nscd.conf - configuration file for Name Service Caching Daemon


The caches nscd(8) uses as well as some generic options can be configured in /etc/nscd.conf.

The configuration file consists of a set of lines. All empty lines, and all text on a line after a '#', will be ignored. All remaining lines denote the setting of an option. There are two kinds of options: General options influence nscd(8)'s general behaviour, while cache options only affect the named cache. Options are set like this:

general_option option cache_option cache_name option


logfile file

Specifies the name of the debug log-file that nscd(8) should use if debug-level is higher than 0. If this option is not set, nscd(8) will write its debug output to stderr.

debug-level level

If level is higher than 0, nscd(8) will create some debug output. The higher the level, the more output that is produced.

threads #threads

This option sets the number of threads that nscd(8) should use by default. It can be overridden by calling nscd(8) with the -t or --nthreads argument. If neither this configuration option nor the command line argument is given, nscd(8) uses 5 threads by default. The minimum is 3. More threads means more simultaneous connections that nscd(8) can handle.

server-user user

By default, nscd(8) is run as user root. This option can be set to force nscd(8) to drop root privileges after startup. It cannot be used when nscd(8) is called with the -S or --secure argument. Also note that some services require that nscd run as root, so using this may break those lookup services.


All cache options take two arguments, the first one denoting the service or cache the options is going to affect. Currently service can be one of passwd, group or hosts.

enable-cache service bool

bool must be one of yes or no. Each cache is disabled by default and must be enabled explicitly by setting this options to yes.

positive-time-to-live service secs

This is the number of seconds after which a cached entry is removed from the cache. This defaults to 3600 seconds (i. e. one hour).

negative-time-to-live service secs

If an entry is not found by the Name Service, it is added to the cache and marked as password and host cache and to 60 seconds for the group__ cache.

suggested-size service prime-number

This option sets the size of the hash that is used to store the cache entries. As this is a hash, it should be reasonably larger than the maximum number of entries that is expected to be cached simultaneously and should be a prime number. It defaults to a size of 211 entries.

check-files service bool

bool must be one of yes (default) or no. If file checking is enabled, nscd(8) periodically checks the modification time of /etc/passwd, /etc/group, or /etc/hosts (for the passwd, group, and host cache respectively) and invalidates the cache if the file has changed since the last check.


  1. This is a comment.

logfile /var/log/nscd.log threads 6 server-user nobody debug-level 0 enable-cache passwd yes positive-time-to-live passwd 600 negative-time-to-live passwd 20 suggested-size passwd 211 check-files passwd yes enable-cache group yes positive-time-to-live group 3600 negative-time-to-live group 60 suggested-size group 211 check-files group yes enable-cache hosts yes positive-time-to-live hosts 3600 negative-time-to-live hosts 20 suggested-size hosts 211 check-files hosts yes


nscd(8), nsswitch.conf(5)

This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.

lib/main.php:944: Notice: PageInfo: Cannot find action page

lib/main.php:839: Notice: PageInfo: Unknown action