yes
# Show BUILD_DEFS definitions for a package when it is being built
# (BUILD_DEFS are extra definitions which govern how some packages are
# built and behave)
# Possible: "yes", not "yes"
# Default: "yes"
PKGSRC_RUN_TEST?= no
#
# Many packages bring their own self tests to ensure they basically
# work. To run these tests after building a package, set this variable
# to "yes".
#
# Note: Some packages make heavy use of the random number generator in
# their tests, so need to make sure that there are always enough random
# numbers on your machine. The package security/bitstir may help here.
#
# Possible: yes, no
# Default: no
PKGSRC_MKPIE?= no
# If no, create regular executables. Otherwise create PIE (Position Independent
# Executables, on supported platforms). This option is necessary to fully
# leverage ASLR as a mitigation for security vulnerabilities.
# Possible: yes, no
# Default: no
PKGSRC_USE_FORTIFY?= no
# Turns on substitute wrappers for commonly used functions that do not bounds
# checking regularly, but could in some cases. This is effectively in use only
# when both enabled and supported.
# Possible: yes, no
# Default: no
PKGSRC_USE_RELRO?= no
# Link with RELRO by default (on supported platforms). This makes the
# exploitation of some security vulnerabilities more difficult in some cases.
# Possible: yes, no
# Default: no
PKGSRC_USE_SSP?= no
# Set this to yes to enable stack-smashing protection (on supported platforms).
# Possible: yes, no
# Default: no
# The default PREFER_PKGSRC should be empty, but due to historical reasons we have the list below.
# Please add your platform here once you have confirmed it is correct
.if ${OPSYS} == "OpenBSD" || ${OPSYS} == "Bitrig"
PREFER_PKGSRC?=
.elif (!empty(MACHINE_PLATFORM:MNetBSD-*-*) && \
exists(/usr/X11R7/lib/libX11.so))
PREFER_PKGSRC?=
.elif (!empty(MACHINE_PLATFORM:MNetBSD-*-*) && \
exists(/usr/lib/libexpat.so))
PREFER_PKGSRC?= MesaLib Xft2 Xrandr Xrender fontconfig \
freetype2 glu randrproto renderproto xcursor
.elif !empty(MACHINE_PLATFORM:MLinux-*-*) && \
(!defined(X11_TYPE) || ${X11_TYPE} == "native")
PREFER_PKGSRC?=
.elif !empty(MACHINE_PLATFORM:MDarwin-??.*-*) && \
(!defined(X11_TYPE) || ${X11_TYPE} == "native")
PREFER_PKGSRC?=
.elif !empty(MACHINE_PLATFORM:MDarwin-9.*-*) && \
(!defined(X11_TYPE) || ${X11_TYPE} == "native")
PREFER_PKGSRC?= fontconfig pixman Xft2
.elif !empty(MACHINE_PLATFORM:MCygwin-*-*) && \
exists(/usr/lib/X11/config/xorgversion.def)
PREFER_PKGSRC?=
.else
PREFER_PKGSRC?= MesaLib Xft2 Xrandr Xrender expat fontconfig \
freetype2 glu randrproto renderproto xcursor
.endif
PREFER_NATIVE?= yes
#
# When building packages, whether to prefer the pkgsrc or native
# versions of software that's also part of the base system. Its value
# can be either yes/no, or a list of packages as named in the
# BUILDLINK_TREE line in a package's buildlink3.mk file.
# Preferences are determined by the most specific instance of the
# package in either PREFER_PKGSRC or PREFER_NATIVE. If a package is
# specified in neither or in both variables, then PREFER_PKGSRC has
# precedence over PREFER_NATIVE.
#
# Possible: yes, no, or a list of packages
PREFER_NATIVE_PTHREADS?= yes
# This toggles whether we prefer using the native pthreads implementation
# or the pkgsrc OPR (see pthread.buildlink3.mk). This setting is
# independent of the PREFER_* variables named above.
#WRKOBJDIR= /usr/tmp
# build here instead of in pkgsrc
# Possible: any path
# Default: not defined
#
# Keywords: work tmp
LOCALBASE?= /usr/pkg
# This is the base directory where all packages will be installed.
#
# Possible values: Any absolute path that does not contain special
# characters.
#
# See also: PREFIX, VARBASE
#
CROSSBASE?= ${LOCALBASE}/cross
# Where "cross" category packages install
# Possible: any path
# Default: ${LOCALBASE}/cross
VARBASE?= /var
# Where files containing local state information are installed
# Possible: any path
# Default: /var
#X11_TYPE?= native
# Used to set the X11 implementation used to build X11 packages.
# Possible: modular (uses x11/libX11 and friends), or
# native (uses pkgtools/x11-links to use the native, non-pkgsrc-managed X11).
# Default: native
# The default is defined in bsd.prefs.mk to allow platform specific overrides.
#X11BASE?= /usr/X11R7
# Where X11 is installed on the system.
# (and the default install path of X11 pkgs)
# Possible: any path
# Default: /usr/X11R7, /usr/openwin for Solaris
#MOTIFBASE?= /usr/X11R7
# Where Motif-2.0-compatible headers and libraries are installed
# on the system.
# Possible: any path
# Default: ${X11BASE} or where motif, openmotif or lesstif is installed
PKGINFODIR?= info
# The subdirectory of PREFIX that holds the GNU info files and the
# directory index file ("dir"). Using a value different from the
# default can be useful when LOCALBASE=/usr.
#
# Possible: A sane pathname.
#
# Examples:
# * share/info
#
# Note: the support for custom setting (not "info") is not complete.
#
# See also: PKGMANDIR
PKGMANDIR?= man
# The subdirectory of PREFIX that holds the manual pages and their
# subdirectories (e.g. man1, man7). Using a value different from the
# default can be useful when LOCALBASE=/usr.
#
# Possible: Any sane pathname.
#
# Examples:
# * share/man
#
# Note: the support for custom setting (not "man") is not complete.
#
# See also: PKGINFODIR
PKGGNUDIR?= gnu/
# The subdirectory of PREFIX that holds gnu programs and manual pages.
# Making this value empty can be useful when trying to build a fully
# GNU environment.
#
# Possible: Any sane pathname including a trailing slash, or empty to
# install into LOCALBASE
BSDSRCDIR?= /usr/src
# Where the NetBSD src module source tree is located
# currently only used by package support scripts for packages that
# include their source to find their upstream source
#
# Possible: any path
# Default: /usr/src
BSDXSRCDIR?= /usr/xsrc
# Where the NetBSD xsrc module source tree is located
# used in the x11/xservers package
# Possible: any path
# Default: /usr/xsrc
DISTDIR?= ${PKGSRCDIR}/distfiles
# Directory where original distribution
# files are stored.
# Possible: any path you like
# Default: /usr/pkgsrc/distfiles
#DIST_PATH= /cdrom/0/distfiles:${HOME}/distfiles
# Colon-delimited list of directories in which to search for
# ${DISTFILES} and ${PATCHFILES}. If the requested file is not in any
# of the directories in ${DIST_PATH}, it will be downloaded into
# ${DISTDIR}. If the requested file is in one of the directories in
# ${DIST_PATH}, a symbolic link will be made to it from ${DISTDIR}.
# ${DIST_PATH} directories will will be searched before ${DISTDIR},
# letting a CD hold the main distfiles archive, and local ${DISTDIR}
# hold any updated distfiles, for example.
# Possible: any directories
# Default: none
DEFAULT_VIEW?= ""
# This is the default view to which packages are added after installation.
# Default: "" (the empty view)
FETCH_USING?= auto
# The program type to fetch files.
# "manual" will explicitly fail if the DISTFILES don't exist locally.
# "custom" requires setting FETCH_CMD, FETCH_BEFORE_ARGS, FETCH_AFTER_ARGS,
# FETCH_RESUME_ARGS and FETCH_OUTPUT_ARGS.
#
# The default value can be overriden by a package before including
# bsd.prefs.mk and by the user in mk.conf.
# Possible: auto, curl, custom, fetch, ftp, manual, wget
#FIX_SYSTEM_HEADERS=
# Make pkgtools/posix_headers an automatic build dependency for all
# packages except those in the pkgtools category.
# Possible: "yes", not defined
# Default: not defined
LIBTOOLIZE_PLIST?= yes
# This determines whether to expand libtool archives (.la files) in PLISTs
# into the represented library names.
# Possible: yes, no
# Default: yes
PKG_RESUME_TRANSFERS?= NO
# Used in pkgsrc to resume transfers, if enabled the whole file won't be
# downloaded from scratch again.
# Possible: yes or no.
# Default: no.
PKG_SYSCONFBASE?= ${PREFIX}/etc
# This is the main config directory under which all package configuration
# files should be found.
# Possible: any path you like
# Default: ${PREFIX}/etc
#INIT_SYSTEM=
# This determines the type of init system to be used.
# Possible: any of: rc.d, smf
# Default: Platform-dependent, otherwise rc.d
RCD_SCRIPTS_DIR?= /etc/rc.d
# This is the system rc.d script directory in which all rc.d scripts
# expected to be executed at boot-time should be found. Package views
# users may want to set this to "${PKG_SYSCONFBASEDIR}/rc.d".
# Possible: any path you like
# Default: /etc/rc.d
PACKAGES?= ${PKGSRCDIR}/packages
# Stores generated packages
# Possible: any path you like
# Default: /usr/pkgsrc/packages
#PASSIVE_FETCH=
# Use ftp(1) in passive mode, for use behind filtering firewalls.
# (Set by default in ftp(1).)
# Possible: defined, not defined
# Default: not defined
PATCH_FUZZ_FACTOR?= -F0
# Fuzz factor to use when applying patches. Will only be applied when
# using a patch(1) that understands -F. This should be a "?="
# setting, since package Makefiles may set this value, before
# /etc/mk.conf is read.
# Possible: "-Fn" where n is a number, none
# Default: "-F0"
#ACCEPTABLE_LICENSES= fee-based-commercial-use no-commercial-use \
# no-profit limited-redistribution
# Whitespace-delimited list of the types of license which are
# acceptable for installation. Packages for which you need
# to accept a license will display a message like the following:
# ===> xv-3.10anb9 has an unacceptable license: xv-license.
# ===> To view the license, enter "/usr/bin/make show-license".
# ===> To indicate acceptance, add this line to your /etc/mk.conf:
# ===> ACCEPTABLE_LICENSES+=xv-license
#
# Default: none
#SPECIFIC_PKGS= yes
#
# When doing a bulk build, don't build all packages, only those listed
# in SITE_SPECIFIC_PKGS, HOST_SPECIFIC_PKGS, GROUP_SPECIFIC_PKGS, and
# USER_SPECIFIC_PKGS.
#
# Possible: defined, not defined
# Default: not defined
#SITE_SPECIFIC_PKGS=
# List of packages that are wanted for each host on the site. Each
# package in the list is of the form <category>/<package>.
# Possible: any combination of packages
# Default: not set
#HOST_SPECIFIC_PKGS=
# List of packages that are wanted for this particular host/machine.
# Each package in the list is of the form <category>/<package>.
# Possible: any combination of packages
# Default: not set
#GROUP_SPECIFIC_PKGS=
# List of packages that are wanted for this group of users. Each
# package in the list is of the form <category>/<package>.
# Possible: any combination of packages
# Default: not set
#USER_SPECIFIC_PKGS=
# List of packages that are wanted for this particular user. Each
# package in the list is of the form <category>/<package>.
# Possible: any combination of packages
# Default: not set
EXTRACT_USING?= nbtar
# Use the specified tool to extract tar/ustar archives.
# Possible: bsdtar, gtar, nbtar, pax
# Default: nbtar
#FAILOVER_FETCH=
# Perform a checksum at "make fetch" time. If the checksum doesn't
# match the stored value, try to retrieve the file from the next site
# in the list
# Possible: defined, not defined
# Default: not defined
#MASTER_SORT= .ac.at .at .de .ch .se .fi .no
# Whitespace delimited list of preferred download locations.
# MASTER_SITES and PATCH_SITES will be reordered according to the hosts'
# address last components.
# Possible: list of domain name suffixes
# Default: none
#MASTER_SORT_REGEX= ftp://.*/
# Same as MASTER_SORT, but takes a regular expression for more
# flexibility in matching. Regexps defined here have higher priority
# than MASTER_SORT. This example would prefer ftp transfers over
# anything else.
# Possible: Regexps as in awk(1)
# Default: none
.if defined(PKG_DEVELOPER) && ${PKG_DEVELOPER} != "no"
MASTER_SORT_RANDOM?= NO
.else
MASTER_SORT_RANDOM?= YES
.endif
# If set to YES or yes, a list of master sites will be randomly intermixed.
# Also, both MASTER_SORT and MASTER_SORT_REGEX may be applied later.
# Possible: yes, no / not defined
# Default: NO if PKG_DEVELOPER is enabled, YES otherwise
#PATCH_DEBUG=
# Used to debug patches as they are applied
# Possible: defined, not defined
# Default: not defined
#PKG_FC=
# The Fortran compiler used to compile Fortran code contained in
# packages.
# Possible: any Fortran compiler
# Default: none
#IMAKEOPTS=
# Options passed to imake(1). The defaults ensure that imake finds the
# correct commands.
# Possible: any valid flags
# Default:
# for Solaris with gcc:
# -DHasGcc2=YES -DHasGcc2ForCplusplus=YES
# for IRIX:
# -DMakeCmd=${PREFIX}/bin/bmake -DProjectRoot=${X11BASE} \
# -DManUsr=${PREFIX}
.if ${OPSYS} == "IRIX"
#IMAKEOPTS?= -DMakeCmd=${PREFIX}/bin/bmake -DProjectRoot=${X11BASE} \
# -DManUsr=${PREFIX}
# ABI specific flags may be added during bootstrapping process or by hand:
. if defined(ABI)
. if ${ABI} == "32"
#IMAKEOPTS+= -DBuildN32
. else
#IMAKEOPTS+= -DBuild64bit
. endif
. endif
# you may also wish to add ISA specific flags, such as "-DSgiISA32=4" if
# you are compiling for mips4.
.elif ${OPSYS} == "SunOS"
# The flags required by imake with gcc on Solaris are automatically
# added if gcc is being used. Though it should not be needed, you can
# override this using:
#IMAKEOPTS+= -DHasGcc2=YES -DHasGcc2ForCplusplus=YES
.endif
PRE_ROOT_CMD?= ${TRUE}
# Command to be run by normal user, just before becoming root (see
# SU_CMD) to install the package. For example, "chmod -R o+w ${WRKDIR}"
# would allow others to write and modify files below ${WRKDIR}.
# Possible: any shell commands
# Default: none
SU_CMD?= ${ROOT_CMD}
# Command to perform before "make install", if the user does not have
# an effective uid of 0. A possible substitute is "sudo sh -c"
# Possible: su, sudo, or priv, with appropriate arguments
# Default: dependent on operating system. For NetBSD: ${SU} - root -c
SU_CMD_PATH_APPEND?=/sbin:/usr/sbin
# Additional directories (in a colon separated list) to be added to the
# PATH environment variable when running ${SU_CMD}.
# Default: /sbin:/usr/sbin
FATAL_OBJECT_FMT_SKEW?=yes
# If there is a pre-requisite package, which has a different object format
# from that currently being used, halt execution. One (rare) situation where
# it is possible for the difference to be harmless is where the pre-requisite
# package provides an executable, not a library.
# Possible: yes, no
# Default: yes
WARN_NO_OBJECT_FMT?=yes
# Packages installed on a machine before OBJECT_FMT was added to the
# BUILD_DEFS definitions (on 29th September 1999) cannot say which
# object format they are in. This will cause a warning to be displayed.
# Set this to "no" to stop the warning message being shown.
# Possible: yes, no
# Default: yes
#SMART_MESSAGES=yes
# Display the make(1) target, and the current stack of packages being built,
# when displaying messages during package builds.
# Possible: defined, not defined
# Default: not defined
#BINPKG_SITES=...
