The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

repeating nscd monitoring messages after update to 11.52.0.14

Discussion in 'General Discussion' started by ladydi711, Oct 14, 2015.

  1. ladydi711

    ladydi711 Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    120
    Likes Received:
    3
    Trophy Points:
    18
    Hello,

    After the update to 11.52.0.14 early yesterday, my /var/log/messages file has started logging repeated nscd monitoring messages. These go on and on..

    Has anyone else seen this, or is there a solution?

    Code:
    messages:Oct 13 04:12:16 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:16 mic nscd: 13454 monitoring file `/etc/passwd` (1)
    messages:Oct 13 04:12:16 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:17 mic nscd: 13454 monitoring file `/etc/group` (3)
    messages:Oct 13 04:12:17 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:17 mic nscd: 13454 monitoring file `/etc/passwd` (1)
    messages:Oct 13 04:12:17 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/group` (3)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/passwd` (1)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/group` (3)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/passwd` (1)
    messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:21 mic nscd: 13454 monitoring file `/etc/group` (3)
    messages:Oct 13 04:12:21 mic nscd: 13454 monitoring directory `/etc` (2)
    messages:Oct 13 04:12:21 mic nscd: 13454 monitoring file `/etc/passwd` (1)
    messages:Oct 13 04:12:21 mic nscd: 13454 monitoring directory `/etc` (2)
     
  2. DJPRMF

    DJPRMF Registered

    Joined:
    Oct 14, 2015
    Messages:
    4
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Portugal
    cPanel Access Level:
    Root Administrator
    I notice this also in some of my servers.
    The nscd was installed in the latest update...

    I don't know if is safe to disable/stop it, but is filling the /var/log/messages almost every second...
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    It's by design that NSCD is enabled on systems during the update to cPanel version 11.52. Here's some more information from the 11.52 Release Notes:

    However, we do have internal case CPANEL-1966 open to ensure the NSCD service has it's own log file to avoid adding clutter to /var/log/messages. You can monitor our change log to see when this case has been implemented:

    11.52 Change Log - Documentation - cPanel Documentation

    Thank you.
     
  4. DJPRMF

    DJPRMF Registered

    Joined:
    Oct 14, 2015
    Messages:
    4
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Portugal
    cPanel Access Level:
    Root Administrator
    Adding a little of info given by the cPanel support , the NSCD service can be disabled in the WHM >> Service Manager >> Name Service Cache Daemon .
    Should be safe to disable while there is no solution for the problem...
     
    ladydi711 likes this.
  5. ladydi711

    ladydi711 Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    120
    Likes Received:
    3
    Trophy Points:
    18
    Thank you both for the info!!!
     
  6. Kobor

    Kobor Member

    Joined:
    Apr 5, 2012
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    I came here to see why suddenly i have nscd logging every 10 sec in my logs, and to my surprise cPanel is responsible again.

    It seems to me that a lot of changes were made in 11.52 without much thinking, for example Exim 10 sec delay on SMTP connections, now this.
    I don't really like when i have a working configured system, then over night the behavior of server changes ( like Exim change. or on all servers the log is full of nscd messages ).
    Especially since both example i used is pretty much useless IMHO.
    Like i don't really get how exactly will help exim, when exim pretty much doesn't user /etc/{passwd,shadow}, the hosts file contains one or maybe two line on 90% of the cpanel servers, and pretty much nobody uses netgroups ( Nscd is configured to cache these 4 files ).
    And you may argument that it saves a tiny bit of microsecond, but we loose anyway much more with RBL checks, reverse DNS lookups, virus scanning , spam scanning . So pretty much nscd is useless. I'm handling and handled a couple big servers with considerable email traffic , but passwd/shadow file scanning was never the bottleneck.

    I had a great respect over the years for the cpanel devs, but the past year you started loosing that.
    Seems changes are pushed from people who never worked on real live systems.
     
  7. Hedloff

    Hedloff Well-Known Member

    Joined:
    Jun 7, 2004
    Messages:
    100
    Likes Received:
    2
    Trophy Points:
    18
    So nscd is Name Service Cache Daemon and not cPanel DNS Admin Cache.
    Why have you enabled this automatically for all our servers after update to 11.52?
    What does it do? I see it's taking some cpu/resources and logging all the time as mentioned earlier.

    We have disabled cPanel DNS Admin Cache on the servers after testing that. It only caused issues.
    Now it seems like we have to disable Name Service Cache Daemon also since it's just causing issues and taking resources.

