svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
nscd(8)
System Administration Commands nscd(8)
NAME
nscd - name service cache daemon
SYNOPSIS
/usr/sbin/nscd [-L logfile] [-C component[,component...]]
[-D debuglevel[,debuglevel...]]
/usr/sbin/nscd [-g] [-c cachename,yes|no] [-e cachename,yes|no]
[-h cachename,keep_hot_count]
[-i cachename][,cachename...]]
[-n cachename,negative_time_to_live]
[-p cachename,positive_time_to_live]
[-C component[,component...]]
[-D debuglevel[,debuglevel...]]
[-L newlogfile]
DESCRIPTION
The nscd daemon provides caching for most name service requests to
improve performance. nscd provides a consistent dynamic name service
configuration to all processes.
nscd is also an administrative tool that transparently passes options
to the running daemon (see the second command synopsis).
The nscd daemon starts at system boot by the svc:/system/name-ser‐
vice/cache SMF service and requires no administrative interaction. To
manually start the daemon, see the first nscd command synopsis.
The service's properties define the behavior of the cache daemon as
shown in the nscd.conf(5) man page.
Ensure that the nscd daemon is running for ldap(7) services to function
correctly.
nscd provides caching for the auth_attr, bootparams, ethers, exec_attr,
group, hosts, ipnodes, netmasks, networks, passwd, prof_attr, project
protocols, rpc, services, and user_attr, databases by using standard
libc interfaces, such as getaddrinfo(), getnameinfo(), getpwnam(), and
others. The shadow file is purposefully not cached. As a result, getsp‐
nam() calls are not cached.
Each cache has a separate time-to-live (TTL) for its data. By default,
when you modify the local files database (see FILES), that cache is
invalidated upon the next call to nscd.
The nscd restarts when you update or refresh any of the following ser‐
vices that nscd optionally depends. When nscd restarts, the caches are
effectively cleared.
o svc:/network/nis/client:default, see ypbind(8) and
ypfiles(5)
o svc:/network/ldap/client:default, see ldapclient(8)
o svc:/network/dns/multicast:default, see mdns(8)
The files and services monitoring provide a consistent dynamic name
service configuration to all processes as all standard libc interfaces
interact with nscd. So, when you commit a configuration change, nscd
causes all subsequent calls to use that configuration. So, it is best
to ensure that nscd is always running.
For comparison, when nscd is not used, processes only gather configura‐
tion information upon their initial relevant libc call. Subsequent
calls use that same configuration until those processes are restarted.
For example, consider a system that does not have nscd running. Updat‐
ing that system to use LDAP or NIS, nsswitch.conf(5) is updated to add
those sources. As nscd is not running, processes already started before
the configuration change (such as svc.startd and svc.configd) would not
use the new source. In that instance, you should start the nscd service
(svcadm enable name-service/cache) so that all processes benefit from
the change, or you should reboot the system to ensure that a consistent
configuration is used by all processes.
When running with per-user lookups enabled (enable_per_user_lookup in
nscd.conf(5)), nscd forks exactly one child process (a per-user nscd)
on behalf of the user who makes the request. The per-user nscd uses the
credentials of the user to open a per-user connection to the name
repository that is configured for the per-user style of lookups. The
lookup will be performed in the child process. The results are cached
in the process and are available only to the same user. The caches are
managed exactly the same as the main nscd daemon manages its own
caches. Subsequent requests from the user will be handled by that per-
user nscd until it terminates. The per-user nscd uses a configurable
inactivity time-to-live (TTL) value and terminates itself after the
inactivity TTL expires.
The maximum number of per-user nscd processes that can be created by
the main nscd is configurable (see nscd.conf(5)). After the maximum
number of them are created, the main nscd will use a Least Recently
Used (LRU) algorithm to terminate less active child nscd processes as
needed.
The main nscd daemon creates, monitors, and manages all the child nscd
processes. It creates a user's own nscd upon receiving the user's first
per-user lookup. When the nscd daemon is started, if per-user lookups
are enabled, it checks to ensure all conditions are met before getting
ready to create a per-user nscd. When the daemon is stopped, it termi‐
nates all the per-user nscd processes under its control.
Per-user nscd processes use the same configuration as the main nscd.
Once the configuration is read, the per-user nscd will use it for its
entire lifetime.
OPTIONS
Several of the options described below require a cachename specifica‐
tion. Supported values for cachename are: auth_attr, automount, boot‐
params, ethers, exec_attr, group, hosts, ipnodes, netmasks, networks,
passwd, prof_attr, project, protocols, rpc, services, tnrhdb. tnrhtp,
user_attr,
Options that dynamically update the running nscd daemon do so on a tem‐
porary basis until the daemon is restarted.
-c cachename,yes|no
Temporarily enables or disables the ongoing check of the specified
cache. The check invalidates the cache if the database file is mod‐
ified. To set permanently see check_files in nscd.conf(5).
-e cachename,yes|no
Temporarily enables or disables the specified cache. The data is
retrieved, but the results are not cached. To set permanently see
enable_cache in nscd.conf(5).
-g
Prints the current configuration and statistics to standard output.
