Arch Linux was created by Judd Vinet, a Canadian programmer, and first released on March 11, 2002.
Inspired by CRUX — a lightweight, x86-optimized Linux distribution — Judd wanted something simpler and more elegant.
The name “Arch” comes from the word architecture — reflecting the goal of a clean, well-structured system.
Arch was designed around the KISS principle — “Keep It Simple, Stupid” — meaning the system should be simple in design, not necessarily simple to use.
The KISS Philosophy
KISS = Keep It Simple, Stupid
Arch's interpretation:
- No GUI installers (historically)
- No auto-configuration tools
- No unnecessary abstractions
- User builds the system from scratch
- Every component is chosen deliberately
- Documentation over automation
This philosophy makes Arch powerful for those who understand it — and intimidating for those who don’t.
Leadership Transition
In 2007, Judd Vinet stepped down and handed the project to Aaron Griffin (aka phrakture).
Aaron led the project through major growth — the AUR expanded, the community grew, and Arch became a reference distro.
In 2020, Levente Polyak (aka anthraxx) became the current project lead.
Arch is maintained by a small team of Trusted Users (TUs) and developers — entirely volunteer-driven.
Key Milestones
2002 → First release by Judd Vinet
2006 → pacman 3.0 released (major rewrite)
2007 → Aaron Griffin takes over
2012 → systemd adopted as init system
2017 → x86_64 only (dropped i686 support)
2020 → Levente Polyak becomes lead; zsh becomes default shell
2021 → archinstall guided installer added to ISO
2022 → 20th anniversary; linux-zen added to official repos
2024 → Arch continues as the gold standard rolling-release distro
Introduction
What is Arch Linux?
Arch Linux is a rolling-release, x86_64 Linux distribution built around simplicity, minimalism, and user control.
Unlike Ubuntu or Fedora, Arch ships no desktop environment, no GUI tools, no pre-configured services — you build exactly what you want.
Uses pacman as its package manager and the AUR (Arch User Repository) for community packages.
Rolling release means there are no version numbers — you install once and update forever.
The Arch Wiki is considered the best Linux documentation resource on the internet — used by users of all distros.
The Arch Way
The Arch Way (core principles):
1. Simplicity
- Avoid unnecessary additions or modifications
- Ship software as upstream intended
- Minimal default configuration
2. Modernity
- Latest stable software versions
- Rolling release — always current
- Embraces modern Linux features (systemd, Wayland, etc.)
3. Pragmatism
- Principles serve users, not ideology
- Both free and non-free software available
- Practical solutions over dogma
4. User-Centricity
- Designed for the user who wants control
- Requires reading documentation
- "Do It Yourself" — you configure everything
5. Versatility
- General-purpose: desktop, server, embedded
- No forced defaults — every choice is yours
Latest software always available, complete control over every component, AUR gives access to virtually any Linux software, rolling release means no major version upgrades, minimal bloat (you install only what you need), excellent documentation (Arch Wiki), deep learning experience, pacman is fast and simple, strong community, Arch-based distros (Manjaro, EndeavourOS, Garuda) inherit these benefits.
Disadvantages
Steep learning curve, time-consuming initial setup, rolling release can occasionally break things, no official GUI installer (historically), requires regular maintenance and attention, not suitable for production servers without extra care, partial upgrades can break the system.
Use Cases
Power user desktops, development workstations, learning Linux internals deeply, custom minimal servers, penetration testing base (BlackArch), tiling WM setups (i3, Sway, Hyprland), home lab environments.
