sbuild.conf is a Perl script which is sourced by sbuild to permit configuration. It is run in a sandbox and restricted to setting a small number of variables, detailed below, which may be set to configure the behaviour of sbuild. Each variable has an internal name, shown in all caps, and a perl variable showing the default setting. Note that the internal name is not accessible within sbuild.conf; only the variable may be assigned. Also note that some of the defaults are set to be unique for each build, and so some of the defaults shown here are unique to the user and system used to build sbuild, and will be different for your system.

While sbuild permits many aspects of its behaviour to be configured, this should not normally be required. The defaults should be adequate for most uses, and should only be changed if you are doing something more advanced, or have specialist requirements.


Build environment


STRING type. Library search path to use inside the chroot.

  • Default:

$ld_library_path = undef;


STRING type. PATH to set when running dpkg-buildpackage.

  • Default:

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games';

Build options


STRING type. Suffix to append to version number. May be useful for derivative distributions.

  • Default:

$append_to_version = undef;


STRING type. Build architecture (Arch we are building on).

  • Default:

$build_arch = 'amd64';


BOOL type. Build architecture: all packages by default

  • Default:

$build_arch_all = 0;


BOOL type. Build architecture: any packages by default

  • Default:

$build_arch_any = 1;


STRING type. This command is run with the dpkg-buildpackage command line passed to it (in the chroot, if doing a chrooted build). It is used by the sparc buildd (which is sparc64) to call the wrapper script that sets the environment to sparc (32-bit). It could be used for other build environment setup scripts. Note that this is superceded by schroot's 'command-prefix' option

  • Default:

$build_env_cmnd = '';


STRING type. Build profiles. Separated by spaces.

  • Default:

$build_profiles = '';


BOOL type. By default, do not build a source package (binary only build). Set to 1 to force creation of a source package, but note that this is inappropriate for binary NMUs, where the option will always be disabled.

  • Default:

$build_source = 0;


BOOL type. Check free disk space prior to starting a build. sbuild requires the free space to be at least twice the size of the unpacked sources to allow a build to proceed. Can be disabled to allow building if space is very limited, but the threshold to abort a build has been exceeded despite there being sufficient space for the build to complete.

  • Default:

$check_space = 1;


STRING type. Default distribution. By default, no distribution is defined, and the user must specify it with the -d option. However, a default may be configured here if desired. Users must take care not to upload to the wrong distribution when this option is set, for example experimental packages will be built for upload to unstable when this is not what is required.

  • Default:

$distribution = undef;


BOOL type. By default, the -s option only includes the .orig.tar.gz when needed (i.e. when the Debian revision is 0 or 1). By setting this option to 1, the .orig.tar.gz will always be included when -s is used. This is equivalent to --force-orig-source.

  • Default:

$force_orig_source = 0;


BOOL type. Build using current GCC snapshot?

  • Default:

$gcc_snapshot = 0;


STRING type. Host architecture (Arch we are building for)

  • Default:

$host_arch = 'amd64';


ARRAY:STRING type. Additional signing options for dpkg-buildpackage

  • Default:

$pgp_options = [





ARRAY:STRING type. Regular expressions identifying toolchain packages. Note that for backward compatibility, this is also settable using the array @toolchain_regex (deprecated), rather than an array reference.

  • Default:

$toolchain_regex = [













Build timeouts


HASH:NUMERIC type. Some packages may exceed the general timeout (e.g. redirecting output to a file) and need a different timeout. This has is a mapping between source package name and timeout. Note that for backward compatibility, this is also settable using the hash %individual_stalled_pkg_timeout (deprecated) , rather than a hash reference. Example:

%individual_stalled_pkg_timeout = (smalleiffel => 300,

jade => 300,

atlas => 300,

glibc => 1000,

'gcc-3.3' => 300,

kwave => 600);

  • Default:

$individual_stalled_pkg_timeout = {};


NUMERIC type. Lock wait interval (seconds). Maximum wait time is (max_lock_trys × lock_interval).

  • Default:

$lock_interval = 5;


NUMERIC type. Number of times to try waiting for a lock.

  • Default:

$max_lock_trys = 120;


NUMERIC type. Time (in minutes) of inactivity after which a build is terminated. Activity is measured by output to the log file.

  • Default:

$stalled_pkg_timeout = 150;

Build validation


STRING type. Path to lintian binary

  • Default:

$lintian = 'lintian';


ARRAY:STRING type. Options to pass to lintian. Each option is a separate arrayref element. For example, ['-i', '-v'] to add -i and -v.

  • Default:

$lintian_opts = [];


STRING type. Path to piuparts binary

  • Default:

$piuparts = 'piuparts';


ARRAY:STRING type. Options to pass to piuparts. Each option is a separate arrayref element. For example, ['-b', '<chroot_tarball>'] to add -b and <chroot_tarball>.

  • Default:

$piuparts_opts = [];


ARRAY:STRING type. Preceding arguments to launch piuparts as root. If no arguments are specified, piuparts will be launched via sudo.

  • Default:

$piuparts_root_args = [];


BOOL type. Run lintian?

  • Default:

$run_lintian = 0;


BOOL type. Run piuparts

  • Default:

$run_piuparts = 0;

Chroot options


BOOL type. Force APT to accept unauthenticated packages. By default, unauthenticated packages are not allowed. This is to keep the build environment secure, using apt-secure(8). By setting this to 1, APT::Get::AllowUnauthenticated is set to "true" when running apt-get. This is disabled by default: only enable it if you know what you are doing.

  • Default:

$apt_allow_unauthenticated = 0;


BOOL type. APT clean. 1 to enable running "apt-get clean" at the start of each build, or 0 to disable.

  • Default:

$apt_clean = 0;


BOOL type. APT distupgrade. 1 to enable running "apt-get dist-upgrade" at the start of each build, or 0 to disable.

  • Default:

$apt_distupgrade = 1;


BOOL type. APT update. 1 to enable running "apt-get update" at the start of each build, or 0 to disable.

  • Default:

$apt_update = 1;


BOOL type. Update local temporary APT archive directly (1, the default) or set to 0 to disable and do a full apt update (not recommended in case the mirror content has changed since the build started).

  • Default:

$apt_update_archive_only = 1;


BOOL type. APT upgrade. 1 to enable running "apt-get upgrade" at the start of each build, or 0 to disable.

  • Default:

$apt_upgrade = 0;


STRING type. Default chroot (defaults to distribution[-arch][-sbuild])

  • Default:

$chroot = undef;


STRING type. Mechanism to use for chroot virtualisation. Possible value are "schroot" (default) and "sudo".

  • Default:

$chroot_mode = 'schroot';


STRING type. Script to run to perform custom setup tasks in the chroot.

  • Default:

$chroot_setup_script = undef;


BOOL type. Run in split mode? In split mode, apt-get and dpkg are run on the host system, rather than inside the chroot.

  • Default:

$chroot_split = 0;


HASH:ARRAY:ARRAY:STRING type. External commands to run at various stages of a build. Commands are held in a hash of arrays of arrays data structure. Example:

$external_commands = {

"pre-build-commands" => [

['foo', 'arg1', 'arg2'],

['bar', 'arg1', 'arg2', 'arg3'],


"chroot-setup-commands" => [

['foo', 'arg1', 'arg2'],

['bar', 'arg1', 'arg2', 'arg3'],


"starting-build-commands" => [

['foo', 'arg1', 'arg2'],

['bar', 'arg1', 'arg2', 'arg3'],


"finished-build-commands" => [

['foo', 'arg1', 'arg2'],

['bar', 'arg1', 'arg2', 'arg3'],


"chroot-cleanup-commands" => [

['foo', 'arg1', 'arg2'],

['bar', 'arg1', 'arg2', 'arg3'],


"post-build-commands" => [

['foo', 'arg1', 'arg2'],

['bar', 'arg1', 'arg2', 'arg3'],



  • Default:

$external_commands = {

'chroot-cleanup-commands' => [],

'chroot-setup-commands' => [],

'finished-build-commands' => [],

'post-build-commands' => [],

'pre-build-commands' => [],

'starting-build-commands' => []



BOOL type. Log standard error of commands run by sbuild?

