General Maintenance of Arch Linux Systems
On this page
- Updating the Mirror list
- Keeping the Time Accurate
- Upgrading Your Entire Arch Linux System
- Removing Packages and Their Dependencies
- Removing Unused Packages
- Cleaning Up the Pacman Cache
- Rolling Back to an Older Version of a Package
Maintaining an Arch Linux installation is actually extremely simple and straightforward, as long as you keep a few things in mind. The rolling release nature of the distribution means we never have to worry about major version upgrades like other distributions (Ubuntu and Debian to name a few..). As long as you use Pacman wisely and update your packages regularly, you should never run into problems with things breaking and packages not working with Arch. The following will outline my recommendations for keeping Arch up to date and running like the day you installed it, or better! I will also provide a short section to optimize Arch after you first install it which will make maintaining it faster and easier in the long run. As always, these are just my thoughts, and any official documentation should be referenced while using Arch. I have assumed that you are a sudoer for all of the following commands. However, as long as you are a sudoer or can change to the root user, you should be okay. The ArchWiki is a great resource, and many of the guides and information found there is useful even if you are not using Arch. Their IRC channel, #archlinux, can be found on irc.freenode.net. This is another great place to ask questions and gather useful insight from more experienced users. Just don't flood the channel and incessantly ask the same question over and over!
Optimizing Arch (It Helps!)
First, we'll go through optimizing Arch which is going to make maintenance and ongoing use quicker and easier. These are little things that can sometimes make a big difference. A lot of people overlook them or are too lazy to properly configure things like Pacman (the package manager) so it never gets done on their systems. Starting off strong and making a system somewhat self-sustaining can go a long way and save a lot of headaches later!
Updating the Mirror list
First, I'll walk you through updating the mirror list to utilize mirrors that are fastest for you. The mirror list is located at /etc/pacman.d/mirrorlist. One option is to simply look at the list and select mirrors that you believe are geographically closer to you. This is useful in some cases, but just because a mirror is closer does not mean it is the fastest. If we wanted to base our decision off of something a little bit more concrete, we can use a built-in tool that arch provides for us at /usr/bin/rankmirrors. By default, most of the mirrors in /etc/pacman.d/mirrorlist are commented out, but to use rankmirrors you will have to uncomment them all. An easy way to do this is to copy the file to a new name and use sed to remove all the "#'s" denoting comments with the following commands:
sudo cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.toBeTested
sudo sed -i 's/^#Server/Server/' /etc/pacman.d/mirrorlist.toBeTested
Now, you can use the help output from rankmirrors to learn all about its functionality, but for this let's assume we just want the three fastest mirrors. We would simply use our newly generated file containing all the (uncommented) mirrors and use rankmirrors to print the 3 fastest:
sudo rankmirrors /etc/pacman.d/mirrorlist.toBeTested -n 3
Take the output of that command, which should be your three fastest mirrors, and uncomment them in the real mirrorlist using your favorite text editor like so:
sudo vim /etc/pacman.d/mirrorlist
I like to do this every few months on my system, because sometimes mirrors become unavailable, or change in such a way that they are not as fast anymore. Some may call this trivial, but since Arch is a rolling release distribution there tends to be a lot of updates. Even if you save 3 seconds for every package you download, that could add up to tens of minutes over the course of a year or more! Plus, if you are administering more than one system running Arch, the time factor compounds even more. Take it with a grain of salt, but the little things make all the difference when dealing with a lot of systems or over time.
Keeping the Time Accurate
I can not stress enough how important it is that the system time remain accurate. This is especially true if talking about a system that does not have its own hardware clock (e.g. a VM). Many running services require that the time between client and server be the same in order for things to work properly. Also, you would not want your system to think a certificate is still valid if it isn't just because the system time is wrong! Even more so, you want the time in your log files to be accurate so that if you are trying to diagnose a problem you know when something actually happened, and not when the system clock SAYS it happened. The easiest way to do this with Arch is by using NTP, or the Network Time Protocol. NTP, or more specifically ntpd, in this case, will periodically sync the clock on your system with a server or servers on the Internet to ensure that the system time matches. It also keeps track of things like time drift, so if you cared you could determine by how much your clock was off at any given time.
Verifying The Timezone on Your Arch Linux Install
There is a command available, timedatectl, on every Arch install that will show us lots of useful information about the time and the date on the system.
[jonathan@zabaglione]$ sudo timedatectl Local time: Sun 2015-07-05 18:30:18 MDT Universal time: Mon 2015-07-06 00:30:18 UTC RTC time: n/a Time zone: America/Denver (MDT, -0600) Network time on: no NTP synchronized: no RTC in local TZ: no
If everything looks good from that output, you should be okay to go ahead and configure NTP (keep reading). If you have to change the timezone or anything else, consult this page for more information.
Installing and Configuring NTP
Installing and configuring NTP is easy with Arch Linux, as it comes with a configuration that should work for most people. First, we have to install the package:
sudo pacman -S ntp
Pending everything went okay with the installation, check out /etc/ntp.conf. The default as of the time of writing looks like this:
# Please consider joining the pool: # # http://www.pool.ntp.org/join.html # # For additional information see: # - https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon # - http://support.ntp.org/bin/view/Support/GettingStarted # - the ntp.conf man page # Associate to Arch's NTP pool server 0.arch.pool.ntp.org server 1.arch.pool.ntp.org server 2.arch.pool.ntp.org server 3.arch.pool.ntp.org # By default, the server allows: # - all queries from the local host # - only time queries from remote hosts, protected by rate limiting and kod restrict default kod limited nomodify nopeer noquery notrap restrict 127.0.0.1 restrict ::1 # Location of drift file driftfile /var/lib/ntp/ntp.drift
If you are at all interested in changing the defaults, I recommend checking out the ArchWiki article here. Otherwise, we are going to continue assuming the ntp.conf file looks like you want it to. For most people, the default settings will be just fine. Now, ntpd is the daemon that we want to run in the background of our Arch Linux installation. The following commands will start ntpd and enable it at boot, respectively.