# Whitespace separated list of URLs for binary packages. Directories
# "All" etc. are expected in the named place, variables "rel" and
# "arch" are replaced with OS release ("1.5", ...) and architecture
# ("mipsel", ...)
# Possible: any ftp url, see above.
# Default: ftp://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/$${arch}/$${rel}
#BIN_INSTALL_FLAGS=
# List of flags passed to pkg_add(8) in the bin_install package.
# Possible: -v, -u, etc. See pkg_add(8)
# Default: (no option)
#LOCALPATCHES=...
# Directory where local patches are stored. See pkgsrc/doc/pkgsrc.txt.
# Possible: Any local directory
# Default: none
#
# Definitions used only in the packages collection
#
#ACROREAD_FONTPATH?= ${PREFIX}/share/fonts/X11/TTF
# Colon separated list of additional directories for acroread7 to
# look in for TTF/Type1 fonts.
# Default: ${PREFIX}/share/fonts/X11/TTF
AMANDA_USER?= amandabackup
# Used in the amanda packages to specify the login user and group
# responsible for backups.
# Possible: any user name
# Default: backup
AMANDA_TMP?= /tmp/amanda
# Specifies the directory in which amanda puts its debug and temporary
# files.
# Default: /tmp/amanda
AMANDA_VAR?= ${VARBASE}/amanda
# Specifies the directory in which amanda puts its logs and status
# files.
# Default: ${VARBASE}/amanda
APACHE_USER?= www
# Used in apache22, apache24, isap, and smb2www to specify the user
# allowed to execute the `suexec' wrapper. Expected to be the user the
# httpd server normally runs as.
# Possible: any user name
# Default: www
APACHE_GROUP?= www
# Used in apache22, apache24, squirrelmail, and iasp to specify
# the default group of the user allowed to execute the `suexec' wrapper.
# Expected to be the group the httpd server normally runs as.
# Possible: any group name
# Default: www
#APACHE_SUEXEC_CONFIGURE_ARGS= --suexec-uidmin=1000
# Used in apache22 and apache24 to specify additional suexec options
# to be passed to the configure script.
# Possible: any --suexec-* options recognized by the Apache configure script.
# Default: not defined
APACHE_SUEXEC_DOCROOT?= ${LOCALBASE}/share/httpd/htdocs
# Used in apache22 and apache24 to specify the document space in
# which suexec will be allowed to work.
# Possible: Any valid directory
# Default: ${LOCALBASE}/share/httpd/htdocs
ARLA_CACHE?= ${LOCALBASE}/cache
# Used in arla to specify the location of the cache used by arla. Should
# be on a local disk.
# Default: ${LOCALBASE}/cache
BIND_DIR?= ${VARBASE}/chroot/named
# The directory for BIND system user.
# Possible: any valid location
# Default: ${VARBASE}/chroot/named
BIND_GROUP?= named
# System group to run the BIND name server as. Used by the "bind9" package.
# Possible: any group name
# Default: named
BIND_USER?= named
# System user to run the BIND name server as. Used by the "bind9" package.
# Possible: any user name
# Default: named
CACTI_GROUP?= cacti
# System group to run the cacti collection cron jobs as. Used by the
# "cacti" package.
# Possible: any group name
# Default: cacti
CACTI_USER?= cacti
# System user to run the cacti collection cron jobs as. Used by the
# "cacti" package.
# Possible: any user name
# Default: cacti
CANNA_GROUP?= daemon
# Used in the canna-server-bin package to specify the server group.
# Possible: any group name
# Default: daemon
CANNA_USER?= daemon
# Used in the canna-server-bin package to specify the server user.
# Possible: any user name
# Default: daemon
#CDRECORD_CONF= ${PKG_SYSCONFDIR}/cdrecord.conf
# The location of the cdrtools/cdrecord configuration file. The
# sysutils/cdrtools pkg issues a warning if the cdrtools default of
# /etc/default/cdrecord is changed, and the man pages are updated
# accordingly. This is required by the cdrtools license.
# Possible: any file name
# Default: ${PKG_SYSCONFDIR}/cdrecord.conf
CLAMAV_GROUP?= clamav
# Used in clamav to specify the group to run clamav
# Possible: any group name
# Default: clamav
CLAMAV_USER?= clamav
# Used in clamav to specify the user to run clamav
# Possible: any user name
# Default: clamav
CLAMAV_DBDIR?= ${VARBASE}/clamav
# Used in clamav to specify the virus database directory
# Possible: any directory writable by ${CLAMAV_USER}
# Default: ${VARBASE}/clamav
CONSERVER_DEFAULTHOST?= localhost
# Used by conserver package to specify the master server hostname.
# Possible: any hostname
# Default: localhost
CONSERVER_DEFAULTPORT?= 782
# Used by conserver package to specify the default listen port.
# Possible: 1-65535
# Default: 782
CUPS_GROUP?= lp
# Used in cups to specify the group to run CUPS commands as.
# Possible: any group name
# Default: sys
CUPS_USER?= lp
# Used in cups to specify the user to run CUPS commands as and to create
# temporary files in the /var/spool/cups/tmp directory.
# Possible: any user name
# Default: lp
CUPS_SYSTEM_GROUPS?= ${REAL_ROOT_GROUP}
# A space separated list of groups to use for CUPS administration privileges.
# Possible: any group names, except that of ${CUPS_GROUP}
# Default: ${REAL_ROOT_GROUP}
# CYRUS_IDLE
# use METHOD for IMAP IDLE
# METHOD is poll, idled or no
# Default: not defined
CYRUS_GROUP?= mail
# Used in cyrus-imapd, cyrus-imapd21, and cyrus-sasl to
# specify the group used for installing setuid programs.
# Possible: any group name
# Default: mail
CYRUS_USER?= cyrus
# Used in cyrus-imapd, cyrus-imapd21, and cyrus-sasl to
# specify the userid used for installing setuid programs.
# Possible: any user name
# Default: cyrus
DBUS_GROUP?= dbus
# Used in the dbus package to specify the group to run dbus as
# Possible: any group name
# Default: dbus
DBUS_USER?= dbus
# Used in the dbus package to specify the user to run dbus as
# Possible: any user name
# Default: dbus
DEFANG_GROUP?= defang
# Used in the mimedefang package to specify the group to run commands as
# Possible: any group name
# Default: defang
DEFANG_USER?= defang
# Used in the mimedefang package to specify the user to run commands as
# Possible: any user name
# Default: defang
DEFANG_SPOOLDIR?= ${VARBASE}/spool/MIMEDefang
# Location of spool and quarantined files for the mimedefang package
# Default: ${VARBASE}/spool/MIMEDefang
#DEFAULT_IRC_SERVER=
# Used in ircII to set the default irc server.
# Possible: see the list at
# http://www.irchelp.org/irchelp/networks/servers/efnet.html
# Default: not defined
#DEFAULT_SERIAL_DEVICE=
# Used to provide a default setting for the serial device for
# various packages which communicate over the serial port.
# Possible: /dev/your_favorite_serial_device
# Default: defaults for various machine_archs are set in mk/platform/${OPSYS}.mk
DIALER_GROUP?= dialer
# Used in the xisp package to specify the default group for the
# xisp binaries. Also the modem device and pppd and chat should
# have access permissions by this group.
# Possible: dialer, dip, uucp, root, dialout, or any other group.
# Default: dialer
DT_LAYOUT?= US
# Used by dt package to specify the keyboard layout.
# Possible: US, FI, FR, GER, DV
# Default: FI
ELK_GUI?= none
# Used by elk to determine which GUI API modules are enabled.
# Possible: none, or some combination of xaw and/or motif
# Default: none
EMACS_TYPE?= emacs24
# Used by emacs/modules.mk to determine which emacs version should be installed
# and emacs lisp packages should be built for.
# Possible: emacs24, emacs23, emacs23nox, emacs22, emacs22nox,
# emacs21, emacs21nox, emacs20,
# xemacs214, xemacs215
# Default: emacs24
EXIM_GROUP?= mail
# Used in the exim package to specify the server group.
# Possible: any group name
# Default: mail
EXIM_USER?= mail
# Used in the exim package to specify the server user.
# Possible: any user name
# Default: mail
#FLUXBOX_USE_XINERAMA?= NO
# Compile flukebox with xinerama extensions
# Possible: YES, NO
# Default: NO
#FLUXBOX_USE_KDE?= NO
# Compile flukebox with KDE support
# Possible: YES, NO
# Default: NO
#FLUXBOX_USE_GNOME?= NO
# Compile flukebox with GNOME support
# Possible: YES, NO
# Default: NO
#FLUXBOX_USE_XFT?= YES
# Compile flukebox with Xft support
# Possible: YES, NO
# Default: YES
FOX_USE_XUNICODE?= YES
# Used in fox to build in support for Unicode by XUnicode. See
# http://www.ab.wakwak.com/~tino/jatk/fox/ (in japanese) for more information.
# Possible: YES, NO
# Default: YES
FREEWNN_USER?= wnn
# Used in the ja-freewnn-server-bin package to specify the Free wnn user.
# Possible: any user name
# Default: wnn
FREEWNN_GROUP?= jserver
# Used in the ja-freewnn-server-bin package to specify the Free wnn group.
# Possible: any group name
# Default: jserver
GAMES_USER?= games
# Used by games to own writeable material, normally in ${VARBASE}.
# GAMES_USER has historically been "games" but in the absence of setuid
# games, which are generally a bad idea, a games user is fairly pointless
# and is expected to be removed in the future.
# See also: GAMES_GROUP, USE_GAMESGROUP
# Possible: any user name
# Default: games
GAMES_GROUP?= games
# Used by games to own writeable material, normally in ${VARBASE}.
# See also: GAMES_USER, GAMEMODE, GAMEDIRMODE, GAMEDATAMODE, USE_GAMESGROUP
# Possible: any group name
# Default: games
GAMEMODE?= 2555
# Used by setgid games to install the setgid executable itself.
# Note that USE_GAMESGROUP must be set to make the games group actually
# exist.
# See also: GAMES_GROUP, GAMEDIRMODE, GAMEDATAMODE, USE_GAMESGROUP
# Possible: any mode
# Default: 2555
GAMEDIRMODE?= 775
# Used by setgid games to allow writing to a group-owned directory for
# e.g. logfiles. Note that this variable should only be used for
# directories where the game needs write access at runtime; otherwise
# stick to ${PKGDIRMODE}.
# See also: GAMES_USER, GAMES_GROUP, GAMEMODE, USE_GAMESGROUP
# Possible: any mode
# Default: 775
GAMEDATAMODE?= 664
# Used by setgid games as the permissions for writeable material, such
# as score files, normally found in ${VARBASE}.
# See also: GAMES_USER, GAMES_GROUP, USE_GAMESGROUP
# Possible: any file ownership
# Default: 664
GAMEGRP?= ${GAMES_GROUP}
# Legacy form of GAMES_GROUP; should only be used in the context of
# supporting packages that use bsd.*.mk.
# See also: GAMES_GROUP, USE_GAMESGROUP
# Possible: any group name
# Default: GAMES_GROUP
GAMEOWN?= ${GAMES_USER}
# Legacy form of GAMES_USER; should only be used in the context of
# supporting packages that use bsd.*.mk.
# See also: GAMES_USER
# Possible: any user name
# Default: GAMES_USER
#GRUB_NETWORK_CARDS=
# Compile netboot support for the listed network interface cards into GRUB.
# Use e.g. "rtl8139" for RealTek 8139 support or "eepro100 epic100" for
# Intel Etherexpress Pro/100 and SMC EtherPower II support.
# Default: not defined (-> no netboot support)
#GRUB_PRESET_COMMAND=
# Specifies a single command that will be embedded into GRUB's stage2 and
# executed at boot time as a default configuration file. This is usually
# useful to create stage2 files with automated diskless support; you should
# set this variable to "bootp", "dhcp" or "rarp", and use it together
# GRUB_NETWORK_CARDS.
# Default: not defined
#GRUB_SCAN_ARGS=
# Can be used to supply additional configure arguments for netboot support in
# GRUB. Set e.g. "GRUB_NETWORK_CARDS" to "ne" and "GRUB_SCAN_ARGS" to
# "--enable-ne-scan=0x300" to let the boot loader search for an NE 2000 ISA
# card at I/O offset 0x300.
# Default: not defined
HASKELL_COMPILER?= ghc
# Used by haskell.mk to determine which Haskell compiler should be
# used for building Haskell packages.
# Possible: ghc
# Default: ghc
HOWL_GROUP?= howl
# System group to run howl's mDNS responder as.
# Possible: any group name
# Default: howl
HOWL_USER?= howl
# System user to run howl's mDNS responder as.
# Possible: any user name
# Default: howl
ICECAST_CHROOTDIR?= ${VARBASE}/chroot/icecast
# Used in icecast2 to specify the chroot directory in which icecast
# will be allowed to work.
# Possible: Any valid directory
# Default: ${VARBASE}/chroot/icecast
#ICECAST_CHUNKLEN=512
# If you want a larger backlog for each client, which will allow for
# worse network congestion or other network errors before kicking the
# client, increase the ICECAST_CHUNKLEN value.
# Default: 64
#ICECAST_SOURCE_BUFFSIZE=8192
# SOURCE_BUFFSIZE sets how many bytes will be read from the source
# before trying to send this chunk to the clients. If your server will
# take on a lot of listeners, or stream very high bitrate mpeg data,
# like video mpeg streams, and if you system supports it, you should
# increase this value to 65535 or something similar.
# Default: 8192
IMAP_UW_CCLIENT_MBOX_FMT?= unix
# Used in imap-uw to set the default format used by c-client programs for
# new mailbox creation. Check the UW IMAP documentation for more details
# regarding the pros and cons of the various mailbox formats.
#
# Possible: mbox, mbx, mh, mmdf, mtx, mx, news, phile, tenex, unix
# Default: unix
#IMAP_UW_MAILSPOOLHOME=.MailBox
# To default user mailboxes to their home directory,
# specify the name of the mailbox file.
# Possible: Any valid filename, not defined
# Default: not defined
IMDICTDIR?= ${VARBASE}/dict
# Specify the directory for input method's dictionary installation.
# Possible: any valid location
# Default: ${VARBASE}/dict
INN_DATA_DIR?= ${VARBASE}/news
