ssh: Update to OpenSSH 9.7p1

[FreeBSD/FreeBSD.git] / usr.sbin / nscd / nscd.conf.5

.\" Copyright (c) 2005 Michael Bushkov <bushman@rsu.ru>
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd October 6, 2018
.Dt NSCD.CONF 5
.Os
.Sh NAME
.Nm nscd.conf
.Nd "nscd configuration file"
.Sh DESCRIPTION
The
.Nm
file
is used by the
.Xr nscd 8
daemon and is read on its startup.
Its syntax is mostly similar to the
.Pa nscd.conf
syntax in
.Tn Linux
and
.Tn Solaris .
It has some differences, though \[em] see them below.
.Pp
Each line specifies either an attribute and a
.Ar value ,
or an attribute, a
.Ar cachename
and a
.Ar value .
Usual cachenames are
.Dq Li passwd ,
.Dq Li group ,
.Dq Li hosts ,
.Dq Li services ,
.Dq Li protocols
and
.Dq Li rpc .
You can also use any other
.Ar cachename
(for example, if some third-party
application uses nsswitch).
.Bl -tag -width indent
.It Va threads Op Ar value
Number of threads, which would listen for connections and process requests.
The minimum is 1.
The default value is 8.
.It Va enable-cache Oo Ar cachename Oc Op Cm yes | no
Enables or disables the cache for specified
.Ar cachename .
.It Va positive-time-to-live Oo Ar cachename Oc Op Ar value
Sets the TTL (time-to-live) for the specified cache in seconds.
Larger values can increase system's performance, but they also can affect
the cache coherence.
The default value is 3600.
.It Va positive-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
The policy that is applied to erase some of the cache elements, when the
size limit of the given
.Ar cachename
is exceeded.
Possible policies are:
.Cm fifo
(first-in-first-out),
.Cm lru
(least-recently-used), and
.Cm lfu
(least-frequently-used).
The default policy is
.Cm lru .
.It Va negative-time-to-live Oo Ar cachename Oc Op Ar value
The TTL of the negative cached elements in seconds.
The larger values can significantly increase system performance in some
environments (when dealing with files with UIDs, which are not in system
databases, for example).
This number should be kept low to avoid the cache coherence problems.
The default value is 60.
.It Va negative-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
The same as the positive-policy, but this one is applied to the negative
elements of the given
.Ar cachename .
The default policy is fifo.
.It Va negative-confidence-threshold Oo Ar cachename Oc Op Ar value
The number of times a query must have failed before the cache accepts
that the element can not be found.
At the default value of 1 each negative query result is cached and
immediately returned from the cache on further queries.
Higher numbers cause queries to be retried at the configured data
sources the given number of times, before the negative result is
returned from the cache on further queries.
This allows to probe for the existence of an entry, and then to create
it if it did not exist, without the negative probe result preventing
access to the new entry for the duration of the negative TTL.
.It Va suggested-size Oo Ar cachename Oc Op Ar value
This is the internal hash table size.
The value should be a prime number for optimum performance.
You should only change this value when the number of cached elements is
significantly (5-10 times) greater than the default hash table size (257).
.It Va keep-hot-count Oo Ar cachename Oc Op Ar value
The size limit of the cache with the given
.Ar cachename .
When it is exceeded, the policy will be applied.
The default value is 2048.
.It Va perform-actual-lookups Oo Ar cachename Oc Op Cm yes | no
If enabled, the
.Xr nscd 8
does not simply receive and cache the NSS-requests results, but performs
all the lookups by itself and only returns the responses.
If this feature is enabled, then for the given
.Ar cachename
.Xr nscd 8
will act similarly to the NSCD.
.Pp
.Sy NOTE :
this feature is currently experimental \[em] it supports only
.Dq Li passwd ,
.Dq Li group
and
.Dq Li services
cachenames.
.El
.Sh NOTES
You can use the
.Ql #
symbol at the beginning of the line for comments.
.Sh FILES
.Bl -tag -width ".Pa /etc/nscd.conf" -compact
.It Pa /etc/nscd.conf
.El
.Sh SEE ALSO
.Xr nscd 8
.Sh AUTHORS
.An Michael Bushkov Aq Mt bushman@FreeBSD.org