repeating nscd monitoring messages after update to 11.52.0.14

[ladydi711]

Hello,

After the update to 11.52.0.14 early yesterday, my /var/log/messages file has started logging repeated nscd monitoring messages. These go on and on..

Has anyone else seen this, or is there a solution?

messages:Oct 13 04:12:16 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:16 mic nscd: 13454 monitoring file `/etc/passwd` (1)
messages:Oct 13 04:12:16 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:17 mic nscd: 13454 monitoring file `/etc/group` (3)
messages:Oct 13 04:12:17 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:17 mic nscd: 13454 monitoring file `/etc/passwd` (1)
messages:Oct 13 04:12:17 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/group` (3)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/passwd` (1)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/group` (3)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring file `/etc/passwd` (1)
messages:Oct 13 04:12:19 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:21 mic nscd: 13454 monitoring file `/etc/group` (3)
messages:Oct 13 04:12:21 mic nscd: 13454 monitoring directory `/etc` (2)
messages:Oct 13 04:12:21 mic nscd: 13454 monitoring file `/etc/passwd` (1)
messages:Oct 13 04:12:21 mic nscd: 13454 monitoring directory `/etc` (2)

 

[DJPRMF]

I notice this also in some of my servers.
The nscd was installed in the latest update...

I don't know if is safe to disable/stop it, but is filling the /var/log/messages almost every second...

 

[cPanelMichael]

Hello

It's by design that NSCD is enabled on systems during the update to cPanel version 11.52. Here's some more information from the 11.52 Release Notes:

nscd daemon enabled during installation or upgrade
During the installation or upgrade process, systems with over 1,000 MiB in available memory will automatically enable the nameserver cache daemon (nscd). This daemon caches hosts, passwords, and groups, which improves performance of recurring nameserver requests and password and group lookups. It will also greatly improve your Exim mail server performance.

However, we do have internal case CPANEL-1966 open to ensure the NSCD service has it's own log file to avoid adding clutter to /var/log/messages. You can monitor our change log to see when this case has been implemented:

11.52 Change Log - Documentation - cPanel Documentation

Thank you.

 

[DJPRMF]

Adding a little of info given by the cPanel support , the NSCD service can be disabled in the WHM >> Service Manager >> Name Service Cache Daemon .
Should be safe to disable while there is no solution for the problem...

 

[ladydi711]

Thank you both for the info!!!

 

[Kobor]

I came here to see why suddenly i have nscd logging every 10 sec in my logs, and to my surprise cPanel is responsible again.

It seems to me that a lot of changes were made in 11.52 without much thinking, for example Exim 10 sec delay on SMTP connections, now this.
I don't really like when i have a working configured system, then over night the behavior of server changes ( like Exim change. or on all servers the log is full of nscd messages ).
Especially since both example i used is pretty much useless IMHO.
Like i don't really get how exactly will help exim, when exim pretty much doesn't user /etc/{passwd,shadow}, the hosts file contains one or maybe two line on 90% of the cpanel servers, and pretty much nobody uses netgroups ( Nscd is configured to cache these 4 files ).
And you may argument that it saves a tiny bit of microsecond, but we loose anyway much more with RBL checks, reverse DNS lookups, virus scanning , spam scanning . So pretty much nscd is useless. I'm handling and handled a couple big servers with considerable email traffic , but passwd/shadow file scanning was never the bottleneck.

I had a great respect over the years for the cpanel devs, but the past year you started loosing that.
Seems changes are pushed from people who never worked on real live systems.

 

[Hedloff]

So nscd is Name Service Cache Daemon and not cPanel DNS Admin Cache.
Why have you enabled this automatically for all our servers after update to 11.52?
What does it do? I see it's taking some cpu/resources and logging all the time as mentioned earlier.

We have disabled cPanel DNS Admin Cache on the servers after testing that. It only caused issues.
Now it seems like we have to disable Name Service Cache Daemon also since it's just causing issues and taking resources.

I totally agree with you Kobor. cPanel is moving in the wrong direction the last 2-3 years.
Only crappy features are released! Nothing that is even usefull. And that you set them as active without letting customers to choose seems for me as pretty fu**ed up!

 

[did-vmonroig]

We've same problem. NSCD is flooding /var/log/messages:

[email protected] [~]# tail -f /var/log/messages
Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/passwd` (1)
Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/group` (3)
Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/passwd` (1)
Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/group` (3)
Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:40 server nscd: 32707 monitoring file `/etc/passwd` (1)
Oct 27 17:35:40 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/group` (3)
Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/group` (3)
Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/passwd` (1)
Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:41 server nscd: 32707 monitoring file `/etc/passwd` (1)
Oct 27 17:35:41 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:42 server nscd: 32707 monitoring file `/etc/group` (3)
Oct 27 17:35:42 server nscd: 32707 monitoring directory `/etc` (2)
Oct 27 17:35:42 server nscd: 32707 monitoring file `/etc/passwd` (1)
Oct 27 17:35:42 server nscd: 32707 monitoring directory `/etc` (2)

We're going to disable the service while cPanel provides a solution.

 

[cPanelMichael]

Now it seems like we have to disable Name Service Cache Daemon also since it's just causing issues and taking resources

Could you elaborate on the additional issues, beyond the excessive logging in /var/log/messages so we can investigate those problems?

Thank you.

 

[DJPRMF]

nscd will fill the logs pretty fast.... Even in is own log file (like what cpanel team is trying to do apparently), those entries (probably) will still be created, wasting CPU and I/O....

Don't to mention the log file size, that can be big (just search in the google and will find many reports of the nscd logfile HUGE sizes, or imagine those entries being replicated over and over again in another log).

I don't know if adding the nscd will help anything, comparing to the disadvantages...

 

[feanorknd]

Hi...

I have seen /etc/nscd.conf is being used, as I tested paranoia mode to yes and it is ok at "nscd -g".

But if I try to enable "logfile /var/log/nscd.log", this is not running, because all debug messages are being directed to /var/log/messages in spite of any file specified at logfile line.

My intention is to redirect logfile to /dev/null directly

But there is no way... I have also checked that nscd user has privileges at /var/log/nscd.log file, but no success...

There is almost documentation around this online... I cannot understand why nscd is always printing logs at /var/log/messages in spite of configuring logfile.

I think /dev/null logfile is a great idea for nscd.

 

[feanorknd]

Ok........ fixed.....

I tried this:

Due to documentation:

logfile file
Specifies the name of the debug log-file that nscd(8) should use
if debug-level is higher than 0. If this option is not set,
nscd(8) will write its debug output to stderr.

debug-level level
If level is higher than 0, nscd(8) will create some debug
output. The higher the level, the more verbose the output.

So at nscd.conf.....

...
logfile /dev/null
debug-level 1
...

Result is nscd is sending log messages to /dev/null.... I think now there is not any IO or extra CPU proccessing... optimal? What do you think?


But...... I keep preffering using own named service to cache DNS queries...

At /etc/resolv.conf

nameserver 127.0.0.1
nameserver 213.133.99.99

If named at 127.0.0.1 fails, there is always a second nameserver for queries...

Now, at named.conf, allow recursion only for internal and disable for external. Your named service will cache all queries done, and if not hit, recursion to the parent root servers to resolv.

In my case, it is running perfectly since years ago.

 

[AnthonyFrancis]

I have just noticed this on several hosts that have been recently updated. nscd is a noisy beast. It would be awesome if I didn't have to go into hundreds of hosts and kill it to make logs readable again.

 

[popeye]

We get this message most days this is another reason we are moving away from cpanel, because they keep doing pointless updates.

 

[Serra]

I have just noticed this on several hosts that have been recently updated. nscd is a noisy beast. It would be awesome if I didn't have to go into hundreds of hosts and kill it to make logs readable again.

I was able to turn off the noise on my logs, then a couple of days later, it came back. Thanks....

 

[cPanelMichael]

cPanel version 11.52.1.0 is now available on the "Current" build tier and includes an improvement to this issue:

Fixed case CPANEL-1966: Set nscd to log to /var/log/nscd.log.

Thank you.

 

[kernow]

Am still getting this problem, running WHM 11.52.1 (build 2) /var/log/nscd.log exists but nothing gets written to it.

 

[cPanelMichael]

Am still getting this problem, running WHM 11.52.1 (build 2) /var/log/nscd.log exists but nothing gets written to it.

Hello

To clarify, are you stating that information is still logged to /var/log/messages on your system, or is the issue now that no data is logged to /var/log/nscd.log? Did you make any previous changes to the /etc/nscd.conf file?

Thank you.

 

[kernow]

Correct, nscd information is still logged to /var/log/messages. No manual changes have been made.

 

[cPanelMichael]

Correct, nscd information is still logged to /var/log/messages. No manual changes have been made.

Internal case CPANEL-2581 is open to report this behavior (on systems with the resolution from CPANEL-1966) to our developers. I will update this thread with more information as it becomes available.

Thank you.