![](https://seccdn.libravatar.org/avatar/c64c2eacb8f713e5e3fd051c8a060920.jpg?s=120&d=mm&r=g)
Hi
From: Dan Am [mailto:suse@dertext.de] Hi, I asked myself for some time: What is this nscd thing for ? I know, caching of names, etc. But do I actually have to have it ?
No. In contrary, I find nscd is very anoying. So the first thing I do after a fresh install is disabling nscd.
Moreover, for some reason, this morning nscd "forgot" root's identity, leaving root without name on the system. So e.g. "ps -ef" looked rather frightening. rcnscd restart got it back.
Q1: Any reason I MUST run nscd ?
AFAIK the one thing which needs nscd is nis. Unless you have nis running you won't need nscd.
Q2: Anyone konow about this rather ridiculous fault ?
This is a new one to me, but I encountered many other problems. E.g. DNS-caching after the TTL expired, etc.
TIA Dan
cheers, Stefan
![](https://seccdn.libravatar.org/avatar/4e2c3926757c18686414b6cf24e8fb8b.jpg?s=120&d=mm&r=g)
Hi again, Am Donnerstag, 10. Juli 2003 09:55 schrieb Peer Stefan:
AFAIK the one thing which needs nscd is nis. Unless you have nis running you won't need nscd. This machine is using winbind (successfully). NIS - winbind, similar stuff... Hmmm.... Anyone know if winbind needs it ?
Regards Dan -- buddha 2.4.20-4GB 9:56am up 12 days 1:18, 3
![](https://seccdn.libravatar.org/avatar/3d65ce348306eb0e36a6ec890e3e1b2d.jpg?s=120&d=mm&r=g)
On Thursday 10 July 2003 08:58, Dan Am wrote:
Hi again,
Am Donnerstag, 10. Juli 2003 09:55 schrieb Peer Stefan:
AFAIK the one thing which needs nscd is nis. Unless you have nis running you won't need nscd.
This machine is using winbind (successfully). NIS - winbind, similar stuff... Hmmm.... Anyone know if winbind needs it ?
Kill it off and see. You can always restart it. Best Fergus
Regards Dan
-- buddha 2.4.20-4GB 9:56am up 12 days 1:18, 3
-- Fergus Wilde Chetham's Library Long Millgate Manchester M3 1SB Tel: +44 161 834 7961 Fax: +44 161 839 5797 http://www.chethams.org.uk
![](https://seccdn.libravatar.org/avatar/4e2c3926757c18686414b6cf24e8fb8b.jpg?s=120&d=mm&r=g)
Hi, Am Donnerstag, 10. Juli 2003 10:23 schrieb Fergus Wilde:
Kill it off and see. You can always restart it. Matter of fact I did, but it's a customers productive fileserver, so I thought I'd get some opinions. ;-)
Regards Dan -- buddha 2.4.20-4GB 10:42am up 12 days 2:04, 3 users,
![](https://seccdn.libravatar.org/avatar/861b5545c111d2257fa12e533e723110.jpg?s=120&d=mm&r=g)
The 03.07.10 at 09:55, Peer Stefan wrote:
This is a new one to me, but I encountered many other problems. E.g. DNS-caching after the TTL expired, etc.
Contrary to its name, nscd does not caches explicitly DNS. Acording to its man page: Nscd provides cacheing for the passwd(5), group(5) and hosts(5) databases through standard libc interfaces, such as getpwnam(3), getpwuid(3), getgrnam(3), getgrgid(3), gethostbyname(3) and others. Each cache has a separate TTL (time-to-live) for its data; modifying the local database ( /etc/passwd, and so forth) causes that the cache becomes invalidated within fifteen seconds. Note that the shadow file is specifically not cached. getspnam(3) calls remain uncached as a result. And: Nscd doesn't know anything about the underlaying protocols for a service. This also means, that if you change /etc/resolv.conf for DNS queries, nscd will continue to use the old one if you have configured /etc/nss witch.conf(5) to use DNS for host lookups. In such a case, you need to restart nscd. And, the suse configuration dissables caching of DNS. The /etc/nscd.conf has: # !!!!!WARNING!!!!! Host cache is insecure!!! The mechanism in nscd to # cache hosts will cause your local system to not be able to trust # forward/reverse lookup checks. DO NOT USE THIS if your system relies on # this sort of security mechanism. Use a caching DNS server instead. enable-cache hosts no Previously, I used to disable it to conserve memory. Now I have it always enabled, and I don't notice it existence. Now that I think... it is watching for certain files being modified: it might be responsible for peridic disk activity. I would try to disable it in laptops. -- Cheers, Carlos Robinson
participants (4)
-
Carlos E. R.
-
Dan Am
-
Fergus Wilde
-
Peer Stefan