Fossil

Compiling and Installing Fossil
Login

0.0 Using A Pre-compiled Binary

Pre-compiled binaries are available for recent releases. Just download the appropriate executable for your platform and put it on your $PATH. To uninstall, simply delete the executable. To upgrade from an older release, just overwrite the older binary with the newer one.

For details about how those binaries are built, see the Release Build How-To wiki page.

0.1 Executive Summary

Building and installing is very simple. Three steps:

  1. Download and unpack a source tarball or ZIP.
  2. ./configure; make
  3. Move the resulting "fossil" or "fossil.exe" executable to someplace on your $PATH.


1.0 Obtaining The Source Code

Fossil is self-hosting, so you can obtain a ZIP archive or tarball containing a snapshot of the latest version directly from Fossil's own fossil repository. Additionally, source archives of released versions of fossil are available from the downloads page. To obtain a development version of fossil, follow these steps:

  1. Point your web browser to https://fossil-scm.org/

  2. Click on the Timeline link at the top of the page.

  3. Select a version of of Fossil you want to download. The latest version on the trunk branch is usually a good choice. Click on its link.

  4. Finally, click on one of the "Zip Archive" or "Tarball" links, according to your preference. These link will build a ZIP archive or a gzip-compressed tarball of the complete source code and download it to your computer.

Aside: Is it really safe to use an unreleased development version of the Fossil source code?

Yes! Any check-in on the trunk branch of the Fossil Fossil self-hosting repository will work fine. (Dodgy code is always on a branch.) In the unlikely event that you pick a version with a serious bug, it still won't clobber your files. Fossil uses several self-checks prior to committing any repository change that prevent loss-of-work due to bugs.

The Fossil self-hosting repositories, especially the one at http://fossil-scm.org/home, usually run a version of trunk that is less than a week or two old. Look at the bottom left-hand corner of this screen (to the right of "This page was generated in...") to see exactly which version of Fossil is rendering this page. It is always safe to use whatever version of the Fossil code you find running on the main Fossil website.

2.0 Compiling

  1. Unpack the ZIP or tarball you downloaded then cd into the directory created.

  2. (Optional, Debian-compatible Linux only) Make sure you have all the necessary tools and libraries at hand by running: sudo apt install tcl-dev tk libssl-dev.

  3. (Optional, Unix only) Run ./configure to construct a makefile.

    1. The build system for Fossil on Unix-like systems assumes that the OpenSSL development and runtime files are available on your system, because unprotected repositories are trivial to attack otherwise. Indeed, some public Fossil repositories — including Fossil's own — today run in an HTTPS-only mode, so that you can't even do an anonymous clone from them without using the TLS features added to Fossil by OpenSSL. To weaken that stance could allow a man in the middle attack, such as one that substitutes malicious code into your Fossil repository clone.

      You can force the Fossil build system to avoid searching for, building against, and linking to the OpenSSL library by passing --with-openssl=none to the configure script.

      If you do not have the OpenSSL development libraries on your system, we recommend that you install them, typically via your OS's package manager. The Fossil build system goes to a lot of effort to seek these out wherever they may be found, so that is typically all you need to do.

      For more advanced use cases, see the OpenSSL discussion in the "TLS and Fossil" document.

    2. To build a statically linked binary (suitable for use inside a chroot jail) add the --static option.

    3. To enable the native Tcl integration feature feature, add the --with-tcl=1 and --with-tcl-private-stubs=1 options.

    4. Other configuration options can be seen by running ./configure --help

  4. Run "make" to build the "fossil" or "fossil.exe" executable. The details depend on your platform and compiler.

    1. Unix → the configure-generated Makefile should work on all Unix and Unix-like systems. Simply type "make".

    2. Unix without running "configure" → if you prefer to avoid running configure, you can also use: make -f Makefile.classic. You may want to make minor edits to Makefile.classic to configure the build for your system.

    3. MinGW / MinGW-w64 → The best-supported path is to build via the MinGW specific Makefile under a POSIX build of GNU make: "make -f win/Makefile.mingw".

      There is limited support for building under MinGW's native Windows port of GNU Make instead by defining the USE_WINDOWS=1 variable, but it's better to build under MSYS, Cygwin, or WSL on Windows since this mode doesn't take care of cases such as the "openssl" target, which depends on sed. We've gone as far down this path as is practical short of breaking cross-compilation under Linux, macOS, and so forth, as we'd have to do to make everything work under cmd.exe.

