chown root:root toybox; chmod +s toybox
+choice
+ prompt "Security Blanket"
+ default TOYBOX_LSM_NONE
+ help
+ Select a Linux Security Module to complicate your system
+ until you can't find holes in it.
+
+config TOYBOX_LSM_NONE
+ bool "None"
+ help
+ Don't try to achieve "watertight" by plugging the holes in a
+ collander, instead use conventional unix security (and possibly
+ Linux Containers) for a simple straightforward system.
+
config TOYBOX_SELINUX
- bool "SELinux support"
- default n
- help
- Include SELinux options in commands such as ls, and add
- SELinux-specific commands such as chcon to the Android menu.
+ bool "SELinux support"
+ help
+ Include SELinux options in commands such as ls, and add
+ SELinux-specific commands such as chcon to the Android menu.
+
+config TOYBOX_SMACK
+ bool "SMACK support"
+ help
+ Include SMACK options in commands like ls for systems like Tizen.
+
+endchoice
config TOYBOX_FLOAT
bool "Floating point support"
default n
help
Enable extra checks for debugging purposes. All of them catch
- things that can only go wrong at development time, not runtime.
+ things that can only go wrong at development time, not runtime.
config TOYBOX_UID_SYS
int "First system UID"
default 500
help
When commands like useradd/groupadd allocate user IDs, start here.
+
+config TOYBOX_MUSL_NOMMU_IS_BROKEN
+ bool "Workaround for musl-libc breakage on nommu systems."
+ default n
+ help
+ When using musl-libc on a nommu system, you'll need to say "y" here.
+
+ Although uclibc lets you detect support for things like fork() and
+ daemon() at compile time, musl intentionally includes broken versions
+ that always return -ENOSYS on nommu systems, and goes out of its way
+ to prevent any cross-compile compatible compile-time probes for a
+ nommu system.
+
+ Musl does this despite the fact that a nommu system can't even run
+ standard ELF binaries, and requires specially packaged executables.
+ (You can't even check a #define to see that you're building against
+ musl, due to its maintainer's policy that musl never has bugs that
+ require workarounds.)
+
+ So our only choice is to manually provide a musl nommu bug workaround
+ you can manually select to enable (larger, slower) nommu support with
+ musl.
+
+ You don't need this for uClibc, we have a compile time probe that
+ autodetects nommu support there.
+
endmenu