# Used by inn to specify the data directory.
# Possible: any path you like
# Default: ${VARBASE}/news
INN_USER?= news
# Used by inn to specify the username
# Possible: any valid username
# Default: news
INN_GROUP?= news
# Used by inn to specify the groupname
# Possible: any valid groupname
# Default: news
IRCD_HYBRID_NICLEN?= 9
# Used by ircd-hybrid. Sets the maximum NICK length.
# Note that this must be consistent across your entire network.
# Possible: any valid number
# Default: 9
IRCD_HYBRID_TOPICLEN?= 120
# Used by ircd-hybrid. Sets the maximum TOPIC length.
# Note that this must be consistent across your entire network.
# Possible: any valid number
# Default: 120
#IRCD_HYBRID_SYSLOG_EVENTS?=
# Used by ircd-hybrid. Enables syslog logging, with events you specify
# (none is okay too, and logs the most essential messages only.)
# Possible: kill/squit/connect/users/oper, separated by spaces, in quotes
# Default: not defined
IRCD_HYBRID_SYSLOG_FACILITY?= LOG_LOCAL4
# Used by ircd-hybrid. Specify which syslog facility the daemon should use
# when IRCD_HYBRID_SYSLOG_EVENTS is defined.
# Possible: any syslog facility (LOG_*)
# Default: LOG_LOCAL4
#IRCD_HYBRID_MAXCONN?=
# Used by ircd-hybrid. Sets the maximum number of connections the ircd
# can support. Note that this also twiddles the HARD_FDLIMIT.
# This value is typically automagically set by ./configure
# Possible: any valid number
# Default: not defined
IRCD_HYBRID_IRC_USER?= irc
# Used by ircd-hybrid. Specify the user name under which the daemon runs.
# Possible: any user name
# Default: irc
IRCD_HYBRID_IRC_GROUP?= irc
# Used by ircd-hybrid. Specify the group name under which the daemon runs.
# Possible: any group name
# Default: irc
#IRRD_USE_PGP=
# Used by irrd package to specify the version of PGP to use, if any.
# Possible: 5, 2, not defined
# Default: not defined
# [XXX: configure will locate pgpv or pgp]
JABBERD_USER?= jabberd
# Used in jabberd to specify the user used to run the daemon.
# Possible: any valid username
# Default: jabberd
JABBERD_GROUP?= jabberd
# Used in jabberd to specify the group userd to run the daemon.
# Possible: any valid group
# Default: jabberd
JABBERD_LOGDIR?= ${VARBASE}/log/jabberd
# Used in jabberd to specify the default directory under which log
# files are placed.
# Possible: any directory
# Default: ${VARBASE}/log/jabberd
JABBERD_SPOOLDIR?= ${VARBASE}/spool/jabberd
# Used in jabberd to specify the default directory under which server
# information is stored.
# Possible: any directory
# Default: ${VARBASE}/spool/jabberd
JABBERD_PIDDIR?= ${VARBASE}/run/jabberd
# Used in jabberd to specify the default directory under which pid
# files are placed.
# Possible: any directory
# Default: ${VARBASE}/run/jabberd
JAKARTA_HOME?= ${JAVA_HOME}/jakarta
# Used by the www/jakarta-tomcat package to choose an install location
# Possible: any directory
# Default: ${JAVA_HOME}/jakarta
#KERBEROS=
# Used in many packages to specify use of a Kerberos (or compatible)
# subsystem. Requires Kerberos libraries in /usr/lib.
# Possible: defined, not defined
# Default: not defined
#KERMIT_SUID_UUCP
# If set to YES or yes, install kermit binary set-uid uucp. Permits an
# unprivileged user to access the serial ports, with default permissions
# on the /dev/tty0* special files.
# Possible: YES, yes, not defined
# Default: not defined
#KJS_USE_PCRE=
# Used in kdelibs2 to determine if kjs (javascript) should use Perl
# Compatible Regular Expressions (pcre)
# Possible: yes, not defined
# Default: not defined
#KNEWS_DOMAIN_FILE=
# Used in the knews package to set the domain name from the contents
# of this file.
# Possible: any valid path
# Default: none
#KNEWS_DOMAIN_NAME=
# Used in the knews package to set the domain name.
# Possible: almost anything really, usually a FQDN.
# Default: none
#LIBDVDCSS_HOMEPAGE=
# Used in libdvdcss package as the homepage.
# In order to ensure compliance with U.S. and international law, please
# do not modify this variable to provide pointers to the homepage
# for this software or submit any PRs telling us the contents of the
# LIBDVDCSS_HOMEPAGE definition in this Makefile.
# Possible: any libdvdcss site
# Default: not defined
#LIBDVDCSS_MASTER_SITES=
# Used in libdvdcss package as the master site.
# In order to ensure compliance with U.S. and international law, please
# do not modify this variable to provide pointers to the homepage
# for this software or submit any PRs telling us the contents of the
# LIBDVDCSS_MASTER_SITES definition in this Makefile.
# Possible: any libdvdcss site
# Default: not defined
#LATEX2HTML_ICONPATH=
# Used in the latex2html package to set URL prefix for where to
# find latex2html's icons.
# Possible: a URL prefix
# Default: none
LEAFNODE_DATA_DIR?= ${VARBASE}/news
# Used by leafnode to specify the data directory.
# Possible: any path you like
# Default: ${VARBASE}/news
# Note: default is the same as INN_DATA_DIR
LEAFNODE_USER?= news
# Used by leafnode to specify the username
# Possible: any valid username
# Default: news
# Note: default is the same as INN_USER
LEAFNODE_GROUP?= news
# Used by leafnode to specify the groupname
# Possible: any valid groupname
# Default: news
# Note: default is the same as INN_GROUP
LINUX_LOCALES?= \
af ar bg br ca cs cy da de el en eo es et eu fi fo fr ga gl \
he hr hu hy id is it ja ka kl ko lo lt lv nl no oc pl pt ro \
ru sk sl sr sv th tr uk vi wa zh
# Used in linux-locale package to install specify language(s)
# Possible: af ar bg br ca cs cy da de el en eo es et eu fi fo fr ga gl \
# he hr hu hy id is it ja ka kl ko lo lt lv nl no oc pl pt ro \
# ru sk sl sr sv th tr uk vi wa zh
# Default: all languages
MAILAGENT_DOMAIN?= example.com
MAILAGENT_EMAIL?= testuser@example.com
MAILAGENT_FQDN?= test.example.com
MAILAGENT_ORGANIZATION?= Example Company
# Domain name, admin email address, fully qualified hostname of the server,
# name of the organization for mail/mailagent.
# Possible: valid hostname/email addresses/any company name
# Defaults: see above
MAJORDOMO_HOMEDIR?= ${VARBASE}/majordomo
# Used by the majordomo package as the directory the lists dir is in
# also used by the distribute package
# Possible: any directory.
# Default: ${VARBASE}/majordomo
#MAKEINFO_ARGS?=
# flags to be passed to makeinfo(1), if any. Warning: only use if you
# know what you're doing, may break PLISTs.
# Possible: any valid flag for makeinfo(1)
# Default: may set info files size for consistency across platforms and
# makeinfo version, also various machine_archs arguments may be set in
# mk/platform/${OPSYS}.mk with the _OPSYS_MAKEINFO_ARGS variable.
MECAB_CHARSET?= euc-jp