      Unless you're building under MSYS where commands like "gcc" give MinGW's GCC and not some other version, you will need to make minor edits to win/Makefile.mingw to configure the cross-compilation environment. It should suffice to switch to one of the predefined PREFIX values, causing the build to be done using "x86_64-w64-mingw32-gcc" for example, yielding a 64-bit native Windows binary.

      To enable the native Tcl integration feature, use a command line like the following (all on one line):

      make -f win/Makefile.mingw FOSSIL_ENABLE_TCL=1 FOSSIL_ENABLE_TCL_STUBS=1 FOSSIL_ENABLE_TCL_PRIVATE_STUBS=1

      Alternatively, running ./configure under MSYS should give a suitable top-level Makefile. However, options passed to configure that are not applicable on Windows may cause the configuration or compilation to fail (e.g. fusefs, internal-sqlite, etc).

    4. MSVC → Use the MSVC makefile.

      Run all of the following from a "x64 Native Tools Command Prompt".

      First change to the "win/" subdirectory ("cd win") then run "nmake /f Makefile.msc".

      Alternatively, the batch file "win\buildmsvc.bat" may be used and it will attempt to detect and use the latest installed version of MSVC.

      To enable the optional OpenSSL support, first download the official source code for OpenSSL and extract it to an appropriately named "openssl" subdirectory within the local compat directory then make sure that some recent Perl binaries are installed locally, and finally run one of the following commands:

      nmake /f Makefile.msc FOSSIL_ENABLE_SSL=1 FOSSIL_BUILD_SSL=1 PERLDIR=C:\full\path\to\Perl\bin
      
      buildmsvc.bat FOSSIL_ENABLE_SSL=1 FOSSIL_BUILD_SSL=1 PERLDIR=C:\full\path\to\Perl\bin
      
      To enable the optional native Tcl integration feature, run one of the following commands or add the "FOSSIL_ENABLE_TCL=1" argument to one of the other NMAKE command lines:
      nmake /f Makefile.msc FOSSIL_ENABLE_TCL=1
      
      buildmsvc.bat FOSSIL_ENABLE_TCL=1
      

    5. Cygwin → The same as other Unix-like systems. It is recommended to configure using: "configure --disable-internal-sqlite", making sure you have the "libsqlite3-devel" , "zlib-devel" and "openssl-devel" packages installed first.

3.0 Installing

  1. The finished binary is named "fossil" (or "fossil.exe" on Windows). Put this binary in a directory that is somewhere on your PATH environment variable. It does not matter where.

  2. (Optional:) To uninstall, just delete the binary.

4.0 Additional Considerations

5.0 Building a Static Binary on Linux using Docker

Building a static binary on Linux is not as straightforward as it could be because the GNU C library requires that certain components be dynamically loadable. That can be worked around by building against a different C library, which is simplest to do by way of a container environment like Docker.

The following instructions for building fossil using Docker were adapted from forumpost/5dd2d61e5f. These instructions assume that docker is installed and that the user running these instructions has permission to do so (i.e., they are root or are a member of the docker group).

First, create a file named Dockerfile with the following contents:


# Alpine >3.13 breaks stuff on many host OSes! For details see:
# https://wiki.alpinelinux.org/wiki/Draft_Release_Notes_for_Alpine_3.14.0#faccessat2
# FROM    alpine:edge
FROM    alpine:3.13
RUN     apk update                                                                                      \
        && apk upgrade                                                                                  \
        && apk add --no-cache                                                                           \
        curl gcc make tcl                                                                               \
        musl-dev                                                                                        \
        openssl-dev zlib-dev                                                                            \
        openssl-libs-static zlib-static                                                                 \
        && curl                                                                                         \
        "https://fossil-scm.org/home/tarball/fossil-src.tar.gz?name=fossil-src&uuid=trunk"    \
        -o fossil-src.tar.gz                                                                            \
        && tar xf fossil-src.tar.gz                                                                     \
        && cd fossil-src                                                                                \
        && ./configure                                                                                  \
        --static                                                                                        \
        --disable-fusefs                                                                                \
        --with-th1-docs                                                                                 \
        --with-th1-hooks                                                                                \
        && make

Be sure to modify the configure flags, if desired. e.g., add --json for JSON support.