Minimum:
CPU: x86_64 (64-bit only — i686 dropped in 2017)
RAM: 512 MB (2 GB recommended for desktop)
Disk: 2 GB minimum (20 GB+ recommended)
Boot: UEFI or BIOS/Legacy
Net: Required during installation
Recommended for Desktop:
CPU: Multi-core 64-bit
RAM: 8 GB+
Disk: SSD 50 GB+
Creating Bootable USB
# Download ISO from: https://archlinux.org/download/# Verify signature (important!)gpg --keyserver-options auto-key-retrieve --verify archlinux-*.iso.sig# Linux — using ddsudo dd if=archlinux-*.iso of=/dev/sdX bs=4M status=progress oflag=sync# Using Ventoy (multi-boot, recommended)# Just copy the ISO to the Ventoy USB# Windows — use Rufus in DD mode (NOT ISO mode)
Two Installation Paths
Option A: archinstall (guided script) — easier, added in 2021
- Interactive menu-driven installer
- Handles partitioning, locale, bootloader, DE
- Good for learning without full manual pain
Option B: Manual installation — the traditional Arch way
- Full control over every step
- Teaches you exactly how Linux works
- Required reading: wiki.archlinux.org/title/Installation_guide
archinstall (Guided Script)
# Boot the Arch ISO, then:archinstall# Interactive menu covers:# - Mirror region# - Locale & keyboard# - Disk layout (auto or manual)# - Filesystem (ext4, Btrfs, XFS)# - Bootloader (GRUB or systemd-boot)# - Hostname# - Root password# - User account# - Desktop environment (optional)# - Audio server (PipeWire/PulseAudio)# - Network manager# - Additional packages
Manual Installation — Step by Step
Step 1: Boot & Connect to Internet
# Verify boot mode (UEFI vs BIOS)ls /sys/firmware/efi/efivars # exists = UEFI boot# Connect to WiFi (if needed)iwctl# Inside iwctl:device liststation wlan0 scanstation wlan0 get-networksstation wlan0 connect "SSID"exit# Verify internetping -c 3 archlinux.org# Update system clocktimedatectl set-ntp truetimedatectl status
Step 2: Partition the Disk
# List diskslsblkfdisk -l# Partition with fdisk (BIOS/MBR) or gdisk (UEFI/GPT)# For UEFI (recommended):gdisk /dev/sda# orfdisk /dev/sda# Recommended UEFI partition layout:# /dev/sda1 → EFI System Partition 512MB type: EFI System (ef00)# /dev/sda2 → swap 2-8GB type: Linux swap (8200)# /dev/sda3 → root / rest type: Linux filesystem (8300)# Recommended BIOS/MBR layout:# /dev/sda1 → /boot 512MB bootable flag# /dev/sda2 → swap 2-8GB# /dev/sda3 → root / rest# Using cfdisk (easier TUI):cfdisk /dev/sda
# Enable NetworkManager to start on bootsystemctl enable NetworkManager# Exit chrootexit# Unmount all partitionsumount -R /mnt# Rebootreboot# Remove USB when screen goes blank
Post-Install Essentials
# After first boot, login as your user# Connect to WiFinmcli device wifi listnmcli device wifi connect "SSID" password "password"# Full system updatesudo pacman -Syu# Install yay (AUR helper) — see AUR sectionsudo pacman -S --needed git base-develgit clone https://aur.archlinux.org/yay.gitcd yay && makepkg -si# Install a desktop environment (optional — see DE section)sudo pacman -S gnome gnome-extra gdmsudo systemctl enable gdm
Kernel & Architecture
Available Kernels
# Official kernels in Arch repos:linux → latest stable kernel (default)linux-lts → long-term support kernel (more stable)linux-zen → optimized for desktop/gaming (lower latency)linux-hardened → security-hardened kernel (stricter)# Install multiple kernels (recommended — fallback safety)sudo pacman -S linux linux-lts linux-headers linux-lts-headers# Check current kerneluname -runame -a# List installed kernelsls /boot/vmlinuz*pacman -Q linux linux-lts linux-zen
Kernel Comparison