# default character set of MeCab.
# Possible: euc-jp, sjis, utf-8
# Default: euc-jp
MEDIATOMB_GROUP?= mediatomb
# System group to run the MediaTomb Server as.
# Possible: any group name
# Default: mediatomb
MEDIATOMB_USER?= mediatomb
# System user to run the MediaTomb Server as.
# Possible: any user name
# Default: mediatomb
MLDONKEY_GROUP?= mldonkey
# System group to run mldonkey's core as.
# Possible: any group name
# Default: mldonkey
MLDONKEY_HOME?= ${VARBASE}/mldonkey
# Directory where mldonkey will keep all configuration files and downloads
# when started with the rc.d script provided in the mldonkey package.
# Possible: any path
# Default: ${VARBASE}/mldonkey
MLDONKEY_USER?= mldonkey
# System user to run mldonkey's core as.
# Possible: any user name
# Default: mldonkey
MONOTONE_GROUP?= monotone
# System group to run the dedicated Monotone server as. Used by the
# monotone-server package.
# Possible: any group name
# Default: monotone
MONOTONE_USER?= monotone
# System user to run the dedicated Monotone server as. Used by the
# monotone-server package.
# Possible: any user name
# Default: monotone
#MOTIF_TYPE?= openmotif
# Used by motif.buildlink3.mk to choose which Motif-2.0-compatible
# installation to use. This value is also automatically set by
# motif.buildlink3.mk to whichever Motif-2.0 installation represented by
# the possible values below is already installed, but defaults to
# ${MOTIF_TYPE_DEFAULT}. This value is ignored if MOTIFBASE is
# explicitly set.
# Possible: motif, openmotif, lesstif, dt (Irix and Solaris only)
# Default: ${MOTIF_TYPE_DEFAULT}
#MOTIF_TYPE_DEFAULT?= openmotif
# Used by motif.buildlink3.mk as the final default value for MOTIF_TYPE.
# Possible: motif, openmotif, lesstif, dt (Irix and Solaris only)
# Default: motif, openmotif, or dt (Irix and Solaris only)
MTOOLS_ENABLE_FLOPPYD?= NO
# Used by the mtools package to determine whether or not the floppyd
# program is installed. X11 libraries and header files are needed to
# build floppyd and run floppyd.
# Possible: YES, NO
# Default: NO
#MYSQL_USER?= mysql
# The username of the mysql administrator.
# Possible: any user name
# Default: mysql
#MYSQL_GROUP?= mysql
# The group of the mysql administrator.
# Possible: any group name
# Default: mysql
#MYSQL_DATADIR?= ${VARBASE}/mysql
# Home directory of the mysql administrator and location of the
# database files.
# Possible: any directory
# Default: ${VARBASE}/mysql
#MYSQL_CHARSET= latin1
# default character set of mysql.
# Possible: big5, cp1251, cp1257, croat, czech, danish, dec8, dos, estonia,
# euc_kr, gb2312, gbk, german1, greek, hebrew, hp8, hungarian,
# koi8_ru, koi8_ukr, latin1, latin2, latin5, swe7, usa7, win1250,
# win1251ukr, ujis, sjis and tis620
# Default: latin1
#MYSQL_EXTRA_CHARSET= all
# additional charsets to be compiled in mysql.
# Possible: none, compolex, all or list selected from MYSQL_CHARSET's
# possible values.
NAGIOS_GROUP?= nagios
# The group for Nagios user.
# Possible: any group name.
# Default: the same as the Nagios user
NAGIOS_USER?= nagios
# The unprivileged user for Nagios.
# Possible: any user name.
# Default: nagios
NAGIOSCMD_GROUP?= ${APACHE_GROUP}
# The group for Nagios "external commands". It must be should be
# one of the groups of the user the HTTP server used is running as.
# The Nagios user must also be a member of this group.
# Possible: any user name.
# Default: ${APACHE_GROUP}
NAGIOSDIR?= ${VARBASE}/spool/nagios
# Directory where Nagios status, log files etc.. are hold
# Possible: any directory.
# Default: ${VARBASE}/spool/nagios
NBPAX_PROGRAM_PREFIX?= nb
# Prefix for archivers/pax programs
# Possible: any string, leave it empty for no prefix at all
# Default: nb
NMH_EDITOR?= vi
# default editor for use in nmh.
# Possible: any editor.
# Default: vi
NMH_MTA?= smtp
# default MTA for use in nmh.
# Possible: smtp or sendmail.
# Default: smtp
NMH_PAGER?= more
# default pager for use in nmh.
# Possible: any pager.
# Default: more
#NS_PREFERRED=
# Used by netscape to determine preferred browser to open
# Possible: not defined, communicator, navigator, mozilla
# Default: not defined, which implies communicator
OPENSSH_CHROOT?= ${VARBASE}/chroot/sshd
# The chroot directory for OpenSSH with privilege separation. This directory
# will be created and MUST be only readable by root.
# Possible: any directory
# Default: ${VARBASE}/chroot/sshd
OPENSSH_USER?= sshd
# The unprivileged user for OpenSSH with privilege separation.
# Possible: any user name
# Default: sshd
OPENSSH_GROUP?= sshd
# The group of the OPENSSH_USER for OpenSSH with privilege separation.
# Possible: any group name
# Default: sshd
P4USER?= perforce
# The unprivileged user for the Perforce server.
# Possible: any user name
# Default: perforce
P4GROUP?= p4admin
# The group of the P4USER for the Perforce server.
# Possible: any group name
# Default: p4admin
P4ROOT?= ${VARBASE}/perforce
# The directory where the Perforce server will store its depot.
# Possible: any directory
# Default: ${VARBASE}/perforce
P4PORT?= 1666
# The TCP port on which the Perforce server will listen.
# Possible: any port
# Default: 1666
PALMOS_DEFAULT_SDK?= 3.5
# Version of PalmOS SDK to use as default.
# Possible: 1, 2, 3.1, 3.5
# Default: 3.5
PAPERSIZE?= A4
# Default paper size for packages.
# Possible: A4, Letter.
# Default: A4
PGGROUP?= pgsql
# Used in postgresql package as the groupname of the database
# administrator
# Possible: any group name
# Default: pgsql
PGUSER?= pgsql
# Used in postgresql package as the username of the database admin
# Possible: any user name
# Default: pgsql
PGHOME?= ${PREFIX}/${PGUSER}
# Used in postgresql package as the home directory for the database
# administrator
# Possible: any valid location
# Default: ${PREFIX}/${PGUSER}
PILRC_USE_GTK?= YES
# Use gtk+ in pilrc, needed for the UI previewer.
# Possible: YES, NO
# Default: YES
#PKG_JVM_DEFAULT=
# The JVM that should be used if nothing particular is specified.
#
# Possible values: jdk kaffe openjdk7
# jdk14 sun-jdk6 jdk15
#POPTOP_USE_MPPE=
# Used in poptop package to specify the use of the mppe-ppp package
# in preference to the standard ppp
# Possible: defined, not defined
# Default: not defined
#PROCMAIL_MAILSPOOLHOME=.MailBox
# To default user mailboxes to their home directory,
# specify the name of the mailbox file.
# Possible: Any valid filename, not defined
# Default: not defined
PROCMAIL_TRUSTED_IDS?=0
# To allow all users to use the "-f" switch set this to 0.
# Possible: A list of users, terminated by a zero.
# Default: see Makefile
.if exists(/usr/bin/ssh)
