Russ Allbery > Technical Notes > Solaris | setuid Core Dumps > |
Solaris by default runs a program called nscd
that caches various
things. This is useful if you have a lot of users and use a network
protocol to get /etc/passwd information, since nscd
will cache such
things as NIS and LDAP results. However, it also caches DNS and (at least
in Solaris 8 and earlier) ignores such DNS information as TTLs (time to
live).
The result is that if you've just changed something in DNS, a Solaris
system may not pick that up right away, but all your command-line
utilities that do direct DNS queries (nslookup
, host
, etc.)
will see the right values.
To force nscd
to invalidate its DNS cache, run:
nscd -i hosts
as root. You can also just kill the daemon and restart it. You may want
to consider whether you want to not run nscd
at all if the only
network queries the system does out of nsswitch.conf
are for DNS,
since your local caching DNS server will do a much better job than
nscd
at obeying the DNS protocol.
You can also deactivate the nscd
DNS cache entirely by adding the
line:
enable-cache hosts no
to /etc/nscd.conf
.
Russ Allbery > Technical Notes > Solaris | setuid Core Dumps > |