Difference between revisions of "NSS Caching"
Line 1: | Line 1: | ||
− | NSS Caching is extremely useful when you have to rely on services such as [[nss_ldap]] or [[NIS]] as a backend for your System Databases. | + | NSS Caching is extremely useful when you have to rely on services such as [[nss_ldap]] or [[NIS]] as a backend for your System Databases. This type of caching is not to be confused with offline caching. This type of caching will only cache values for a limited amount of time, the default is 5 minutes. For offline caching see [[NSS Offline Caching for Network Services]]. |
The program we will be using is called ''nscd''. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three. | The program we will be using is called ''nscd''. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three. |
Revision as of 17:06, 8 July 2009
NSS Caching is extremely useful when you have to rely on services such as nss_ldap or NIS as a backend for your System Databases. This type of caching is not to be confused with offline caching. This type of caching will only cache values for a limited amount of time, the default is 5 minutes. For offline caching see NSS Offline Caching for Network Services.
The program we will be using is called nscd. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.
Create a basic configuration:
cat > /etc/nscd.conf << "EOF" # Begin /etc/nscd.conf # By changing yes to no it will disable the cache for the service in question enable-cache passwd yes enable-cache group yes enable-cache hosts yes # The following will cause the cache to remain when the service is restarted persistent passwd yes persistent group yes persistent hosts yes # The following will allow mmaped access to the nscd databases for service lookups. shared passwd yes shared group yes shared hosts yes # End /etc/nscd.conf EOF
For additional configuration options see the nscd.conf(5) manpage.
Create the database cache directory as well as the nscd socket directory:
install -dv -m755 /var/db/nscd install -dv -m755 /var/run/nscd
Before we go too much further. Lets test nscd and see how it's working:
nscd -d
After you start nscd you should beable to log in on another console and you should see the debug output. If this works you can run the following command to get some statistics.
nscd -g
If all is well then you need to start the nscd daemon with the system.
cat > /etc/rc.d/init.d/nscd << "EOF" #!/bin/bash ######################################################################## # Begin $rc_base/init.d/nscd # # Description : Name Service Service Caching Daemon Bootscript # # Authors : Joe Ciccone <jciccone@gmail.com> # # Version : 00.01 # # Notes : # ######################################################################## . /etc/sysconfig/rc . ${rc_functions} case "${1}" in start) boot_mesg "Starting the Name Service Caching Daemon..." loadproc /usr/sbin/nscd ;; stop) boot_mesg "Stopping the Name Service Caching Daemon..." /usr/sbin/nscd -K evaluate_retval ;; restart) ${0} stop sleep 1 ${0} start ;; status) statusproc nscd ;; *) echo "Usage: ${0} {start|stop|restart|status}" exit 1 ;; esac # End $rc_base/init.d/nscd EOF
Link the nscd bootscript into the runlevels:
for rl in /etc/rc.d/rc{{0,1,2,6}.d/K95,{3,4,5}.d/S05}nscd; do ln -sfv ../init.d/nscd $rl done