Kernel
Use Case
Latency
Stability
Notes
linux
General use
Normal
Good
Always latest upstream
linux-lts
Servers, stability
Normal
Best
Longer support cycle
linux-zen
Desktop, gaming
Low
Good
BORE scheduler, responsiveness
linux-hardened
Security-focused
Higher
Good
Stricter security policies
Boot Process
flowchart TD
A[Power On] --> B[UEFI/BIOS POST]
B --> C{Boot Mode}
C -->|UEFI| D[EFI System Partition\n/boot/efi]
C -->|BIOS| E[MBR on disk]
D --> F[GRUB2 or systemd-boot]
E --> F
F --> G[Load vmlinuz kernel\n+ initramfs]
G --> H[Kernel decompresses\nand initializes hardware]
H --> I[mkinitcpio initramfs\nmounts early root]
I --> J[systemd PID 1 starts]
J --> K[sysinit.target]
K --> L[basic.target]
L --> M{Boot target}
M -->|CLI| N[multi-user.target\nTTY login]
M -->|GUI| O[graphical.target\nDisplay Manager]
O --> P[GDM / SDDM / LightDM]
P --> Q[Desktop Environment\nor Window Manager]
mkinitcpio
# mkinitcpio generates the initial RAM filesystem (initramfs)# Config: /etc/mkinitcpio.conf# Key sections in mkinitcpio.conf:MODULES=(btrfs) # kernel modules to include earlyBINARIES=() # extra binariesFILES=() # extra filesHOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystems fsck)# Regenerate initramfs after kernel or config changessudo mkinitcpio -P # regenerate for ALL installed kernelssudo mkinitcpio -p linux # regenerate for linux kernel onlysudo mkinitcpio -p linux-lts# List presetsls /etc/mkinitcpio.d/
Linux File System Hierarchy (FHS)
/ Root filesystem
├── /bin → symlink to /usr/bin (UsrMerge)
├── /boot Kernel (vmlinuz), initramfs, bootloader
│ └── /boot/efi EFI System Partition (UEFI)
├── /dev Device files (block, char, pseudo)
├── /etc System-wide configuration files
├── /home User home directories (/home/username)
├── /lib → symlink to /usr/lib
├── /lib64 → symlink to /usr/lib
├── /media Auto-mount removable media (USB, CD)
├── /mnt Temporary manual mount point
├── /opt Optional/third-party software
├── /proc Virtual FS: process and kernel info
├── /root Root user's home directory
├── /run Runtime data (cleared on reboot, tmpfs)
├── /sbin → symlink to /usr/bin
├── /srv Data served by system services
├── /sys Virtual FS: hardware/driver/kernel info
├── /tmp Temporary files (tmpfs — in RAM)
├── /usr All user programs, libraries, docs
│ ├── /usr/bin User + admin commands
│ ├── /usr/lib Shared libraries
│ ├── /usr/local Locally compiled software
│ ├── /usr/share Architecture-independent data
│ └── /usr/src Kernel source (if installed)
└── /var Variable data
├── /var/cache/pacman pacman package cache
├── /var/log System logs
└── /var/lib Persistent app data
GRUB2 Management
# Regenerate GRUB config (after kernel update or config change)sudo grub-mkconfig -o /boot/grub/grub.cfg# Edit GRUB defaultssudo nano /etc/default/grub# Key options:# GRUB_DEFAULT=0 → default entry (0=first)# GRUB_TIMEOUT=5 → seconds to show menu# GRUB_CMDLINE_LINUX_DEFAULT="quiet loglevel=3"# GRUB_CMDLINE_LINUX="" → extra kernel params# After editing /etc/default/grub, regenerate:sudo grub-mkconfig -o /boot/grub/grub.cfg# Install GRUB to disk (only needed once or after reinstall)sudo grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=ARCH# os-prober (detect other OSes like Windows)sudo pacman -S os-prober# Enable in /etc/default/grub:# GRUB_DISABLE_OS_PROBER=falsesudo grub-mkconfig -o /boot/grub/grub.cfg
pacman Package Manager
What is pacman?
pacman is Arch Linux’s native package manager — fast, simple, and powerful.
Manages packages from the official repositories: core, extra, multilib.
