# auto-propagate <service> (ignored)
#
# Currently supported cache names (services): passwd, group, hosts
-#
-# logfile /var/log/nscd.log
-# threads 4
-# max-threads 32
-# server-user nobody
-# stat-user somebody
- debug-level 0
-# reload-count 5
- paranoia no
-# restart-interval 3600
- enable-cache passwd yes
- positive-time-to-live passwd 600
- negative-time-to-live passwd 20
- suggested-size passwd 211
- check-files passwd yes
- persistent passwd yes
- shared passwd yes
- auto-propagate passwd yes
+# logfile /var/log/nscd.log
+# threads 14
+# max-threads 32
+server-user unscd
+debug-level 0
+
+enable-cache passwd yes
+positive-time-to-live passwd 600
+negative-time-to-live passwd 20
+suggested-size passwd 1001
+check-files passwd yes
- enable-cache group yes
- positive-time-to-live group 3600
- negative-time-to-live group 60
- suggested-size group 211
- check-files group yes
- persistent group yes
- shared group yes
- auto-propagate group yes
+enable-cache group yes
+positive-time-to-live group 3600
+negative-time-to-live group 60
+suggested-size group 1001
+check-files group yes
# hosts caching is broken with gethostby* calls, hence is now disabled
-# per default. See /usr/share/doc/nscd/NEWS.Debian.
- enable-cache hosts no
- positive-time-to-live hosts 3600
- negative-time-to-live hosts 20
- suggested-size hosts 211
- check-files hosts yes
- persistent hosts yes
- shared hosts yes
+# by default. Specifically, the caching does not obey DNS TTLs, and
+# thus could lead to problems if the positive-time-to-live is
+# significantly larger than the actual TTL.
+#
+# You should really use a caching nameserver instead of nscd for this
+# sort of request. However, you can easily re-enable this by default.
+enable-cache hosts no
+positive-time-to-live hosts 3600
+negative-time-to-live hosts 20
+suggested-size hosts 1001
+check-files hosts yes
# unscd does not support services caching