nscd is a daemon that provides a cache for the most common name service requests. The default configuration file, /etc/nscd.conf, determines the behavior of the cache daemon. nscd provides caching for accesses of the passwd, group, and hosts databases through standard libc interfaces, such as getpwnam, getpwuid, getgrnam, getgrgid, gethostbyname, and others.
There are two caches for each database: a positive one for items found, and a negative one for items not found. Each cache has a separate TTL (time-to-live) period for its data. Note that the shadow file is specifically not cached. getspnam calls remain uncached as a result. As a result of this behavior there is not possible to change non-nscd user to another non-nscd user via su service when nscd is running.
Note
nscd starts at boot time and runs continuously. The default /etc/nscd.conf specifies a timeout of 10 minutes for passwd data and an hour for hosts and group, with a 20-second negative timeout (the amount of time before an unsuccessful lookup is retried). In practice, these values rarely need changing. If a change you recently made doesn’t seem to show up, nscd is probably the reason.