  • Default:

$log_external_command_error = 1;


BOOL type. Log standard output of commands run by sbuild?

  • Default:

$log_external_command_output = 1;


STRING type. Where to store list currently installed packages inside chroot

  • Default:

$package_checklist = '/var/lib/sbuild/package-checklist';


STRING type. When to purge the build dependencies after a build; possible values are "never", "successful", and "always"

  • Default:

$purge_build_deps = 'always';


STRING type. When to purge the build directory after a build; possible values are "never", "successful", and "always"

  • Default:

$purge_build_directory = 'always';


STRING type. Purge the schroot session following a build. This is useful in conjunction with the --purge and --purge-deps options when using snapshot chroots, since by default the snapshot will be deleted. Possible values are "always" (default), "never", and "successful"

  • Default:

$purge_session = 'always';

Core options


STRING type. Archive being built. Only set in build log. This might be useful for derivative distributions.

  • Default:

$archive = undef;


STRING type. This option is deprecated. Directory for chroot symlinks and sbuild logs. Defaults to the current directory if unspecified. It is used as the location of chroot symlinks (obsolete) and for current build log symlinks and some build logs. There is no default; if unset, it defaults to the current working directory. $HOME/build is another common configuration. Example:

$build_dir = '/home/pete/build';


HASH:STRING type. Environment to set during the build. Defaults to setting PATH and LD_LIBRARY_PATH only. Note that these environment variables are not subject to filtering with ENVIRONMENT_FILTER. Example: Example:

$build_environment = {

'CCACHE_DIR' => '/build/cache'


  • Default:

$build_environment = {};


ARRAY:STRING type. Packages which must be installed in the chroot for all builds.

  • Default:

$core_depends = [





ARRAY:STRING type. Only environment variables matching one of the regular expressions in this arrayref will be passed to dpkg-buildpackage and other programs run by sbuild.

  • Default:

$environment_filter = [











STRING type. Job status file (only used in batch mode)

  • Default:

$job_file = 'build-progress';


STRING type. sbuild behaviour; possible values are "user" (exit status reports build failures) and "buildd" (exit status does not report build failures) for use in a buildd setup. "buildd" also currently implies enabling of "legacy features" such as chroot symlinks in the build directory and the creation of current symlinks in the build directory.

  • Default:

$sbuild_mode = 'user';

Dependency resolution


STRING type. Build dependency resolver. The 'apt' resolver is currently the default, and recommended for most users. This resolver uses apt-get to resolve dependencies. Alternative resolvers are 'apt' and 'aptitude', which use a built-in resolver module and aptitude to resolve build dependencies, respectively. The aptitude resolver is similar to apt, but is useful in more complex situations, such as where multiple distributions are required, for example when building from experimental, where packages are needed from both unstable and experimental, but defaulting to unstable.

  • Default:

$build_dep_resolver = 'apt';


BOOL type. Should the dependency resolver use alternatives in Build-Depends, Build-Depends-Arch and Build-Depends-Indep? By default, using 'apt' resolver, only the first alternative will be used; all other alternatives will be removed. When using the 'aptitude' resolver, it will default to using all alternatives. Note that this does not include architecture-specific alternatives, which are reduced to the build architecture prior to alternatives removal. This should be left disabled when building for unstable; it may be useful when building for experimental or backports. Set to undef to use the default, 1 to enable, or 0 to disable. Example:

$resolve_alternatives = 0;

  • Default:

$resolve_alternatives = undef;


STRING type. GPG public key for temporary local apt archive.

  • Default:

$sbuild_build_depends_public_key = '/var/lib/sbuild/apt-keys/';


STRING type. GPG secret key for temporary local apt archive.

  • Default:

$sbuild_build_depends_secret_key = '/var/lib/sbuild/apt-keys/sbuild-key.sec';

Logging options


BOOL type. Should build log mails be compressed?

