NSS Caching

From CBLFS
Revision as of 09:14, 25 December 2008 by Jciccone (talk | contribs) (New page: NSS Caching is extremely useful when you have to rely on services such as nss_ldap or NIS as a backend for your System Databases. Aside from the obvious benefit of being able to ac...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

NSS Caching is extremely useful when you have to rely on services such as nss_ldap or NIS as a backend for your System Databases. Aside from the obvious benefit of being able to access a cached version of these resources for when the primary server is offline, you may also notice a speed increase for queries.

The program we will be using is called nscd. It is provided by Glibc. nscd is capable of caching passwg, group, and/or hosts. In this example we are going to cache all three.

Create a basic configuration: 

cat > /etc/nscd.conf << "EOF"
# Begin /etc/nscd.conf

# By changing yes to no it will disable the cache for the service in question
enable-cache passwd yes
enable-cache group yes
enable-cache hosts yes

# The following will cause the cache to remain when the service is restarted
persistent passwd yes
persistent group yes
persistent hosts yes

# The following will allow mmaped access to the nscd databases for service lookups.
shared passwd yes
shared group yes
shared hosts yes

# End /etc/nscd.conf
EOF

For additional configuration options see the nscd.conf(5) manpage.

Create the database cache directory as well as the nscd socket directory: 

install -dv -m755 /var/db/nscd
install -dv -m755 /var/run/nscd

Before we go too much further. Lets test nscd and see how it's working: 

nscd -d

After you start nscd you should beable to log in on another console and you should see the debug output. If this works you can run the following command to get some statistics. 

nscd -g

If all is well then you need to start the nscd daemon with the system. 

cat > /etc/rc.d/init.d/nscd << "EOF"
#!/bin/bash
########################################################################
# Begin $rc_base/init.d/nscd
#
# Description : Name Service Service Caching Daemon Bootscript
#
# Authors     : Joe Ciccone <jciccone@gmail.com>
#
# Version     : 00.01
#
# Notes       :
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}

case "${1}" in
        start)
                boot_mesg "Starting the Name Service Caching Daemon..."
                loadproc /usr/sbin/nscd
                ;;

        stop)
                boot_mesg "Stopping the Name Service Caching Daemon..."
                /usr/sbin/nscd -K
                evaluate_retval
                ;;

        restart)
                ${0} stop
                sleep 1
                ${0} start
                ;;

        status)
                statusproc nscd
                ;;

        *)
                echo "Usage: ${0} {start|stop|restart|status}"
                exit 1
                ;;
esac

# End $rc_base/init.d/nscd
EOF

Link the nscd bootscript into the runlevels:

for rl in /etc/rc.d/rc{{0,1,2,6}.d/K95,{3,4,5}.d/S05}nscd; do
  ln -sfv ../init.d/nscd $rl
done
Retrieved from "https://cblfs.clfs.org/index.php?title=NSS_Caching&oldid=16419"