man pages section 1M: System Administration Commands

nscd(1M)

NAME

nscd– name service cache daemon

SYNOPSIS

/usr/sbin/nscd

-f

configuration-file

-g

-e

cachename

-i

cachename

DESCRIPTION

nscd is a process that provides a cache for the most common name service requests. It starts up during multi-user boot. The default configuration-file /etc/nscd.conf determines the behavior of the cache daemon. See nscd.conf(4).

nscd provides caching for the passwd(4), group(4), hosts(4), ipnodes(4), exec_attr(4), prof_attr(4), and user_attr(4) databases through standard libc interfaces, such as gethostbyname(3NSL), getipnodebyname(3SOCKET), gethostbyaddr(3NSL), and others. Each cache has a separate time-to-live for its data; modifying the local database (/etc/hosts, /etc/resolv.conf, and so forth) causes that cache to become invalidated upon the next call to nscd. The shadow file is specifically not cached. getspnam(3C) calls remain uncached as a result.

nscd also acts as its own administration tool. If an instance of nscd is already running, commands are passed to the running version transparently.

In order to preserve NIS+ security, the startup script for nscd (/etc/init.d/nscd) checks the permissions on the passwd table if NIS+ is being used. If this table cannot be read by unauthenticated users, then nscd will make sure that any encrypted password information returned from the NIS+ server is supplied only to the owner of that password.

nscd runs at the sensitivity label ADMIN_LOW. However, it can communicate with DNS name servers at any sensitivity label. It requires the Trusted Path attribute.

OPTIONS

Several of the options described below require a cachename specification. Supported values are passwd, group, and hosts.

-f configuration-file: Causes nscd to read its configuration data from the specified file.
-g: Prints current configuration and statistics to standard output. This is the only option executable by non-root users.
-e cachename, yes|no: Enables or disables the specified cache.
-i cachename: Invalidate the specified cache.

EXAMPLES

Example 1 Stopping and restarting the `nscd` daemon.

example# /etc/init.d/nscd stop

	example# /etc/init.d/nscd start

FILES

/etc/nscd.conf determines the behavior of the cache daemon.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE	ATTRIBUTE VALUE
Availability	SUNWcsu

SUMMARY OF TRUSTED SOLARIS CHANGES

To invoke nscd requires the Trusted Path attribute, a process sensitivity label of ADMIN_LOW, and the following privileges: net_upgrade_sl, net_mac_read, proc_setclr, sys_trans_label, sys_net_config, file_dac_write, and file_setid. If nscd's clearance is not ADMIN_HIGH, it will be set to ADMIN_HIGH.

Trusted Solaris 8 HW 12/02 Reference Manual

exec_attr(4), nsswitch.conf(4), prof_attr(4), user_attr(4)

SunOS 5.8 Reference Manual

getspnam(3C), gethostbyname(3NSL), getipnodebyname(3SOCKET), group(4), hosts(4), ipnodes(4), nscd.conf(4), passwd(4), attributes(5)

NOTES

The output from the -g option to nscd is subject to change. Do not rely upon it as a programming interface.

SunOS 5.8 Last Revised 25 Oct 2002