NSS Caching
NSS Caching is extremely useful when you have to rely on services such as nss_ldap or NIS as a backend for your System Databases. Aside from the obvious benefit of being able to access a cached version of these resources for when the primary server is offline, you may also notice a speed increase for queries.
The program we will be using is called nscd. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.
Create a basic configuration:
cat > /etc/nscd.conf << "EOF" # Begin /etc/nscd.conf # By changing yes to no it will disable the cache for the service in question enable-cache passwd yes enable-cache group yes enable-cache hosts yes # The following will cause the cache to remain when the service is restarted persistent passwd yes persistent group yes persistent hosts yes # The following will allow mmaped access to the nscd databases for service lookups. shared passwd yes shared group yes shared hosts yes # End /etc/nscd.conf EOF
For additional configuration options see the nscd.conf(5) manpage.
Create the database cache directory as well as the nscd socket directory:
install -dv -m755 /var/db/nscd install -dv -m755 /var/run/nscd
Before we go too much further. Lets test nscd and see how it's working:
nscd -d
After you start nscd you should beable to log in on another console and you should see the debug output. If this works you can run the following command to get some statistics.
nscd -g
If all is well then you need to start the nscd daemon with the system.
cat > /etc/rc.d/init.d/nscd << "EOF" #!/bin/bash ######################################################################## # Begin $rc_base/init.d/nscd # # Description : Name Service Service Caching Daemon Bootscript # # Authors : Joe Ciccone <jciccone@gmail.com> # # Version : 00.01 # # Notes : # ######################################################################## . /etc/sysconfig/rc . ${rc_functions} case "${1}" in start) boot_mesg "Starting the Name Service Caching Daemon..." loadproc /usr/sbin/nscd ;; stop) boot_mesg "Stopping the Name Service Caching Daemon..." /usr/sbin/nscd -K evaluate_retval ;; restart) ${0} stop sleep 1 ${0} start ;; status) statusproc nscd ;; *) echo "Usage: ${0} {start|stop|restart|status}" exit 1 ;; esac # End $rc_base/init.d/nscd EOF
Link the nscd bootscript into the runlevels:
for rl in /etc/rc.d/rc{{0,1,2,6}.d/K95,{3,4,5}.d/S05}nscd; do ln -sfv ../init.d/nscd $rl done