PVM_SSH?= /usr/bin/ssh
.else
PVM_SSH?= ${LOCALBASE}/bin/ssh
.endif
# Specify the rsh/ssh program used by pvm to communicate between
# systems.
# Possible: Any rsh/ssh program.
# Default: /usr/bin/ssh if it exists, otherwise ${LOCALBASE}/bin/ssh
QMAILDIR?= /var/qmail
# The directory for qmail installation. You probably don't need to
# change this.
# Possible: any valid location
# Default: /var/qmail (intentionally not ${VARBASE}/qmail)
QMAIL_QFILTER_TMPDIR?= ${VARBASE}/tmp/qmail-qfilter
# The temporary directory for qmail-qfilter.
# Possible: a directory writable only by qmail-qfilter's UID
# Default: ${VARBASE}/tmp/qmail-qfilter
QMAIL_QUEUE_DIR?= ${VARBASE}/spool/qmail
# The directory for qmail's queue.
# Possible: any location on an appropriate filesystem, except that it
# must be outside ${QMAILDIR}.
# Default: ${VARBASE}/spool/qmail
QMAIL_QUEUE_EXTRA?=
# An additional recipient that will be added to every qmail delivery.
# This is used primarily for logging.
# Possible: empty, any valid local address
# Default: empty
QPOPPER_FAC?= LOCAL1
# Used by qpopper package as the default syslog facility.
# Possible: syslog(3)'s facility string without preceding "LOG_".
# Default: LOCAL1
QPOPPER_USER?= pop
# Used by qpopper package as the owner of apop database and qpopauth
# command runs at.
# Possible: any
# Default: pop
#QPOPPER_SPOOL_DIR=
# Used by qpopper package to define the mail spool directory,
# overriding the hardcoded directories searched for by the configure
# script.
# Possible: any location on an appropriate filesystem.
# Default: not defined
RASMOL_DEPTH?= 8
# Used in rasmol package to choose display depth to compile the package
# for, since it only supports one at a time.
# Possible: 8, 16, 32
# Default: 8
RELAY_CTRL_DIR?= ${VARBASE}/spool/relay-ctrl
# The directory for relay-ctrl's database.
# Possible: any location on an appropriate filesystem.
# Default: ${VARBASE}/spool/relay-ctrl
RPM_DB_PREFIX?= ${VARBASE}/pkg
# Used in the rpm package to note the prefix of the path to the RPM
# databases. The RPM databases are stored in ${RPM_DB_PREFIX}/lib/rpm.
# Possible: any valid location, e.g. ${LOCALBASE}
# Default: ${VARBASE}/pkg
#RSSH_SCP_PATH=
# Used in the rssh package to specify pathname to scp(1)
# Possible: any valid pathname for scp command
# Default: not defined
#RSSH_SFTP_SERVER_PATH=
# Used in the rssh package to specify pathname to sftp-server(8)
# Possible: any valid pathname for sftp-server command
# Default: not defined
#RSSH_CVS_PATH=
# Used in the rssh package to specify pathname to cvs(1)
# Possible: any valid pathname for cvs command
# Default: not defined
#RSSH_RDIST_PATH=
# Used in the rssh package to specify pathname to rdist(1)
# Possible: any valid pathname for rdist command
# Default: not defined
#RSSH_RSYNC_PATH=
# Used in the rssh package to specify pathname to rsync(1)
# Possible: any valid pathname for rsync command
# Default: not defined
#SAWFISH_THEMES=
# Specifies the DISTFILES for wm/sawfish-themes, to allow the user to choose
# which themes to install
# Possible: empty, any number of theme-name-[0-9]*.*.tar.gz
# Default: Set to include about 180 themes available on themes.freshmeat.net
SCREWS_GROUP?= www
# Used in the screws package to specify the user under which the server
# should be run.
# Possible: any user name
# Default: www
SCREWS_USER?= screws
# Used in the screws package to specify the user under which the server
# should be run.
# Possible: any user name
# Default: screws
SDIST_PAWD?= pwd
# If you are using amd you'll want to use pawd instead of pwd to derive
# the current working directory.
# Possible: pawd, pwd
# Default: pwd
#SERIAL_DEVICES=
# Used to provide a default setting for all the serial devices for
# various packages which communicate over the serial port.
# Possible: /dev/your_favorite_serial_device0 /dev/your_favorite_serial_device1 ...
# Default: defaults for various machine_archs are set in mk/bsd.prefs.mk
SILC_CLIENT_WITH_PERL?= YES
# Used to decide whether perl scripting support will be compiled.
# Possible: YES, NO
# Default: YES
SSH_SUID?= NO
# Used in ssh to enable setuid installation of "ssh" binary.
# Possible: YES, or NO.
# Default: NO
SSYNC_PAWD?= pwd
# If you are using amd you'll want to use pawd instead of pwd to derive
# the current working directory.
# Possible: pawd, pwd
# Default: pwd
#SUSE_PREFER?= 10.0
# Which version of the suse packages to prefer.
# Possible: 13.1, 12.1, 10.0
# Default: depends on operating system version
TEX_DEFAULT?= teTeX3
# Specify the user's favorite latex implementation
# Possible values: teTeX3
# Default: teTeX3
#TEXMFSITE=
# Used in TeXfamily package which depends on teTeX package to specify
# site-local texmf configuration.
# Since teTeX package uses ${PREFIX}/share/texmf directory, TeXfamily
# package uses ${PREFIX}/share/texmf.local. Therefore, though you can
# use /usr/local/share/texmf as TEXMFSITE, it causes a conflict if you
# set ${PREFIX} to /usr/local. Use another path in such a case.
# Possible: any valid path
# Default: none
#THTTPD_LOG_FACILITY?= LOG_DAEMON
# Used by the thttpd package to choose the log facility used
# by thttpd for its syslogd(8) messages.
# Possible: see "facility codes" in /usr/include/syslog.h
# Default: LOG_DAEMON
UNPRIVILEGED?= NO
# Set this to YES to enable unprivileged support (see mk/unprivileged.mk).
# Possible: YES, NO
# Default: NO
USE_CROSS_COMPILE?= NO
# Set this to YES to enable cross-compiling support.
# Possible: YES, NO
# Default: NO
USE_CRYPTO?= YES
# Used in speakfreely to choose support for encrypted connections.
# Possible: YES, or NO.
# Default: YES
USERPPP_GROUP?= network
# Used in the userppp package to specify the default group.
# Possible: any group name
# Default: network
UUCP_GROUP?= daemon
# System group for uucp-related programs.
# Possible: any group name
# Default: daemon
UUCP_USER?= uucp
# System user for uucp-related programs.
# Possible: any user name
# Default: uucp
#VIM_EXTRA_OPTS=
# Used in vim package to build with non-gui extra options
# Possible: not defined, see "configure --help"
# Default: not defined
#WCALC_HTMLDIR?= share/${WCALC_DIR}/htdocs
# Directory where cad/wcalc-docs will install the wcalc web pages
# Possible: any subdirectory of ${PREFIX}
# Default: share/${WCALC_DIR}/htdocs
#WCALC_HTMLPATH?= /wcalc/
# URI configured into the web server to access the wcalc web pages.
# This is important when cad/cgi-wcalc is installed.
# Possible: any
# Default: /wcalc/
#WCALC_CGIDIR?= libexec/cgi-bin
# Directory where cad/cgi-wcalc will install the cgi programs
# Possible: any subdirectory of ${PREFIX}
# Default: libexec/cgi-bin
#WCALC_CGIPATH?= /cgi-wcalc/
# URI configured into the web server to access the cad/cgi-wcalc
# cgi programs.
# Possible: any
# Default: /cgi-bin/
#WDM_MANAGERS?=