  • Default:

$compress_build_log_mails = 1;


NUMERIC type. Debug logging level

  • Default:

$debug = 0;


BOOL type. Colour log messages such as critical failures, warnings and success

  • Default:

$log_colour = 1;


STRING type. Directory for storing build logs. This defaults to '.' when SBUILD_MODE is set to 'user' (the default), and to '$HOME/logs' when SBUILD_MODE is set to 'buildd'.

  • Default:

$log_dir = undef;


BOOL type. Filter variable strings from log messages such as the chroot name and build directory

  • Default:

$log_filter = 1;


STRING type. email address set in the From line of build logs

  • Default:

$mailfrom = 'Source Builder <sbuild>';


STRING type. email address to mail build logs to

  • Default:

$mailto = '';


HASH:STRING type. Like MAILTO, but per-distribution. This is a hashref mapping distribution name to MAILTO. Note that for backward compatibility, this is also settable using the hash %mailto (deprecated), rather than a hash reference.

  • Default:

$mailto_hash = {};


BOOL type. Should build log mails be MIME encoded?

  • Default:

$mime_build_log_mails = 1;


NUMERIC type. Verbose logging level

  • Default:

$verbose = 0;

Maintainer options


STRING type. Key ID to use in .changes for the current upload. It overrides both $maintainer_name and $uploader_name.

  • Default:

$key_id = undef;


STRING type. Name to use as override in .changes files for the Maintainer field. The Maintainer field will not be overridden unless set here.

  • Default:

$maintainer_name = undef;


STRING type. Name to use as override in .changes file for the Changed-By: field.

  • Default:

$uploader_name = undef;

Multiarch support (transitional)


HASH:ARRAY:STRING type. Per-architecture dependencies required for cross-building.

  • Default:

$crossbuild_core_depends = {

'arm64' => [



'armel' => [



'armhf' => [



'ia64' => [



'mips' => [



'mipsel' => [



'powerpc' => [



'sparc' => [






STRING type. Path to aptitude binary

  • Default:

$aptitude = 'aptitude';


STRING type. Path to apt-cache binary

  • Default:

$apt_cache = 'apt-cache';


STRING type. Path to apt-get binary

  • Default:

$apt_get = 'apt-get';


STRING type. Path to dcmd binary

  • Default:

$dcmd = 'dcmd';


STRING type. Path to dpkg-source binary

  • Default:

$dpkg_source = 'dpkg-source';


ARRAY:STRING type. Additional command-line options for dpkg-source

  • Default:

$dpkg_source_opts = [];


STRING type. Path to fakeroot binary

  • Default:

$fakeroot = 'fakeroot';


STRING type. Program to use to send mail

  • Default:

$mailprog = '/usr/sbin/sendmail';


STRING type. Path to md5sum binary

  • Default:

$md5sum = 'md5sum';


ARRAY:STRING type. Additional command-line options for schroot

  • Default:

$schroot_options = [




STRING type. Path to su binary

  • Default:

$su = 'su';


STRING type. Path to sudo binary

  • Default:

$sudo = 'sudo';


STRING type.

  • Default:

$xapt = 'xapt';



STRING type. Directory for writing build statistics to

  • Default:

$stats_dir = '/sbuild-nonexistent/stats';



Configuration, maintained by the system administrator. This may be used to override the defaults.


User-specific configuration.


Roman Hodek <[email protected]>.

sbuild is based on debbuild, written by James Troup <[email protected]> and has been modified by

Ben Collins <[email protected]>,
Ryan Murray <[email protected]>,
Francesco Paolo Lovergine <[email protected]>,
Michael Banck <[email protected]>, and
Roger Leigh <[email protected]>


Copyright \[co] 1998-2000 Roman Hodek <roman\>
Copyright \[co] 1998-1999 James Troup <troup\>
Copyright \[co] 2003-2006 Ryan Murray <rmurray\>
Copyright \[co] 2001-2003 Rick Younie <younie\>
Copyright \[co] 2003-2004 Francesco Paolo Lovergine <frankie\>
Copyright \[co] 2005      Michael Banck <mbanck\>
Copyright \[co] 2005-2009 Roger Leigh <rleigh\>

RELATED TO sbuild.conf…