From the directory containing that file, build it with docker:

# docker build -t fossil_static .

If you get permissions errors when running that as a non-root user, be sure to add the user to the docker group before trying again.

That creates a docker image and builds a static fossil binary inside it. That step will take several minutes or more, depending on the speed of the build environment.

Next, create a docker container to host the image we just created:

# docker create --name fossil fossil_static

Then copy the fossil binary from that container:

# docker cp fossil:/fossil-src/fossil fossil

The resulting binary will be huge because it is built with debug info. To strip that information, reducing the size greatly:

# strip fossil

To delete the Docker container and image (if desired), run:

# docker container rm fossil
# docker image ls

Note the IDs of the images named fossil_static and alpine, then:

docker image rm THE_FOSSIL_ID THE_ALPINE_ID

6.0 Building on/for Android

6.1 Cross-compiling from Linux

The following instructions for building Fossil for Android, without requiring a rooted OS, are adapted from forumpost/e0e9de4a7e.

On the development machine, from the fossil source tree:

export CC=$NDK_PATH/toolchains/llvm/prebuilt/linux-x86_64/bin/armv7a-linux-androideabi21-clang
./configure --with-openssl=none
make

On the Android device, enable the USB debugging option from Developer menu in Device Options. Connect the device to the development system with USB. If it's configured and connected properly, the device should show up in the output of adb devices:

sudo adb devices

Copy the resulting fossil binary onto the device...

sudo adb push fossil /data/local/tmp

And run it from an adb shell:

sudo adb shell
> cd /data/local/tmp
# Fossil requires a HOME directory to work with:
> export HOME=$PWD
> export PATH=$PWD:$PATH
> fossil version
This is fossil version 2.11 [e5653a4ceb] 2020-03-26 18:54:02 UTC

The output might, or might not, include warnings such as:

WARNING: linker: ./fossil: unused DT entry: type 0x6ffffef5 arg 0x1464
WARNING: linker: ./fossil: unused DT entry: type 0x6ffffffe arg 0x1ba8
WARNING: linker: ./fossil: unused DT entry: type 0x6fffffff arg 0x2

The source of such warnings is not 100% certain. Some information about these (reportedly harmless) warnings can be found on this StackOverflow post.

Building for Fuzz Testing

This feature is primarily intended for fossil's developers and may change at any time. It is only known to work on Linux systems and has been seen to work on x86/64 and ARM.

Fossil has builtin support for processing specific features using libfuzzer. The features which can be tested this way are found in the help text for the test-fuzz command.

Fuzzing requires:

First, modify the top-level Makefile.in:

Then rebuild:

$ make clean
$ ./configure CC=/path/to/clang
$ make

If clang is your default compiler, the CC configure option is not required.

The resulting fossil-fuzz binary differs from the standard one primarily in that it runs the test-fuzz command by default. It needs to be told what to fuzz and needs to be given a directory of input files to seed the fuzzer with:

$ mkdir cases
  # Copy input files into ./cases. e.g. when fuzzing the markdown
  # processor, copy any to-be-tested .md files into that directory.
  # Then start the fuzzer:
$ ./fossil-fuzz --fuzztype markdown cases

As it works, it writes its mutated test files into the test-input directory, each one named in the form of a hash. When it finds a problem it will produce a stack trace for the offending code, will output the name of the file which triggered the crash (named cases/SOME_HASH) and may, depending on the nature of the problem, produce a file named crash-SOMETHING. In theory the crash file can be fed directly back into the fuzzer to reproduce the problem:

$ ./fossil-fuzz --fuzztype markdown crash-SOMETHING

But whether or not it will genuinely crash may depend on static app-level state which might not trigger the crash when running an individual test.

For a detailed information about the fuzzer's flags and features, see:

Flags for the fuzzer can be passed directly to fossil, e.g. -jobs=4 to start four fuzzer jobs in parallel, but doing so may cause the fuzzer to strip the --fuzztype flag, leading to it testing the wrong thing. When passing on fuzzer-specific flags along with --fuzztype, be sure to check your system's process list to ensure that your --fuzztype flag is there.