# Is a space-separated list of window managers for x11/wdm to support.
# Possible: any space-separated list of window managers
# Default: not defined
WINDOWMAKER_OPTIONS?= gnome kde openlook
# Options for building windowmaker package. Used to add support for
# GNOME, KDE or OPEN LOOK(tm) and to avoid redundancies with KDE.
# Possible: gnome, kde, openlook, lite
# Default: gnome kde openlook
WINDOWMAKER_THEMES?= freebsdtheme-0.52 netbsddrinkingteam-0.60.0 netbsd_-0.52
# Used in the wmthemes package to specify the themes which will be
# installed.
# Possible: see http://wm.themes.org/
# Default: freebsdtheme-0.52 netbsddrinkingteam-0.60.0 netbsd_-0.52
#X10_PORT=
# The serial device for misc/bottlerocket to use to communicate
# to the X10 adaptor.
# Possible: /dev/your_favorite_serial_device
# Default: defaults to ${DEFAULT_SERIAL_DEVICE}
XAW_TYPE?=standard
# Used in various packages to specify that libXaw is used.
# Possible: standard, 3d, xpm, neXtaw
# Default: standard
#XLOCK_DEFAULT_MODE=
# Set the default display (screen saver) mode for xlockmore.
# Possible: ant, apollonian, ball, bat, blank, blot, bomb, bouboule, bounce,
# braid, bubble, bug, clock, coral, crystal, daisy, dclock, decay,
# deco, demon, dilemma, discrete, dragon, drift, euler2d, eyes,
# fadeplot, flag, flame, flow, forest, galaxy, goop, grav, helix,
# hop, hyper, ico, ifs, image, juggle, julia, kaleid, kumppa, laser,
# life, life1d, life3d, lightning, lisa, lissie, loop, lyapunov,
# mandelbrot, marquee, matrix, maze, mountain, munch, nose, pacman,
# penrose, petal, petri, polyominoes, puzzle, pyro, qix, random,
# roll, rotor, scooter, shape, sierpinski, slip, solitare, space,
# sphere, spiral, spline, star, starfish, strange, swarm, swirl,
# t3d, tetris, thornbird, tik_tak, triangle, tube, turtle, vines,
# voters, wator, wire, world, worm, xcl, xjack, not defined
# Default: not defined
#ZSH_STATIC=
# Build statically linked zsh binary - recommended if used as a login shell
# Possible: defined, not defined
# Default: not defined
#
# Overrides for faster or cheaper sites.
#
# Refer to http://www.NetBSD.org/mirrors/ or /usr/doc/MIRRORS
# for information on determining the location of NetBSD mirror sites.
#
# Australia.
#
#MASTER_SITE_MOZILLA= http://mozilla.mirror.pacific.net.au/
#MASTER_SITE_PERL_CPAN= ftp://mirror.aarnet.edu.au/pub/cpan/modules/by-module/
#MASTER_SITE_OPENOFFICE=http://openoffice.mirrors.ilisys.com.au/ \
# http://mirror.pacific.net.au/openoffice/ \
# http://planetmirror.com/pub/openoffice/
#MASTER_SITE_SOURCEFORGE=http://optusnet.dl.sourceforge.net/sourceforge/
#MASTER_SITE_BACKUP= ftp://ftp.NetBSD.org/pub/pkgsrc/distfiles/
#MASTER_SITE_LOCAL= ftp://ftp.NetBSD.org/pub/pkgsrc/distfiles/LOCAL_PORTS/
#
# Austria
#
#MASTER_SITE_CYGWIN= ftp://gd.tuwien.ac.at/gnu/cygwin/
#MASTER_SITE_GNU= ftp://ftp.at.NetBSD.org/gnu/gnusrc/
#MASTER_SITE_PERL_CPAN= ftp://ftp.at.NetBSD.org/languages/perl/CPAN/modules/by-module/
#MASTER_SITE_OPENOFFICE=http://gd.tuwien.ac.at/office/openoffice/
#MASTER_SITE_TEX_CTAN= ftp://ftp.at.NetBSD.org/publishing/tex/CTAN/
#MASTER_SITE_XEMACS= ftp://ftp.at.xemacs.org/editors/xemacs/
# Denmark
#
#MASTER_SITE_CYGWIN= http://mirrors.sunsite.dk/cygwin/
#MASTER_SITE_GNU= ftp://mirrors.sunsite.dk/gnu/
#MASTER_SITE_PERL_CPAN= ftp://mirrors.sunsite.dk/languages/perl/CPAN/modules/by-module/
#MASTER_SITE_OPENOFFICE=http://mirrors.sunsite.dk/openoffice/
#MASTER_SITE_TEX_CTAN= ftp://mirrors.sunsite.dk/tex/ctan/
# Finland
#
#MASTER_SITE_CYGWIN= ftp://ftp.funet.fi/pub/mirrors/cygwin.com/pub/cygwin/
#MASTER_SITE_GNU= ftp://ftp.funet.fi/pub/gnu/gnu/
#MASTER_SITE_MOZILLA= ftp://ftp.funet.fi/pub/mirrors/ftp.mozilla.org/
#MASTER_SITE_PERL_CPAN= \
# ftp://ftp.funet.fi/pub/languages/perl/CPAN/modules/by-module/
#MASTER_SITE_OPENOFFICE=ftp://ftp.funet.fi/pub/mirrors/openoffice.org/
#MASTER_SITE_TEX_CTAN= ftp://ftp.funet.fi/pub/TeX/CTAN/
#MASTER_SITE_XEMACS= ftp://ftp.fi.xemacs.org/pub/mirrors/ftp.xemacs.org/pub/tux/xemacs/
#MASTER_SITE_BACKUP= \
# ftp://ftp.fi.NetBSD.org/pub/NetBSD/packages/distfiles/
# France
#
#MASTER_SITE_CYGWIN= http://mir.zyrianes.net/cygwin/
#MASTER_SITE_OPENOFFICE=ftp://openoffice.cict.fr/openoffice/ \
# http://ftp.club-internet.fr/pub/OpenOffice/
#MASTER_SITE_SUSE= \
# ftp://fr.rpmfind.net/linux/SuSE-Linux/${MACHINE_ARCH}/update/${SUSE_VERSION}/ \
# ftp://fr2.rpmfind.net/linux/SuSE-Linux/${MACHINE_ARCH}/update/${SUSE_VERSION}/
# Greece
#
#MASTER_SITE_CYGWIN= http://ftp.ntua.gr/pub/pc/cygwin/
#MASTER_SITE_OPENOFFICE=http://www.ellak.gr/pub/openoffice/ \
# http://ftp.ntua.gr/pub/OpenOffice/
# Japan
#
#MASTER_SITE_CYGWIN= ftp://ftp.dnsbalance.ring.gr.jp/archives/pc/gnu-win32/
#MASTER_SITE_GNOME= ftp://ftp.dnsbalance.ring.gr.jp/pub/X/gnome/
#MASTER_SITE_GNU= ftp://ftp.dnsbalance.ring.gr.jp/pub/GNU/
#MASTER_SITE_MOZILLA= ftp://ftp.dnsbalance.ring.gr.jp/pub/net/www/mozilla/
#MASTER_SITE_PERL_CPAN= ftp://ftp.dnsbalance.ring.gr.jp/pub/lang/perl/CPAN/modules/by-module/
#MASTER_SITE_OPENOFFICE=ftp://ftp.kddlabs.co.jp/office/openoffice/ \
# ftp://ftp.dnsbalance.ring.gr.jp/pub/misc/openoffice/
#MASTER_SITE_TEX_CTAN= ftp://ftp.dnsbalance.ring.gr.jp/pub/text/CTAN/
#MASTER_SITE_SUSE= \
# ftp://ftp.kddlabs.co.jp/Linux/packages/SuSE/suse/${MACHINE_ARCH}/${SUSE_VERSION}/suse/
#MASTER_SITE_SUNSITE= ftp://sunsite.sut.ac.jp/pub/archives/linux/sunsite-unc/
#MASTER_SITE_XCONTRIB= ftp://ftp.dnsbalance.ring.gr.jp/pub/X/opengroup/contrib/
#MASTER_SITE_XEMACS= ftp://ftp.jp.xemacs.org/pub/GNU/xemacs/
#MASTER_SITE_BACKUP= \
# ftp://ftp.dnsbalance.ring.gr.jp/pub/NetBSD/packages/distfiles/ \
# ftp://ftp.jp.NetBSD.org/pub/NetBSD/packages/distfiles/
# Switzerland
#
#MASTER_SITE_MOZILLA= ftp://mirror.switch.ch/mirror/mozilla/
#MASTER_SITE_CYGWIN= ftp://mirror.switch.ch/mirror/cygwin/
#MASTER_SITE_OPENOFFICE=ftp://mirror.switch.ch/mirror/OpenOffice/
#MASTER_SITE_SUSE= \
# ftp://mirror.switch.ch/mirror/suse/suse/${MACHINE_ARCH}/${SUSE_VERSION}/suse/
# United Kingdom
#
#MASTER_SITE_MOZILLA= ftp://ftp.mirrorservice.org/sites/ftp.mozilla.org/pub/mozilla.org/
#MASTER_SITE_XEMACS= ftp://ftp.uk.xemacs.org/sites/ftp.xemacs.org/pub/xemacs/
#MASTER_SITE_BACKUP= \
# ftp://ftp.NetBSD.org/pub/pkgsrc/distfiles/
# USA
#
#MASTER_SITE_OPENOFFICE= \
# http://www.ibiblio.org/pub/mirrors/openoffice/ \
# ftp://ftp.ussg.iu.edu/pub/openoffice/ \
# http://mirrors.isc.org/pub/openoffice/ \
# ftp://mirror.telentente.com/pub/OpenOffice/ \
# http://openoffice.mirrors.pair.com/ftp/
#MASTER_SITE_SUSE= \
# ftp://mirror.mcs.anl.gov/pub/suse/${MACHINE_ARCH}/${SUSE_VERSION}/suse/
# France. This will try to fetch distfile from the distfile mirror
# before trying ${MASTER_SITE} or the distfiles at ftp.NetBSD.org
#
#MASTER_SITE_OVERRIDE= \
# ftp://ftp2.fr.NetBSD.org/pub/NetBSD/packages/distfiles/
#MASTER_SITE_BACKUP= \
# ftp://ftp2.fr.NetBSD.org/pub/NetBSD/packages/distfiles/
#MASTER_SITE_LOCAL= \
# ftp://ftp.fr.NetBSD.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/