aboutsummaryrefslogtreecommitdiff
path: root/Config.in
blob: 27948ad31792c46dd24a8a2f24777573b745fba1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
mainmenu "Toybox Configuration"


source generated/Config.probed
source generated/Config.in

comment ""

menu "Toybox global settings"

# This entry controls the multiplexer, disabled for single command builds
config TOYBOX
	bool
	default y
	help
	  usage: toybox [--long | --help | --version | [COMMAND] [ARGUMENTS...]]

	  With no arguments, "toybox" shows available COMMAND names. Add --long
	  to include suggested install path for each command, see
	  https://landley.net/toybox/faq.html#install for details.

	  First argument is name of a COMMAND to run, followed by any ARGUMENTS
	  to that command. Most toybox commands also understand:

	  --help		Show command help (only)
	  --version	Show toybox version (only)

	  The filename "-" means stdin/stdout, and "--" stops argument parsing.

	  Numerical arguments accept a single letter suffix for
	  kilo, mega, giga, tera, peta, and exabytes, plus an additional
	  "d" to indicate decimal 1000's instead of 1024.

	  Durations can be decimal fractions and accept minute ("m"), hour ("h"),
	  or day ("d") suffixes (so 0.1m = 6s).

config TOYBOX_SUID
	bool "SUID support"
	default y
	help
	  Support for the Set User ID bit, to install toybox suid root and drop
	  permissions for commands which do not require root access. To use
	  this change ownership of the file to the root user and set the suid
	  bit in the file permissions:

	  chown root:root toybox; chmod +s toybox

choice
	prompt "Security Blanket"
	default TOYBOX_LSM_NONE
	help
	  Select a Linux Security Module to complicate your system
	  until you can't find holes in it.

config TOYBOX_LSM_NONE
	bool "None"
	help
          Don't try to achieve "watertight" by plugging the holes in a
          collander, instead use conventional unix security (and possibly
          Linux Containers) for a simple straightforward system.
	  
config TOYBOX_SELINUX
	bool "SELinux support"
	help
	  Include SELinux options in commands such as ls, and add
	  SELinux-specific commands such as chcon to the Android menu.

config TOYBOX_SMACK
	bool "SMACK support"
	help
	  Include SMACK options in commands like ls for systems like Tizen.

endchoice

config TOYBOX_LIBCRYPTO
       bool "Use libcrypto (OpenSSL/BoringSSL)"
       default n
       help
         Use faster hash functions out of external -lcrypto library.

config TOYBOX_LIBZ
       bool "Use libz (zlib)"
       default n
       help
         Use libz for gz support.

config TOYBOX_FLOAT
	bool "Floating point support"
	default y
	help
	  Include floating point support infrastructure and commands that
	  require it.

config TOYBOX_HELP
	bool "Help messages"
	default y
	help
	  Include help text for each command.

config TOYBOX_HELP_DASHDASH
	bool "--help and --version"
	default y
	depends on TOYBOX_HELP
	help
	  Support --help argument in all commands, even ones with a NULL
	  optstring. (Use TOYFLAG_NOHELP to disable.) Produces the same output
	  as "help command". --version shows toybox version.

config TOYBOX_FREE
	bool "Free memory unnecessarily"
	default n
	help
	  When a program exits, the operating system will clean up after it
	  (free memory, close files, etc). To save size, toybox usually relies
	  on this behavior. If you're running toybox under a debugger or
	  without a real OS (ala newlib+libgloss), enable this to make toybox
	  clean up after itself.

config TOYBOX_NORECURSE
	bool "Disable recursive execution"
	default n
	help
	  When one toybox command calls another, usually it just calls the new
	  command's main() function rather than searching the $PATH and calling
	  exec on another file (which is much slower).

	  This disables that optimization, so toybox will run external commands
          even when it has a built-in version of that command. This requires
          toybox symlinks to be installed in the $PATH, or re-invoking the
          "toybox" multiplexer command by name.

config TOYBOX_DEBUG
	bool "Debugging tests"
	default n
	help
	  Enable extra checks for debugging purposes. All of them catch
	  things that can only go wrong at development time, not runtime.

config TOYBOX_PEDANTIC_ARGS
	bool "Pedantic argument checking"
	default n
	help
	  Check arguments for commands that have no arguments.

config TOYBOX_UID_SYS
	int "First system UID"
	default 100
	help
	  When commands like useradd/groupadd allocate system IDs, start here.

config TOYBOX_UID_USR
	int "First user UID"
	default 500
	help
	  When commands like useradd/groupadd allocate user IDs, start here.

config TOYBOX_FORCE_NOMMU
	bool "Enable nommu support when the build can't detect it."
	default n
	help
	  When using musl-libc on a nommu system, you'll need to say "y" here
	  unless you used the patch in the mcm-buildall.sh script. You can also
	  say "y" here to test the nommu codepaths on an mmu system.

	  A nommu system can't use fork(), it can only vfork() which suspends
	  the parent until the child calls exec() or exits. When a program
	  needs a second instance of itself to run specific code at the same
	  time as the parent, it must use a more complicated approach (such as
	  exec("/proc/self/exe") then pass data to the new child through a pipe)
	  which is larger and slower, especially for things like toysh subshells
	  that need to duplicate a lot of internal state in the child process
	  fork() gives you for free.

	  Libraries like uclibc omit fork() on nommu systems, allowing
	  compile-time probes to select which codepath to use. But musl
	  intentionally includes a broken version of fork() that always returns
	  -ENOSYS on nommu systems, and goes out of its way to prevent any
	  cross-compile compatible compile-time probes for a nommu system.
	  (It doesn't even #define __MUSL__ in features.h.) Musl does this
	  despite the fact that a nommu system can't even run standard ELF
	  binaries (requiring specially packaged executables) because it wants
	  to force every program to either include all nommu code in every
	  instance ever built, or drop nommu support altogether.

	  Building a toolchain scripts/mcm-buildall.sh patches musl to fix this.

endmenu