nscd.conf - name service cache daemon configuration
svc:/system/name-service/cache
/etc/nscd.conf
The SMF service svc:/system/name-service/cache contains the configuration information for nscd(8).
Do not edit the /etc/nscd.conf file as it is private.
Service configuration is applied from built-in defaults or from the config property group. Provide Individual Cache configuration properties from within their specific property group, or when unspecified by the default property group.
The following table shows the service configuration properties that are in the config property group:
|
Explicitly enable or disable nscd per-user mode, see nscd(8). By default, the value is unset in SMF, which causes nscd to determine whether the following conditions are true at startup:
ldap is configured in nsswitch.conf(5)
svc:/network/ldap/client (ldap_cachemgr(8)) is enabled
ldapclient(8) has credentialLevel set to self.
Valid values for this property are true and false.
When enabled, multiple nscd processes exist. Two nscd processes that have a UID of 0 (the parent and a forker) are always running, while other per-user nscd processes that have a non-0 UID only run as needed.
Using per-user lookups might not be possible if the corresponding name service switch backends do not support those lookups or if the backends are not configured to do so. Currently, ldap(7) is the only applicable backend, see ldapclient(8) for information about the credentialLevel and the authenticationMethod properties.
Sets the idle time-to-live value for the non-0 UID per-user nscd processes. The value, in seconds, is based on the last time the per-user nscd was active. The default value is 120 seconds.
Specifies name of the file in which to write debug information. By default, the file is /dev/null. Logging depends on the debug_level and debug_components settings. Note that the log file can grow to multiple gigabytes very quickly.
Interval between checking the status of dependent SMF services such as ldap(7), nis(7) and mdnsd(8). The default value is 120 seconds.
Specifies the desired debug level. The default value is "None". Use the svccfg describe command to list available levels. Note that the configuration values and the debug level output can change at any time, so do not depend upon this information in scripts.
Specifies the nscd components that should generate debug messages. The default value is "None". Use the svccfg describe command to view the available components and a brief description of each. Note that the configuration values and the component output can change at any time, so do not depend upon this information in scripts.
You can configure a specific cache in its individual property group. The following table summarizes the supported databases, their respective SMF service property group names, and the entities that use them. The Database column shows the form used by nscd usage output, while the Group column shows the name used for the SMF property group.
|
Note that the ipnodes cache uses host group properties while being cached independently.
The following cache configuration properties are available within a Group or the default property group:
Specifies an interval, in seconds, for the minimum time between check_files checks. The default value is 0, which performs a check each time the associated database is queried.
Enables or disables the periodic checking of the corresponding cache file. The time period is based on the number of seconds specified by the check_file_interval property. By default, the periodic check is enabled. The checks include the file's modified date, size, and inode number. In addition, the check invalidates the cache if any of the checked values differ from when the file was last read. If you disable these checks you might experience a slight performance boost. Disable these checks when you do not modify the file and run the nscd -i cachename command as needed. Valid values are true and false.
Enables or disables the specified cache. The value can be either true or false.
Use this attribute to specify the number of entries that nscd(8) keeps current in the specified cache. The value is an integer that approximates the number of entries that are used frequently during the day.
Specifies the time-to-live, in seconds, for unsuccessful queries (negative entries) of the specified cache. Keep this value small to reduce cache coherency issues.
Specifies the time-to-live, in seconds, for successful queries (positive entries) of the specified cache. Larger values increase cache hit rates and reduce mean response times and might increase problems with cache coherence. Set the value to at least 43200 seconds (12 hours) to improve performance for sites that update NIS maps nightly. When DNS is the source, use the DNS-returned TTL value unless it is greater than the positive_time_to_live property value. See nsswitch.conf(5).
Specifying a larger value might result in significant performance improvements if several files are owned by user IDs (UIDs) that are not in system databases.
example# svccfg -s name-service/cache svc:/system/name-service/cache> addpg password application svc:/system/name-service/cache> setprop password/negative_time_to_live = 10 svc:/system/name-service/cache> refresh
Note that you must add a property group before you can set the group's properties.
See attributes(7) for descriptions of the following attributes:
|
auth_attr(5), bootparams(5), ethers(5), exec_attr(5), group(5), hosts(5), netmasks(5), networks(5), nsswitch.conf(5), passwd(5), prof_attr(5), project(5), protocols(5), rpc(5), services(5), user_attr(5), attributes(7), ldap(7), nis(7), ldap_cachemgr(8), mdnsd(8), nscd(8), svccfg(8)
The Solaris 2.5 OS introduced the /etc/nscd.conf file as the nscd administrative configuration file.
The Oracle Solaris 10 OS introduced the svc:/system/name-service-cache service. Having this service enabled has been recommended since Solaris 10 8/07.
The Oracle Solaris 11.0 OS introduced the svc:/system/name-service/cache service and replaced the /etc/nscd.conf administrative configuration file. Starting with Oracle Solaris 11.4, the service must be enabled and be online with the nscd daemon running for certain configurations to function correctly.