sudo systemctl start ntpd
sudo systemctl enable ntpd
Maintaining Arch is not much different than maintaining any other distribution or operating system. The most common way to muck up an Arch installation is by not updating your packages regularly. Arch Linux is a rolling release distribution. There are no major verion releases, and packages are updated on a continual and "as-available" basis. With that in mind, if you never update your system, it is possible that things will change at such a rate that when you do finally decide to update it causes a problem. Update often to avoid conflicts and issues. This also ensures that your system is running with the most recent security vulnerabilities patched.
Upgrading Your Entire Arch Linux System
Pacman is a very powerful package manager, but it is easy to use once you become familiar with the use flags and the syntax of the commands. The most important thing that you can (and should) do to your Arch Linux system is update it as regularly as possible. I personally update my system every day, and I have never had a problem doing so. Every few days to a week should be fine, though! The following command will tell Pacman to synchronize all installed packages with the respositories:
sudo pacman -Syu
This will provide a list of all available updates and then proceed to ask you if you want to continue:
[root@zabaglione ~]# pacman -Syu :: Synchronizing package databases... core 121.6 KiB 599K/s 00:00 [----------------------------------------------------------------------------------------] 100% extra 1738.1 KiB 3.12M/s 00:01 [----------------------------------------------------------------------------------------] 100% community 2.7 MiB 8.81M/s 00:00 [----------------------------------------------------------------------------------------] 100% :: Starting full system upgrade... resolving dependencies... looking for conflicting packages... Packages (8) gnupg-2.1.6-1 less-478-1 libldap-2.4.41-1 lz4-131-1 mercurial-3.4.2-1 openssh-6.9p1-1 vim-7.4.764-1 vim-runtime-7.4.764-1 Total Download Size: 11.29 MiB Total Installed Size: 56.65 MiB Net Upgrade Size: 0.11 MiB :: Proceed with installation? [Y/n]
READ CAREFULLY! Sometimes Pacman will do things like update the mirrorlist or other files and it will tell you before doing so, as well as where the old ones are backed up to. You will get a feel over time for when this sort of thing happens based on the packages being upgraded, but until you are familiar, BE CAREFUL!
Removing Packages and Their Dependencies
When I remove a package, I typically always tell Pacman to also remove its unused dependencies, that is, packages not needed by any other package. This helps keep my system generally cleaner and free of clutter. I have never run into issues using Pacman to do this, so the dependency trees are pretty well kept. To remove a package and its unneeded dependencies:
pacman -Rs packageName
Removing Unused Packages
Over time, through a series of many installs and uninstalls, it is easy to accumulate a lot of packages that you may not need any longer. To show all packages that were explicitly installled (thus, they were not installed as a dependency of any other packages) you can use the following command:
Read carefully through the output and identify anything you no longer need. It should be safe to uninstall them as long as you do not see any use for them. To get rid of packages that may have been pulled in as dependencies but are no longer needed by any packages, you can use this instead:
pacman -Rns $(pacman -Qtdq)
If you get an error that says error: no targets specified, it just means there are no packages to be removed that fulfill the criteria.
Cleaning Up the Pacman Cache
Pacman has to download all of the packages that ultimately get installed on your system. It stores these packages in a cache located in /var/cache/pacman/pkg/. This can take up quite a bit of disk space as time goes on, and if you are running on an embedded system or are just wary of how much disk space you are using, there are a few methods to clean up the cache depending on your goals. BE MINDFUL: clearing the cache out entirely means you cannot downgrade easily to an older version of installed software, since clearning it from the cache will remove it from your system. I will present a method below to more carefully clean the cache such that you do not remove ALL old versions.
Method 1: Clearing the WHOLE cache (CAUTION!)
If space is really limited and you are relatively happy with the stability of your system, or you are a more advanced user that knows how to find an old package and install it without getting it from the repositories using Pacman, this method of clearing the Pacman cache is okay to use. I only use this on limited occasions and with a lot of care, because if I want to downgrade a package quickly I like to have that flexibility, especially on production machines or computers that I rely on to get work done. The following command will remove everything in the cache:
I caution you ONE LAST TIME, there is no going back from this, the cache is gone.
Method 2: Maintaining Some Versions
Now, if you do not want to live on the edge and want to clean the cache in a safer way without removing EVERYTHING, you should probably use this method instead. There is a built in tool that is part of the pacman package called paccache. By default, paccache will remove everything except the latest THREE versions of a package, so it is typically a good idea to do things this way. Also, the output is very helpful and tells you how much space was freed up:
[jonathan@zabaglione ~]$ paccache -r ==> Privilege escalation required [sudo] password for jonathan: ==> finished: 233 packages removed (disk space saved: 511.94 MiB)
If you would like to also remove all cached versions of uninstalled packages, you can run paccache like this:
Rolling Back to an Older Version of a Package
Occasionally there comes a time in every good Linux user's life when a package upgrade breaks something important. Bugs can slip through the cracks and occasionally make it on to your operating system, or maybe you are doing something extra special that requires a very specific version of a package and, oops, you accidentally updated to the newest version! The following assumes you have the version you need in the package cache mentioned above, but if not, downloading the proper version and pointing pacman to it should yield the results you desire. Of course, remember to replace "name" and "package" with the actual package you are training to manipulate:
pacman -U /var/cache/pacman/pkg/name-version.pkg.tar.gz