    I totally agree with you Kobor. cPanel is moving in the wrong direction the last 2-3 years.
    Only crappy features are released! Nothing that is even usefull. And that you set them as active without letting customers to choose seems for me as pretty fu**ed up!
     
    did-vmonroig likes this.
  8. did-vmonroig

    did-vmonroig Active Member

    Joined:
    Feb 6, 2012
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    We've same problem. NSCD is flooding /var/log/messages:

    Code:
    root@server [~]# tail -f /var/log/messages
    Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/passwd` (1)
    Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/group` (3)
    Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/passwd` (1)
    Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/group` (3)
    Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/passwd` (1)
    Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/group` (3)
    Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/group` (3)
    Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/passwd` (1)
    Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/passwd` (1)
    Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:42 server nscd: 32707 monitoring file `/etc/group` (3)
    Oct 27 17:35:42 server nscd: 32707 monitoring directory `/etc` (2)
    Oct 27 17:35:42 server nscd: 32707 monitoring file `/etc/passwd` (1)
    Oct 27 17:35:42 server nscd: 32707 monitoring directory `/etc` (2)
    We're going to disable the service while cPanel provides a solution.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you elaborate on the additional issues, beyond the excessive logging in /var/log/messages so we can investigate those problems?

    Thank you.
     
  10. DJPRMF

    DJPRMF Registered

    Joined:
    Oct 14, 2015
    Messages:
    4
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Portugal
    cPanel Access Level:
    Root Administrator
    nscd will fill the logs pretty fast.... Even in is own log file (like what cpanel team is trying to do apparently), those entries (probably) will still be created, wasting CPU and I/O....

    Don't to mention the log file size, that can be big (just search in the google and will find many reports of the nscd logfile HUGE sizes, or imagine those entries being replicated over and over again in another log).

    I don't know if adding the nscd will help anything, comparing to the disadvantages...
     
  11. feanorknd

    feanorknd Member

    Joined:
    Sep 28, 2005
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Hi...

    I have seen /etc/nscd.conf is being used, as I tested paranoia mode to yes and it is ok at "nscd -g".

    But if I try to enable "logfile /var/log/nscd.log", this is not running, because all debug messages are being directed to /var/log/messages in spite of any file specified at logfile line.

    My intention is to redirect logfile to /dev/null directly ;)

    But there is no way... I have also checked that nscd user has privileges at /var/log/nscd.log file, but no success...

    There is almost documentation around this online... I cannot understand why nscd is always printing logs at /var/log/messages in spite of configuring logfile.

    I think /dev/null logfile is a great idea for nscd.
     
  12. feanorknd

    feanorknd Member

    Joined:
    Sep 28, 2005
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Ok........ fixed.....

    I tried this:

    Due to documentation:
    So at nscd.conf.....

    Result is nscd is sending log messages to /dev/null.... I think now there is not any IO or extra CPU proccessing... optimal? What do you think? :rolleyes:


    But...... I keep preffering using own named service to cache DNS queries...

    At /etc/resolv.conf
    If named at 127.0.0.1 fails, there is always a second nameserver for queries...

    Now, at named.conf, allow recursion only for internal and disable for external. Your named service will cache all queries done, and if not hit, recursion to the parent root servers to resolv.

    In my case, it is running perfectly since years ago.
     
    #12 feanorknd, Nov 3, 2015
    Last edited: Nov 3, 2015
  13. AnthonyFrancis

    PartnerNOC

    Joined:
    Sep 7, 2013
    Messages:
    7
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Denver Colorado
    cPanel Access Level:
    DataCenter Provider
    I have just noticed this on several hosts that have been recently updated. nscd is a noisy beast. It would be awesome if I didn't have to go into hundreds of hosts and kill it to make logs readable again.
     
  14. popeye

    popeye Well-Known Member

    Joined:
    May 23, 2013
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    We get this message most days this is another reason we are moving away from cpanel, because they keep doing pointless updates.
     
  15. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    I was able to turn off the noise on my logs, then a couple of days later, it came back. Thanks....
     
  16. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    cPanel version 11.52.1.0 is now available on the "Current" build tier and includes an improvement to this issue:

    Fixed case CPANEL-1966: Set nscd to log to /var/log/nscd.log.

    Thank you.
     
  17. kernow

    kernow Well-Known Member

    Joined:
    Jul 23, 2004
    Messages:
    865
    Likes Received:
    9
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Am still getting this problem, running WHM 11.52.1 (build 2) /var/log/nscd.log exists but nothing gets written to it.
     
    #17 kernow, Nov 18, 2015
    Last edited by a moderator: Nov 18, 2015
  18. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    To clarify, are you stating that information is still logged to /var/log/messages on your system, or is the issue now that no data is logged to /var/log/nscd.log? Did you make any previous changes to the /etc/nscd.conf file?

    Thank you.
     
  19. kernow

    kernow Well-Known Member

    Joined:
    Jul 23, 2004
    Messages:
    865
    Likes Received:
    9
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Correct, nscd information is still logged to /var/log/messages. No manual changes have been made.
     
  20. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Internal case CPANEL-2581 is open to report this behavior (on systems with the resolution from CPANEL-1966) to our developers. I will update this thread with more information as it becomes available.

    Thank you.
     
Loading...

Share This Page