From 6454b33345f27afce1ff3afba3a0a0beebc02c32 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 14 Dec 2014 16:29:24 +0100 Subject: services: Make 'nscd-service' configurable; cache hosts/services by default. Before that, as it was given an empty configuration file, nscd would actually have all its caches disabled. * gnu/services/base.scm (, ): New record types. (%nscd-default-caches, %nscd-default-configuration): New variables. (nscd.conf-file): New procedure. (nscd-service): Add 'config' parameter. Use 'nscd.conf-file', and pass its result as the '-f' parameter of nscd. * doc/guix.texi (Base Services): Update 'nscd-service' documentation accordingly. Document 'nscd-configuration', 'nscd-cache', '%nscd-default-configuration', and '%nscd-default-caches'. --- gnu/services/base.scm | 121 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 117 insertions(+), 4 deletions(-) (limited to 'gnu') diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 712222bdde..95edba6e7c 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -33,8 +33,10 @@ (define-module (gnu services base) #:select (mount-flags->bit-mask)) #:use-module (guix gexp) #:use-module (guix monads) + #:use-module (guix records) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) + #:use-module (ice-9 match) #:use-module (ice-9 format) #:export (root-file-system-service file-system-service @@ -46,6 +48,16 @@ (define-module (gnu services base) console-font-service udev-service mingetty-service + + %nscd-default-caches + %nscd-default-configuration + + nscd-configuration + nscd-configuration? + + nscd-cache + nscd-cache? + nscd-service syslog-service guix-service @@ -374,9 +386,110 @@ (define* (mingetty-service tty #:allow-empty-passwords? allow-empty-passwords? #:motd motd))))))) -(define* (nscd-service #:key (glibc (canonical-package glibc))) - "Return a service that runs libc's name service cache daemon (nscd)." - (with-monad %store-monad +(define-record-type* nscd-configuration + make-nscd-configuration + nscd-configuration? + (log-file nscd-configuration-log-file ;string + (default "/var/log/nscd.log")) + (debug-level nscd-debug-level ;integer + (default 0)) + ;; TODO: See nscd.conf in glibc for other options to add. + (caches nscd-configuration-caches ;list of + (default %nscd-default-caches))) + +(define-record-type* nscd-cache make-nscd-cache + nscd-cache? + (database nscd-cache-database) ;symbol + (positive-time-to-live nscd-cache-positive-time-to-live) ;integer + (negative-time-to-live nscd-cache-negative-time-to-live + (default 20)) ;integer + (suggested-size nscd-cache-suggested-size ;integer ("default module + ;of hash table") + (default 211)) + (check-files? nscd-cache-check-files? ;Boolean + (default #t)) + (persistent? nscd-cache-persistent? ;Boolean + (default #t)) + (shared? nscd-cache-shared? ;Boolean + (default #t)) + (max-database-size nscd-cache-max-database-size ;integer + (default (* 32 (expt 2 20)))) + (auto-propagate? nscd-cache-auto-propagate? ;Boolean + (default #t))) + +(define %nscd-default-caches + ;; Caches that we want to enable by default. Note that when providing an + ;; empty nscd.conf, all caches are disabled. + (list (nscd-cache (database 'hosts) + + ;; Aggressively cache the host name cache to improve + ;; privacy and resilience. + (positive-time-to-live (* 3600 12)) + (negative-time-to-live 20) + (persistent? #t)) + + (nscd-cache (database 'services) + + ;; Services are unlikely to change, so we can be even more + ;; aggressive. + (positive-time-to-live (* 3600 24)) + (negative-time-to-live 3600) + (check-files? #t) ;check /etc/services changes + (persistent? #t)))) + +(define %nscd-default-configuration + ;; Default nscd configuration. + (nscd-configuration)) + +(define (nscd.conf-file config) + "Return the @file{nscd.conf} configuration file for @var{config}, an +@code{} object." + (define cache->config + (match-lambda + (($ (= symbol->string database) + positive-ttl negative-ttl size check-files? + persistent? shared? max-size propagate?) + (string-append "\nenable-cache\t" database "\tyes\n" + + "positive-time-to-live\t" database "\t" + (number->string positive-ttl) "\n" + "negative-time-to-live\t" database "\t" + (number->string negative-ttl) "\n" + "suggested-size\t" database "\t" + (number->string size) "\n" + "check-files\t" database "\t" + (if check-files? "yes\n" "no\n") + "persistent\t" database "\t" + (if persistent? "yes\n" "no\n") + "shared\t" database "\t" + (if shared? "yes\n" "no\n") + "max-db-size\t" database "\t" + (number->string max-size) "\n" + "auto-propagate\t" database "\t" + (if propagate? "yes\n" "no\n"))))) + + (match config + (($ log-file debug-level caches) + (text-file "nscd.conf" + (string-append "\ +# Configuration of libc's name service cache daemon (nscd).\n\n" + (if log-file + (string-append "logfile\t" log-file) + "") + "\n" + (if debug-level + (string-append "debug-level\t" + (number->string debug-level)) + "") + "\n" + (string-concatenate + (map cache->config caches))))))) + +(define* (nscd-service #:optional (config %nscd-default-configuration) + #:key (glibc (canonical-package glibc))) + "Return a service that runs libc's name service cache daemon (nscd) with the +given @var{config}---an @code{} object." + (mlet %store-monad ((nscd.conf (nscd.conf-file config))) (return (service (documentation "Run libc's name service cache daemon (nscd).") (provision '(nscd)) @@ -388,7 +501,7 @@ (define* (nscd-service #:key (glibc (canonical-package glibc))) (start #~(make-forkexec-constructor (list (string-append #$glibc "/sbin/nscd") - "-f" "/dev/null" "--foreground"))) + "-f" #$nscd.conf "--foreground"))) (stop #~(make-kill-destructor)) (respawn? #f))))) -- cgit v1.2.3