The nscd daemon is a caching daemon in Sun Solaris. It provides caching services for hosts,passwd,group,ipnodes databases using various nameservice lookups like hosts file, DNS, NIS,NIS+ and more. Each cache has a separate time-to-live for its data and modifying the local database like /etc/hosts invalidates that cache within ten seconds. nscd doesn’t cache /etc/shadow (contains encrypted passwords for /etc/passwd) file simple for security reasons as anyone would understand.
As nscd daemon provides caching service, it is necessary when you run a name service like DNS, NIS or NIS+ in your network. The configuration of nscd daemon can customised using the /etc/nscd.conf file and it is important more from a security point of view where you can control what is and how is cached on your solaris server.
A sample configuration looks like the following
enable-cache passwd no
enable-cache group no
positive-time-to-live hosts 3600
negative-time-to-live hosts 5
suggested-size hosts 211
keep-hot-count hosts 20
old-data-ok hosts no
check-files hosts yes
Each line of the config file has an attribute and a value or an attribute, cachename and value
Example:
attribute: enable-cache
cachename: group or passwd
Value: 3600 (time in seconds) or yes/no for to cache or not to cache.
Enable/Disable nscd caching
However, if caching is not required, disable the service at start up by renaming the startup script
/etc/rc2.d/S76nscd
to
/etc/rc2.d/s76nscd
optionally, rename the kill scrips in /etc/rc1.d/, /etc/rcS.d/, /etc/rc0.d/ from
K40nscd
to
k40nscd
Manually Start & Stop nscd daemon
To start & stop nscd daemon manually:
Start nscd
solaris#/etc/init.d/nscd start
Stop nscd
solaris#/etc/init.d/nscd stop
For more information, please check the Sun man pages