# Hooks run automatically after pacman transactions# System hooks: /usr/share/libalpm/hooks/# Custom hooks: /etc/pacman.d/hooks/# Example: auto-regenerate GRUB after kernel update# /etc/pacman.d/hooks/grub-update.hookcat > /etc/pacman.d/hooks/grub-update.hook << 'EOF'[Trigger]Operation = UpgradeType = PackageTarget = linuxTarget = linux-lts[Action]Description = Updating GRUB config...When = PostTransactionExec = /usr/bin/grub-mkconfig -o /boot/grub/grub.cfgEOF# Example: clear orphan packages hook reminder# Hooks are .hook files in /etc/pacman.d/hooks/
pacman Cache Management
# Install paccache (from pacman-contrib)sudo pacman -S pacman-contrib# Keep only last 3 versions of each packagesudo paccache -r# Keep only last 1 versionsudo paccache -rk1# Remove all cached versions of uninstalled packagessudo paccache -ruk0# Enable paccache timer (weekly cleanup)sudo systemctl enable paccache.timer# Check cache sizedu -sh /var/cache/pacman/pkg/# Nuclear option — remove ALL cache (not recommended)sudo pacman -Scc
Official Repositories
core → essential packages (kernel, glibc, bash, systemd)
extra → everything else (DEs, browsers, dev tools)
multilib → 32-bit libraries (Steam, Wine, cross-compilation)
Testing repos (unstable — not for daily use):
core-testing
extra-testing
multilib-testing
AUR (Arch User Repository)
What is the AUR?
The AUR (Arch User Repository) is a community-driven repository of PKGBUILDs — build scripts that compile and install software not in the official repos.
Contains 90,000+ packages — virtually any Linux software you can think of.
AUR packages are not officially supported — they are user-submitted and user-maintained.
You don’t install from AUR directly — you download a PKGBUILD, build the package locally, then install with pacman.
AUR Flow Diagram
flowchart TD
A[User wants AUR package] --> B[Search AUR\naur.archlinux.org]
B --> C[Find PKGBUILD]
C --> D{Use AUR helper\nor manual?}
D -->|Manual| E[git clone AUR URL]
D -->|yay/paru| F[AUR helper clones\nautomatically]
E --> G[Read PKGBUILD\n⚠️ ALWAYS do this]
F --> G
G --> H{PKGBUILD safe?}
H -->|No| I[Abort — do not install]
H -->|Yes| J[makepkg -si\nbuild + install]
J --> K[Download sources\nfrom upstream]
K --> L[Verify checksums]
L --> M[Compile / prepare package]
M --> N[Create .pkg.tar.zst]
N --> O[pacman -U installs it]
O --> P[Package installed ✓]
Manual AUR Installation
# Install prerequisitessudo pacman -S --needed git base-devel# Clone the AUR packagegit clone https://aur.archlinux.org/package-name.gitcd package-name# READ THE PKGBUILD (important!)cat PKGBUILD# Build and installmakepkg -si# -s = install missing dependencies# -i = install after building# -c = clean up build files after# -r = remove make dependencies after install# Full clean build:makepkg -sirc# Update AUR package (pull latest, rebuild)git pullmakepkg -si
PKGBUILD Explained
# PKGBUILD is a bash script that defines how to build a package# Example PKGBUILD structure:# Maintainer: Your Name <email>pkgname=mypackage # package namepkgver=1.2.3 # versionpkgrel=1 # package release numberepoch=0 # force version ordering (rarely used)pkgdesc="A short description"arch=('x86_64') # supported architecturesurl="https://example.com"license=('MIT')depends=('glibc' 'gtk3') # runtime dependenciesmakedepends=('cmake' 'git') # build-only dependenciesoptdepends=('ffmpeg: video support')provides=('mypackage')conflicts=('mypackage-git')source=("https://example.com/mypackage-${pkgver}.tar.gz")sha256sums=('abc123...') # checksum for source verificationprepare() { cd "$pkgname-$pkgver" patch -p1 < ../fix.patch # apply patches if needed}build() { cd "$pkgname-$pkgver" cmake -B build -S . \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX=/usr cmake --build build}check() { cd "$pkgname-$pkgver" cmake --build build --target test # run tests}package() { cd "$pkgname-$pkgver" DESTDIR="$pkgdir" cmake --install build install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"}
yay — AUR Helper
