Blog how-to-check-and-maintain-a-clean-and-functional-arch-linux-system
linuxJULY 17, 2024

How to Check and Maintain a Clean and Functional Arch Linux System

kraaakilo's avatar

In this short guide i'll show you the steps to ensure your Arch Linux system is clean, free from issues, and running optimally. I use this commands & tips to ensure that everything is working as expected in my system.

Update the System

First, it's essential to keep your system up-to-date. Use the following command to update all installed packages:

sudo pacman -Syu

This command synchronizes the package database and installs available updates. You can alse use directly yay (if installed) to ensure AUR (Arch User Repository) packages are updated.

Check for Orphaned Packages

Orphaned packages are those installed as dependencies but are no longer needed. To identify and remove them:

pacman -Qdt
sudo pacman -Rns $(pacman -Qdtq)

Verify Package Integrity

Ensure that installed packages are not corrupted:

sudo pacman -Qk

For detailed output:

sudo pacman -Qkk

Clean the Package Cache

Over time, the package cache can become large. Clean it up to free space:

sudo paccache -r

To keep only the last three versions of the packages:

sudo paccache -rk3

Check for Failed Systemd Services

Ensure that all systemd services are running properly:

systemctl --failed

Check the Journal for Errors

Look through the system journal for recurring errors:

journalctl -p 3 -xb

Verify File System Integrity

Identify your file systems and check them for errors. First, identify your partitions:

lsblk

Then, unmount the partitions and run a file system check (replace /dev/sdXn with your partition):

sudo umount /dev/sdXn
sudo fsck /dev/sdXn

Check Disk Usage

Ensure that your disk usage is within acceptable limits and no partitions are running out of space:

df -h

Remove Unused Config Files

Sometimes, configuration files of uninstalled packages can linger. Identify and remove them if necessary:

sudo find /etc -name "*.pacsave"

Check for Broken Symlinks

Find and handle any broken symlinks:

sudo find / -xtype l 2> /dev/null

Audit System Logs

Regularly audit your logs for any unusual activity:

sudo journalctl -xe

Check Hardware Status

Use tools like smartmontools to check the status of your hard drives:

sudo smartctl -a /dev/sdX

To install smartmontools if you don't have it:

sudo pacman -S smartmontools

Review System Security

Ensure your system is secure by checking for any known vulnerabilities and updating your security settings:

  • Ensure your firewall is active and configured properly (e.g., using ufw or iptables).
  • Check for rootkits:
sudo pacman -S rkhunter
sudo rkhunter --checkall

Here i write a full script :

#!/bin/bash

# Color variables
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color

# Check if the user is root
if [ "$EUID" -ne 0 ]; then
  echo -e "${RED}Please run this script as root.${NC}"
  exit 1
fi

echo -e "${BLUE}Updating the system...${NC}"
sudo pacman -Syu --noconfirm

echo -e "${BLUE}Checking for orphaned packages...${NC}"
orphans=$(pacman -Qdtq)
if [ -n "$orphans" ]; then
  sudo pacman -Rns --noconfirm $orphans
  echo -e "${GREEN}Orphaned packages removed.${NC}"
else
  echo -e "${GREEN}No orphaned packages found.${NC}"
fi

echo -e "${BLUE}Verifying package integrity...${NC}"
sudo pacman -Qkk > /tmp/package_integrity_check.log
echo -e "${GREEN}Package integrity verified.${NC}"

echo -e "${BLUE}Cleaning the package cache...${NC}"
sudo paccache -rk3
echo -e "${GREEN}Package cache cleaned.${NC}"

echo -e "${BLUE}Checking for failed systemd services...${NC}"
failed_services=$(systemctl --failed)
if [ -n "$failed_services" ]; then
  echo -e "${RED}$failed_services${NC}"
else
  echo -e "${GREEN}No failed services found.${NC}"
fi

echo -e "${BLUE}Checking for errors in system logs...${NC}"
journalctl -p 3 -xb > /tmp/journal_errors.log
echo -e "${GREEN}System logs checked.${NC}"

echo -e "${BLUE}Checking file system integrity...${NC}"
for partition in $(lsblk -lnpo NAME,TYPE | grep "part$" | awk '{print $1}'); do
  sudo umount $partition
  sudo fsck -y $partition
done
echo -e "${GREEN}File system integrity checked.${NC}"

echo -e "${BLUE}Checking disk usage...${NC}"
df -h > /tmp/disk_usage.log
echo -e "${GREEN}Disk usage checked.${NC}"

echo -e "${BLUE}Searching for unused configuration files...${NC}"
sudo find /etc -name "*.pacsave" > /tmp/pacsave_files.log
echo -e "${GREEN}Unused configuration files search completed.${NC}"

echo -e "${BLUE}Searching for broken symlinks...${NC}"
find / -xtype l > /tmp/broken_symlinks.log
echo -e "${GREEN}Broken symlinks search completed.${NC}"

echo -e "${BLUE}Auditing system logs...${NC}"
sudo journalctl -xe > /tmp/system_audit.log
echo -e "${GREEN}System logs audited.${NC}"

echo -e "${BLUE}Checking hard drive status...${NC}"
for disk in $(lsblk -dnpo NAME,TYPE | grep "disk$" | awk '{print $1}'); do
  sudo smartctl -a $disk > /tmp/smartctl_${disk##*/}.log
done
echo -e "${GREEN}Hard drive status checked.${NC}"

echo -e "${BLUE}Checking for rootkits...${NC}"
sudo pacman -S --noconfirm rkhunter
sudo rkhunter --checkall > /tmp/rkhunter.log
echo -e "${GREEN}Rootkit check completed.${NC}"

echo -e "${CYAN}Maintenance completed. Logs are available in the /tmp directory.${NC}"

With these steps, I always ensure that nothing is broken in my OS. Feel free to reuse the commands, but make sure you know what you are doing.

Let's connect

Stay in the loop with my latest projects and insights! Follow me on Twitter to catch all the updates as they happen. Don't miss out on the journey – let's connect and explore the world of tech together. Click to follow now!

Follow me