Difference between revisions of "NSS Caching"

From CBLFS
Jump to navigationJump to search
Line 1: Line 1:
NSS Caching is extremely useful when you have to rely on services such as [[nss_ldap]] or [[NIS]] as a backend for your System Databases. Aside from the obvious benefit of being able to access a cached version of these resources for when the primary server is offline, you may also notice a speed increase for queries.
+
NSS Caching is extremely useful when you have to rely on services such as [[nss_ldap]] or [[NIS]] as a backend for your System Databases. This type of caching is not to be confused with offline caching. This type of caching will only cache values for a limited amount of time, the default is 5 minutes. For offline caching see [[NSS Offline Caching for Network Services]].
  
 
The program we will be using is called ''nscd''. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.
 
The program we will be using is called ''nscd''. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.

Revision as of 17:06, 8 July 2009

NSS Caching is extremely useful when you have to rely on services such as nss_ldap or NIS as a backend for your System Databases. This type of caching is not to be confused with offline caching. This type of caching will only cache values for a limited amount of time, the default is 5 minutes. For offline caching see NSS Offline Caching for Network Services.

The program we will be using is called nscd. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.

Create a basic configuration:

cat > /etc/nscd.conf << "EOF"
# Begin /etc/nscd.conf

# By changing yes to no it will disable the cache for the service in question
enable-cache passwd yes
enable-cache group yes
enable-cache hosts yes

# The following will cause the cache to remain when the service is restarted
persistent passwd yes
persistent group yes
persistent hosts yes

# The following will allow mmaped access to the nscd databases for service lookups.
shared passwd yes
shared group yes
shared hosts yes

# End /etc/nscd.conf
EOF

For additional configuration options see the nscd.conf(5) manpage.

Create the database cache directory as well as the nscd socket directory:

install -dv -m755 /var/db/nscd
install -dv -m755 /var/run/nscd

Before we go too much further. Lets test nscd and see how it's working:

nscd -d

After you start nscd you should beable to log in on another console and you should see the debug output. If this works you can run the following command to get some statistics.

nscd -g

If all is well then you need to start the nscd daemon with the system.

cat > /etc/rc.d/init.d/nscd << "EOF"
#!/bin/bash
########################################################################
# Begin $rc_base/init.d/nscd
#
# Description : Name Service Service Caching Daemon Bootscript
#
# Authors     : Joe Ciccone <jciccone@gmail.com>
#
# Version     : 00.01
#
# Notes       :
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}

case "${1}" in
        start)
                boot_mesg "Starting the Name Service Caching Daemon..."
                loadproc /usr/sbin/nscd
                ;;

        stop)
                boot_mesg "Stopping the Name Service Caching Daemon..."
                /usr/sbin/nscd -K
                evaluate_retval
                ;;

        restart)
                ${0} stop
                sleep 1
                ${0} start
                ;;

        status)
                statusproc nscd
                ;;

        *)
                echo "Usage: ${0} {start|stop|restart|status}"
                exit 1
                ;;
esac

# End $rc_base/init.d/nscd
EOF

Link the nscd bootscript into the runlevels:

for rl in /etc/rc.d/rc{{0,1,2,6}.d/K95,{3,4,5}.d/S05}nscd; do
  ln -sfv ../init.d/nscd $rl
done