# Install yaysudo pacman -S --needed git base-develgit clone https://aur.archlinux.org/yay.gitcd yay && makepkg -si# yay commands (mirrors pacman syntax + AUR support)yay -Syu # update system + AUR packagesyay -S package # install from repos or AURyay -Ss keyword # search repos + AURyay -Si package # show package infoyay -R package # remove packageyay -Qm # list AUR/foreign packagesyay -Yc # remove unneeded AUR dependenciesyay --devel -Syu # update VCS packages (git, svn, etc.)# yay configyay --save --answerclean None --answerdiff None # skip promptsyay --gendb # generate development package DB
paru — AUR Helper (Rust-based)
# Install paru (written in Rust — faster than yay)sudo pacman -S --needed git base-develgit clone https://aur.archlinux.org/paru.gitcd paru && makepkg -si# paru commandsparu -Syu # update system + AURparu -S package # install packageparu -Ss keyword # searchparu -Si package # infoparu -R package # removeparu -Gc package # show PKGBUILD comments from AURparu --fm bat # use bat to view PKGBUILDs (pretty)# paru config: /etc/paru.conf or ~/.config/paru/paru.conf# BottomUp = true → show results bottom-up (newest first)# SudoLoop = true → keep sudo alive during long builds# CleanAfter = true → clean build files after install
AUR Helpers Comparison
Helper
Language
Speed
Features
Notes
yay
Go
Fast
Full-featured
Most popular
paru
Rust
Fastest
Full-featured + PKGBUILD review
Recommended
trizen
Perl
Medium
Lightweight
Less maintained
aurman
Python
Medium
Advanced
Discontinued
pikaur
Python
Medium
Parallel builds
Good alternative
aura
Haskell
Fast
Multi-backend
Unique design
Shell & Terminal
Default Shell
Since 2020, Arch Linux’s default shell for new users is zsh (Z Shell).
The root shell remains bash for compatibility.
# Check current shellecho $SHELLchsh -l # list available shellschsh -s /bin/zsh # change shell to zshchsh -s /bin/bash # change back to bash# Install shellssudo pacman -S zsh fish bash# zsh config file: ~/.zshrc# bash config file: ~/.bashrc or ~/.bash_profile
Essential Commands
# ── NAVIGATION ─────────────────────────────────────────────pwd # print working directoryls # list filesls -la # list all files with detailsls -lh # human-readable sizescd /path/to/dir # change directorycd ~ # go to home directorycd - # go to previous directory# ── FILE OPERATIONS ────────────────────────────────────────touch file.txt # create empty filemkdir -p dir/subdir # create directory (with parents)cp src dest # copy filecp -r src/ dest/ # copy directory recursivelymv src dest # move or renamerm file # remove filerm -rf dir/ # remove directory recursively (careful!)ln -s target link # create symbolic link# ── VIEW FILES ─────────────────────────────────────────────cat file # print file contentsless file # paginated view (q to quit)head -n 20 file # first 20 linestail -n 20 file # last 20 linestail -f /var/log/syslog # follow log in real-time# ── SEARCH ─────────────────────────────────────────────────find /path -name "*.conf" # find files by namefind /path -type f -size +100M # find files > 100MBgrep -r "pattern" /path/ # search text in filesgrep -n "pattern" file # show line numbersgrep -i "pattern" file # case-insensitive# ── SYSTEM INFO ────────────────────────────────────────────uname -a # kernel + system infolscpu # CPU infolsmem # memory infolsblk # block deviceslspci # PCI deviceslsusb # USB devicesdf -h # disk usage (human-readable)du -sh /path/ # directory sizefree -h # RAM usagetop / htop # process monitorps aux # list all processes# ── PROCESS MANAGEMENT ─────────────────────────────────────kill PID # send