lists.arthurdejong.org
RSS feed

Re: both nscd and nslcd needed?

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: both nscd and nslcd needed?



On Sun, 2014-01-26 at 11:24 +0100, Egbert wrote:
> We are running ldap auth on our sftp server. The ldap server is on a
> different server on the same internal network (this is HCC hobbynet
> network). There are situations where we find that the nscd and/or
> nslcd daemons on the sftp server are dead and nobody can login
> anymore.
>  
> Since we came from the nss-ldap service and now rely fully on your
> nss-ldapd, we wonder if both daemons are needed. All config is in
> nslcd.conf; we never touched the nscd.conf. Having overlapping configs
> is confusing.

nscd and nslcd serve completely separate purposes: nscd does caching for
all NSS providers, nslcd retrieves user and group data from an LDAP
server and makes it available to the system.

nscd is not required for running nslcd. It may improve performance if
your LDAP server is slow but some versions of nscd have been known to be
unstable. In the situations I've experienced removing the nscd cache
files (/var/db/nscd or /var/cache/nscd) helped.

There is work ongoing to implement caching in pynslcd (a Python
alternative drop-in to nslcd) so that should make nscd redundant.

If you are seeing crashes or hangs in nslcd, could you send some more
details? For instance, version number, any information from the logs
regarding the problem, conditions that seem to trigger the problem, etc.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/