Scroll to navigation

NSCD.CONF(5) File Formats Manual NSCD.CONF(5)

NAME

nscd.conf - configuration file for Name Service Caching Daemon

DESCRIPTION

/etc/nscd.conf configures the caches used by nscd(8) as well as some generic options. nscd(8) is able to use a configuration file at a different location, when supplied with the -f or --config-file command line option.
 
The configuration file consists of a set of lines. Empty lines, and text after a '#' is ignored. All remaining lines denote the setting of an option. White space before and after options, and between options and option arguments is ignored.
 
There are two kinds of options: General options influence nscd(8)'s general behaviour, while cache related options only affect the specified cache. Options are set like this: 

  general_option option
  cache_option cache_name option

GENERAL OPTIONS

logfile file
Specifies the name of the debug log-file that nscd(8) should use if debug-level is higher than 0. If this option is not set, nscd(8) will write its debug output to stderr.
debug-level level
If level is higher than 0, nscd(8) will create some debug output. The higher the level, the more verbose the output.
threads #threads
This option sets the number of threads that nscd(8) should use by default. It can be overridden by calling nscd(8) with the -t or --nthreads argument. If neither this configuration option nor the command line argument is given, nscd(8) uses 5 threads by default. The minimum is 3. More threads means more simultaneous connections that nscd(8) can handle.
max-threads #threads
Specifies the maximum number of threads to be started.
server-user user
By default, nscd(8) is run as user root. This option can be set to force nscd(8) to drop root privileges after startup. It cannot be used when nscd(8) is called with the -S or --secure argument. Also note that some services require that nscd run as root, so using this may break those lookup services.
stat-user user
Specifies the user who is allowed to request statistics.
paranoia bool
bool must be one of yes or no. Enabling paranoia mode causes nscd(8) to restart itself periodically.
restart-interval time
Sets the restart interval to time seconds if periodic restart is enabled by enabling paranoia mode. The default value is 3600.

CACHE OPTIONS

All cache options take two arguments. The first one denotes the service or cache the option should affect. Currently service can be one of passwd, group, or hosts.
enable-cache service bool
bool must be one of yes or no. Each cache is disabled by default and must be enabled explicitly by setting this options to yes.
positive-time-to-live service secs
This is the number of seconds after which a cached entry is removed from the cache. This defaults to 3600 seconds (i. e. one hour).
negative-time-to-live service secs
If an entry is not found by the Name Service, it is added to the cache and marked as "not existent". This option sets the number of seconds after which such a not existent entry is removed from the cache. This defaults to 20 seconds for the password and host caches and to 60 seconds for the group cache.
suggested-size service prime-number
This option sets the size of the hash that is used to store the cache entries. As this is a hash, it should be reasonably larger than the maximum number of entries that is expected to be cached simultaneously and should be a prime number. It defaults to a size of 211 entries.
check-files service bool
bool must be one of yes (default) or no. If file checking is enabled, nscd(8) periodically checks the modification time of /etc/passwd, /etc/group, or /etc/hosts (for the passwd, group, and host cache respectively) and invalidates the cache if the file has changed since the last check.
persistent service bool
bool must be one of yes (default) or no. Keep the content of the cache for service over nscd(8) restarts. Useful when paranoia mode is set.
shared service bool
bool must be one of yes (default) or no. The memory mapping of the nscd(8) databases for service is shared with the clients so that they can directly search in them instead of having to ask the daemon over the socket each time a lookup is performed.
reload-count #number
Sets the number of times a cached record is reloaded before it is pruned from the cache. Each cache record has a timeout, when that timeout expires, nscd(8) will either reload it (query the NSS service again if the data hasn't changed), or drop it.
max-db-size service number-of-bytes
Sets the maximum allowable size for the service.
auto-propagate service bool
When set to no for passwd or group service, then the .byname requests are not added to passwd.byuid or group.bygid cache. This may help for tables containing multiple records for the same id.

EXAMPLE


# This is a comment.


    logfile                 /var/log/nscd.log
    threads                 6
    server-user             nobody
    debug-level             0


    enable-cache            passwd          yes
    positive-time-to-live   passwd          600
    negative-time-to-live   passwd          20
    suggested-size          passwd          211
    check-files             passwd          yes


    enable-cache            group           yes
    positive-time-to-live   group           3600
    negative-time-to-live   group           60
    suggested-size          group           211
    check-files             group           yes


    enable-cache            hosts           yes
    positive-time-to-live   hosts           3600
    negative-time-to-live   hosts           20
    suggested-size          hosts           211
    check-files             hosts           yes

SEE ALSO

nscd(8), nsswitch.conf(5)
07 January 2001 4.2 Berkeley Distribution