SIGTERM to processkill -9 PID # force kill (SIGKILL)killall processname # kill by namepkill -f pattern # kill by patternbg # send to backgroundfg # bring to foregroundjobs # list background jobsnohup command & # run immune to hangup
# Redirectioncommand > file # stdout to file (overwrite)command >> file # stdout to file (append)command < file # stdin from filecommand 2> error.log # stderr to filecommand 2>&1 # redirect stderr to stdoutcommand &> file # both stdout and stderr to filecommand > /dev/null # discard output# Pipes — chain commandsls -la | grep ".conf" # filter ls outputcat file | sort | uniq # sort and deduplicateps aux | grep firefox # find processjournalctl | tail -50 # last 50 log lines# Process substitutiondiff <(ls dir1) <(ls dir2) # compare directory listings# Here documentcat << EOF > file.txtline 1line 2EOF
Shell Scripting Basics
#!/bin/bash# Shebang line — specifies interpreter# VariablesNAME="Arch"echo "Hello, $NAME"echo "Hello, ${NAME}Linux" # use braces for clarity# User inputread -p "Enter name: " USER_NAME# Conditionalsif [ "$NAME" = "Arch" ]; then echo "It's Arch!"elif [ "$NAME" = "Ubuntu" ]; then echo "It's Ubuntu"else echo "Unknown distro"fi# File testsif [ -f "/etc/pacman.conf" ]; then echo "File exists"; fiif [ -d "/home" ]; then echo "Directory exists"; fiif [ -x "/usr/bin/pacman" ]; then echo "Executable"; fi# Loopsfor pkg in vim git curl wget; do sudo pacman -S --noconfirm "$pkg"donewhile read line; do echo "Line: $line"done < file.txt# Functionsupdate_system() { echo "Updating system..." sudo pacman -Syu --noconfirm echo "Done!"}update_system# Exit codescommand && echo "Success" || echo "Failed"# ArraysPKGS=("vim" "git" "curl")for pkg in "${PKGS[@]}"; do echo "Installing $pkg"done
Useful Terminal Tools
# Install essential terminal toolssudo pacman -S \ bat \ # better cat (syntax highlighting) eza \ # better ls (colors, icons) fd \ # better find ripgrep \ # better grep (rg) fzf \ # fuzzy finder zoxide \ # smarter cd tmux \ # terminal multiplexer neovim \ # modern vim htop \ # interactive process viewer btop \ # beautiful resource monitor ncdu # disk usage analyzer (TUI)# zsh plugins (oh-my-zsh or manual)sudo pacman -S zsh-autosuggestions zsh-syntax-highlighting# Add to ~/.zshrc:# source /usr/share/zsh/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh# source /usr/share/zsh/plugins/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
User & Group Management
Account Types
root → superuser, UID 0, full system access
regular → normal user, limited permissions
system → service accounts (no login), UID < 1000
User Commands
# Create useruseradd -m username # create user with home diruseradd -m -G wheel,audio,video,storage username # with groupsuseradd -m -s /bin/zsh username # with specific shelluseradd -m -u 1001 username # with specific UID# Set/change passwordpasswd username # set password for userpasswd # change your own password# Modify userusermod -aG wheel username # add to wheel groupusermod -aG audio,video username # add to multiple groupsusermod -s /bin/zsh username # change shellusermod -l newname oldname # rename userusermod -d /new/home username # change home directoryusermod -L username # lock accountusermod -U username # unlock account# Delete useruserdel username # delete user (keep home)userdel -r username # delete user + home dir# View user infoid username # UID, GID, groupswhoami # current userwho # logged-in usersw # who + what they're doinglast # login historycat /etc/passwd # all users
Group Commands
# Create groupgroupadd groupnamegroupadd -g 1500 groupname # with specific GID# Modify groupgroupmod -n newname oldname # rename groupgpasswd -a username groupname # add user to groupgpasswd -d username groupname # remove user from group# Delete groupgroupdel groupname# View groupsgroups username # groups for usercat /etc/group # all groupsgetent group groupname # group info# Important groups on Arch:# wheel → sudo access# audio → audio devices# video → video devices# storage → storage devices (USB, etc.)# optical → optical drives# network → network management# docker → Docker daemon access# libvirt → virtualization
wheel Group & sudo
# The wheel group is Arch's admin group (like sudo group on Ubuntu)# Add user to wheelusermod -aG wheel username# Configure sudo via visudo (ALWAYS use visudo, never edit directly)EDITOR=nano visudo# orEDITOR=vim visudo# In /etc/sudoers, uncomment:%wheel ALL=(ALL:ALL) ALL # full sudo with password# OR for passwordless sudo (less secure):%wheel ALL=(ALL:ALL) NOPASSWD: ALL# Allow specific command without password:username ALL=(ALL) NOPASSWD: /usr/bin/pacman# Sudo timeout (default 5 min)Defaults timestamp_timeout=15 # 15 minutesDefaults timestamp_timeout=0 # always ask passwordDefaults timestamp_timeout=-1 # never expire
polkit
# polkit (PolicyKit) — fine-grained privilege management for GUI apps# Allows non-root users to perform privileged actions via rulessudo pacman -S polkit# polkit rules: /etc/polkit-1/rules.d/# Example: allow wheel group to manage systemd without passwordcat > /etc/polkit-1/rules.d/49-nopasswd-wheel.rules << 'EOF'polkit.addRule(function(action, subject) { if (subject.isInGroup("wheel")) { return polkit.Result.YES; }});EOF# Check polkit actionspkaction --verbose --action-id org.freedesktop.systemd1.manage-units
Systemd & Service Management
systemctl — Service Control
# ── SERVICE MANAGEMENT ─────────────────────────────────────sudo systemctl start service # start service nowsudo systemctl stop service # stop servicesudo systemctl restart service # stop + startsudo systemctl reload service # reload config (no restart)sudo systemctl enable service # enable at bootsudo systemctl disable service # disable at bootsudo systemctl enable --now service # enable + start immediatelysudo systemctl disable --now service # disable + stop immediatelysudo systemctl mask service # completely prevent startingsudo systemctl unmask service # undo mask# ── STATUS & INFO ──────────────────────────────────────────systemctl status service # service status + recent logssystemctl is-active service # active/inactivesystemctl is-enabled service # enabled/disabledsystemctl is-failed service # failed/not-failedsystemctl list-units # all active unitssystemctl list-units --failed # failed unitssystemctl list-unit-files # all unit files + statesystemctl list-units --type=service # services onlysystemctl list-timers # all timers# ── SYSTEM STATE ───────────────────────────────────────────sudo systemctl reboot # rebootsudo systemctl poweroff # shutdownsudo systemctl suspend # suspend to RAMsudo systemctl hibernate # suspend to disksudo systemctl rescue # single-user rescue modesudo systemctl emergency # emergency mode# ── TARGETS (runlevels) ────────────────────────────────────systemctl get-default # current default targetsudo systemctl set-default multi-user.target # CLI bootsudo systemctl set-default graphical.target # GUI bootsudo systemctl isolate multi-user.target # switch now# Common targets:# poweroff.target → shutdown# rescue.target → single user# multi-user.target → CLI (runlevel 3)# graphical.target → GUI (runlevel 5)# reboot.target → reboot
journalctl — Log Viewer