This is the only option executable by users without the effective
UID of 0 and who have not been assigned the Name Service Management
rights profile. The configuration shown is the current configura‐
tion before processing any other command-line options.
-h cachename,keep_hot_count
Temporarily updates the number of entries to keep current in the
specified cache. value is an integer that approximates the number
of entries that are frequently used during the day. To set perma‐
nently, see keep_hot_count in nscd.conf(5).
-i cachename
Invalidate the specified cache of an active nscd daemon.
-l filename
Specifies the debug log file at startup. For backward compatibil‐
ity, use the -L option.
-n cachename,negative_ttl
Temporarily updates time-to-live for negative entries (queries that
return a not found response) in the specified cache. negative_ttl
is the TTL in seconds. To set permanently, see nega‐
tive_time_to_live in nscd.conf(5).
-p cachename,positive_ttl
Temporarily updates time-to-live for successful queries (positive
entries) in the specified cache. positive_ttl is the TTL in sec‐
onds. To set permanently, see positive_time_to_live in
nscd.conf(5).
-C debug_component_list
Temporarily sets the list of components to log debug messages, as
specified by the debug_level_list property value. The list is a
comma-separated list of names. Valid values are shown in usage out‐
put (nscd -?) and are subject to change. The none value disables
all component values, while the all value enables all values. To
set permanently, see debug_components in nscd.conf(5).
-D debug_level_list
Temporarily sets the list of debug levels for which to generate
debug messages. The list is a comma-separated list of debug levels.
Valid values are shown in usage output (nscd -?) and are subject to
change. The none value disables all debug levels, while the all
value enables all debug levels. To set permanently, see debug_level
in nscd.conf(5).
-L log_filename
Temporarily sets the file in which to store debug output. See con‐
fig/logfile in nscd.conf(5).
EXAMPLES
Example 1 Invalidate the Host Cache of an Active Daemon
Use the following command when you know that a host's address has been
changed in DNS.
example# nscd -i hosts,ipnodes
Example 2 Enable Debugging for an Active nscd Daemon
The following command enables debugging on all components at all levels
and writes debug messages to the specified log file.
example# nscd -g | egrep '(debug|log)'
0 server debug level
0 server debug components
"/dev/null" is the server log file
example# /usr/sbin/nscd -D all -C all -L /var/tmp/nscd.log
example# nscd -g | egrep '(debug|log)'
32767 server debug level
8191 server debug components
"/var/tmp/nscd.log" is the server log file
Example 3 Disable Debugging for an Active nscd Daemon
The following commands disables debugging and resets the location of
the debug log to /dev/null.
example# /usr/sbin/nscd -D none -C none -L ""
FILES
/etc/nscd.conf
Private configuration file that is automatically generated by
svc:/system/name-service/cache, see nscd.conf(5).
/etc/nsswitch.conf, /etc/resolv.conf
Monitored. Modifying the file causes nscd to restart and flush all
caches. See nsswitch.conf(5) and resolv.conf(5).
/etc/bootparams, /etc/ethers, /etc/group, /etc/inet/hosts,
/etc/inet/ipnodes, /etc/inet/netmasks, /etc/inet/networks,
/etc/inet/protocols, /etc/passwd, /etc/project, /etc/rpc, /etc/secu‐
rity/auth_attr.d, /etc/security/exec_attr.d, /etc/security/prof_attr.d,
/etc/security/tsol/tnrhdb, /etc/security/tsol/tnrhtp, /etc/services,
/etc/user_attr.d
Monitored by default. Monitors the relevant cache based on the
check_files property value, see nscd.conf(5).
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Availabilitysystem/core-os
SEE ALSO
svcs(1), getaddrinfo(3C), getnameinfo(3C), getpwnam(3C), getspnam(3C),
auth_attr(5), bootparams(5), ethers(5), exec_attr(5), group(5),
hosts(5), netmasks(5), networks(5), nscd.conf(5), nsswitch.conf(5),
passwd(5), prof_attr(5), project(5), protocols(5), resolv.conf(5),
rpc(5), services(5), user_attr(5), ypfiles(5), attributes(7), ldap(7),
getent(8), ldapclient(8), mdns(8), svcadm(8), svccfg(8), ypbind(8)
NOTES
You can use the svcadm command to perform administrative actions on
svc:/system/name-service/cache, such as enabling, or requesting
restart. You can use the svcs command to query the service's status.
You can use the svccfg command to configure this service. See
nscd.conf(5).
The obsolete service svc:/system/name-service-cache has been retained
for backward compatibility with scripts that might reference it. Its
only purpose is to serve as an optional_all dependency on the service
svc:/system/name-service/cache. The obsolete service name will be
removed in a future release.
HISTORY
The Solaris 2.5 OS introduced the /usr/sbin/nscd command that provides
cached lookups for the passwd, group, and hosts databases for a limited
set of API calls.
The Oracle Solaris 10 8/07 release enhanced nscd to handle additional
databases and API calls. The enhancements also include monitoring for
runtime changes to name service configuration.
Starting with Oracle Solaris 11.4, the nscd daemon must be running for
ldap(7) services to function correctly.
Oracle Solaris 11.4 4 Nov 2021 nscd(8)