NSS Caching

From CBLFS
Jump to: navigation, search

NSS Caching is extremely useful when you have to rely on services such as nss_ldap or NIS as a backend for your System Databases. It will remember recent queries and reference a local database instead of the network service every time. This type of caching is not to be confused with offline caching. This type of caching will only cache values for a limited amount of time, the default is 5 minutes. For offline caching see NSS Offline Caching.

The program we will be using is called nscd. It is provided by EGlibc & Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.

Create a basic configuration:

cat > /etc/nscd.conf << "EOF"
# Begin /etc/nscd.conf

# By changing yes to no it will disable the cache for the service in question
enable-cache passwd yes
enable-cache group yes
enable-cache hosts yes

# The following will cause the cache to remain when the service is restarted
persistent passwd yes
persistent group yes
persistent hosts yes

# The following will allow mmaped access to the nscd databases for service lookups.
shared passwd yes
shared group yes
shared hosts yes

# End /etc/nscd.conf
EOF

For additional configuration options see the nscd.conf(5) manpage.

Create the database cache directory as well as the nscd socket directory:

install -dv -m755 /var/db/nscd
install -dv -m755 /var/run/nscd

Before we go too much further. Lets test nscd and see how it's working:

nscd -d

After you start nscd you should beable to log in on another console and you should see the debug output. If this works you can run the following command to get some statistics.

nscd -g

If all is well then you need to start the nscd daemon with the system.

cat > /etc/rc.d/init.d/nscd << "EOF"
#!/bin/bash
########################################################################
# Begin $rc_base/init.d/nscd
#
# Description : Name Service Service Caching Daemon Bootscript
#
# Authors     : Joe Ciccone <jciccone@gmail.com>
#
# Version     : 00.01
#
# Notes       :
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}

case "${1}" in
        start)
                boot_mesg "Starting the Name Service Caching Daemon..."
                loadproc /usr/sbin/nscd
                ;;

        stop)
                boot_mesg "Stopping the Name Service Caching Daemon..."
                /usr/sbin/nscd -K
                evaluate_retval
                ;;

        restart)
                ${0} stop
                sleep 1
                ${0} start
                ;;

        status)
                statusproc nscd
                ;;

        *)
                echo "Usage: ${0} {start|stop|restart|status}"
                exit 1
                ;;
esac

# End $rc_base/init.d/nscd
EOF

Link the nscd bootscript into the runlevels:

for rl in /etc/rc.d/rc{{0,1,2,6}.d/K95,{3,4,5}.d/S05}nscd; do
  ln -sfv ../init.d/nscd $rl
done
Personal tools