From owner-svn-src-head@freebsd.org Sun Sep 6 20:32:14 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9EC773DC76D; Sun, 6 Sep 2020 20:32:14 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bl34G3jpxz4RZ8; Sun, 6 Sep 2020 20:32:14 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 627871459B; Sun, 6 Sep 2020 20:32:14 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 086KWESf070544; Sun, 6 Sep 2020 20:32:14 GMT (envelope-from asomers@FreeBSD.org) Received: (from asomers@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 086KWEmW070543; Sun, 6 Sep 2020 20:32:14 GMT (envelope-from asomers@FreeBSD.org) Message-Id: <202009062032.086KWEmW070543@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: asomers set sender to asomers@FreeBSD.org using -f From: Alan Somers Date: Sun, 6 Sep 2020 20:32:14 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r365391 - head/share/man/man5 X-SVN-Group: head X-SVN-Commit-Author: asomers X-SVN-Commit-Paths: head/share/man/man5 X-SVN-Commit-Revision: 365391 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Sep 2020 20:32:14 -0000 Author: asomers Date: Sun Sep 6 20:32:13 2020 New Revision: 365391 URL: https://svnweb.freebsd.org/changeset/base/365391 Log: nsswitch.conf(5): recommend placing cache after files When cache precedes files, and nscd is configured to allow negative caching, commands like "pw groupadd" can fail. The sequence of events looks like: 1. A command like pkg(8) looks up the group, and finds it absent. 2. pkg invokes pw(8) to add the group 3. pkg queries the group, but nscd says it doesn't exist, since it has a negative cache entry for that group. See also: https://lists.freebsd.org/pipermail/freebsd-current/2012-January/031595.html Reviewed by: bcr (manpages) MFC after: 1 week Sponsored by: Axcient Differential Revision: https://reviews.freebsd.org/D26184 Modified: head/share/man/man5/nsswitch.conf.5 Modified: head/share/man/man5/nsswitch.conf.5 ============================================================================== --- head/share/man/man5/nsswitch.conf.5 Sun Sep 6 20:03:13 2020 (r365390) +++ head/share/man/man5/nsswitch.conf.5 Sun Sep 6 20:32:13 2020 (r365391) @@ -33,7 +33,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 10, 2018 +.Dd September 6, 2020 .Dt NSSWITCH.CONF 5 .Os .Sh NAME @@ -224,20 +224,24 @@ and continue on anything else (i.e, .Ss Cache You can enable caching for the particular database by specifying .Dq cache -as the first source in the +in the .Nm file. +It should come after +.Dq files , +but before remote sources like +.Dq nis . You should also enable caching for this database in .Xr nscd.conf 5 . -If for the particular query +If for a particular query .Dq cache -source returns success, no further sources are queried. +source returns success, then no further sources are queried. On the other hand, if there are no previously cached data, the query result will be placed into the cache right after all other sources are processed. -Note, that +Note that .Dq cache -requires +requires the .Xr nscd 8 daemon to be running. .Ss Compat mode: +/- syntax @@ -321,15 +325,16 @@ resides in .Pa /etc . .El .Sh EXAMPLES -To lookup hosts in cache, then in +To lookup hosts in .Pa /etc/hosts +, then in cache, and then from the DNS, and lookup user information from .Tn NIS then files, use: .Pp .Bl -tag -width passwd: -compact .It hosts: -cache files dns +files cache dns .It passwd: nis [notfound=return] files .It group: