nsncd is a nscd-compatible daemon that proxies lookups, without caching.
nsncd can be used in situations where you want to make an application use nss
plugins available to a different libc than the one the application will load.
Since most (all?) libc implementations will try to use /var/run/nscd/socket if
it exists, you can make all lookups on a machine attempt to use the libc that
nsncd is running with (and any nss plugins available to it), regardless of the
libc used by a particular application.
It is also a fairly minimal and clean implementation of (a part of) the nscd
protocol, which is otherwise only really documented in implementations of libc,
and mailing lists.
Just run the nsncd binary and it will listen at /var/run/nscd/socket.
There's a simple systemd unit file, too.
If you're on a Debian-based system, you can use the provided Debian package to
install nsncd to run under systemd. See debian/README.source for how to
build it - we use a few Rust crates that aren't packaged for stable Debian
releases.
nsncd looks in its environment for configuration.
There are two integer variables we pay attention to: NSNCD_WORKER_COUNT and
NSNCD_HANDOFF_TIMEOUT. Both must be positive (non-zero), and the timeout is
in seconds.
We also pay attention to variables NSNCD_IGNORE_<DATABASE> where <DATABASE>
is one of the database names from nsswitch.conf(5), capitalized:
- NSNCD_IGNORE_GROUP
- NSNCD_IGNORE_HOSTS
- NSNCD_IGNORE_INITGROUPS
- NSNCD_IGNORE_NETGROUP
- NSNCD_IGNORE_PASSWD
- NSNCD_IGNORE_SERVICES
These variables must be either true or false. The default is false (don't
ignore any requests). If one of these variables is set to true, nsncd will
not respond to the requests related to that database.
Some request types may be ignored by the implementation (e.g. the ones that request a file descriptor pointing into internal cache structures).
NSNCD_SOCKET_PATH may be set to override the default location of the socket.
Please create GitHub issues and/or pull requests.
nsncd is licensed under the Apache License 2.0.