diff options
Diffstat (limited to 'nixos/modules/services/system/nscd.conf')
-rw-r--r-- | nixos/modules/services/system/nscd.conf | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/nixos/modules/services/system/nscd.conf b/nixos/modules/services/system/nscd.conf new file mode 100644 index 00000000000..722b883ba42 --- /dev/null +++ b/nixos/modules/services/system/nscd.conf @@ -0,0 +1,34 @@ +# We basically use nscd as a proxy for forwarding nss requests to appropriate +# nss modules, as we run nscd with LD_LIBRARY_PATH set to the directory +# containing all such modules +# Note that we can not use `enable-cache no` As this will actually cause nscd +# to just reject the nss requests it receives, which then causes glibc to +# fallback to trying to handle the request by itself. Which won't work as glibc +# is not aware of the path in which the nss modules live. As a workaround, we +# have `enable-cache yes` with an explicit ttl of 0 +server-user nscd + +enable-cache passwd yes +positive-time-to-live passwd 0 +negative-time-to-live passwd 0 +shared passwd yes + +enable-cache group yes +positive-time-to-live group 0 +negative-time-to-live group 0 +shared group yes + +enable-cache netgroup yes +positive-time-to-live netgroup 0 +negative-time-to-live netgroup 0 +shared netgroup yes + +enable-cache hosts yes +positive-time-to-live hosts 0 +negative-time-to-live hosts 0 +shared hosts yes + +enable-cache services yes +positive-time-to-live services 0 +negative-time-to-live services 0 +shared services yes |