# View all logsjournalctl # all logs (oldest first)journalctl -r # reverse (newest first)journalctl -f # follow (like tail -f)journalctl -n 50 # last 50 lines# Filter by servicejournalctl -u nginx # logs for nginxjournalctl -u nginx -f # follow nginx logsjournalctl -u nginx --since today # today's nginx logs# Filter by timejournalctl --since "2024-01-01"journalctl --since "1 hour ago"journalctl --since "09:00" --until "10:00"journalctl --since yesterday# Filter by priorityjournalctl -p err # errors onlyjournalctl -p warning # warnings and above# Priorities: emerg, alert, crit, err, warning, notice, info, debug# Filter by bootjournalctl -b # current bootjournalctl -b -1 # previous bootjournalctl --list-boots # list all boots# Kernel messagesjournalctl -k # kernel messages (dmesg)dmesg # kernel ring bufferdmesg -T # with human-readable timestampsdmesg -l err,warn # errors and warnings only# Disk usagejournalctl --disk-usagesudo journalctl --vacuum-size=500M # keep only 500MB of logssudo journalctl --vacuum-time=2weeks # keep only 2 weeks of logs
# After creating the unit file:sudo systemctl daemon-reload # reload systemd configsudo systemctl enable --now myapp # enable and startsystemctl status myapp # verify it's running
systemd Timers (cron replacement)
# /etc/systemd/system/backup.timer[Unit]Description=Daily Backup Timer[Timer]OnCalendar=dailyPersistent=true # run if missed (e.g., system was off)[Install]WantedBy=timers.target
# Install essential network toolssudo pacman -S iproute2 net-tools bind-tools wget curl# ── IP COMMANDS (modern) ────────────────────────────────────ip addr # show IP addressesip addr show eth0 # specific interfaceip link # show network interfacesip link set eth0 up # bring interface upip link set eth0 down # bring interface downip route # show routing tableip route add default via 192.168.1.1 # add default gatewayip neigh # ARP table# ── SS (socket statistics — replaces netstat) ───────────────ss -tuln # listening TCP/UDP portsss -tulnp # with process namesss -s # summary statisticsss -tp # established TCP connections# ── DNS ────────────────────────────────────────────────────dig archlinux.org # DNS lookupdig +short archlinux.org # just the IPnslookup archlinux.org # alternative DNS lookuphost archlinux.org # simple lookup# ── CONNECTIVITY ───────────────────────────────────────────ping -c 4 archlinux.org # test connectivitytraceroute archlinux.org # trace routemtr archlinux.org # combined ping + traceroutecurl -I https://archlinux.org # HTTP headerswget -q -O- https://example.com # download to stdout
NetworkManager & nmcli
# NetworkManager is the standard network manager on Arch desktopssudo pacman -S networkmanagersudo systemctl enable --now NetworkManager# ── nmcli (CLI for NetworkManager) ─────────────────────────nmcli device status # show all devicesnmcli connection show # show all connectionsnmcli connection show --active # active connections only# WiFinmcli device wifi list # scan for WiFi networksnmcli device wifi connect "SSID" password "password"nmcli device wifi connect "SSID" password "pass" ifname wlan0# Manage connectionsnmcli connection up "connection-name"nmcli connection down "connection-name"nmcli connection delete "connection-name"nmcli connection modify "conn" ipv4.dns "8.8.8.8 1.1.1.1"# Static IPnmcli connection modify "conn" \ ipv4.method manual \ ipv4.addresses "192.168.1.100/24" \ ipv4.gateway "192.168.1.1" \ ipv4.dns "1.1.1.1 8.8.8.8"nmcli connection up "conn"# nmtui — text UI for NetworkManagernmtui
iwd (iNet Wireless Daemon)
# iwd is a lightweight alternative to wpa_supplicant for WiFisudo pacman -S iwdsudo systemctl enable --now iwd# Interactive modeiwctl# Inside iwctl:device list # list wireless devicesstation wlan0 scan # scan for networksstation wlan0 get-networks # show scan resultsstation wlan0 connect "SSID" # connect (prompts for password)station wlan0 show # connection statusknown-networks list # saved networksknown-networks "SSID" forget # remove saved networkexit# Use iwd with NetworkManager (recommended combo)# In /etc/NetworkManager/conf.d/wifi_backend.conf:# [device]# wifi.backend=iwd
# Check if running Wayland or X11echo $XDG_SESSION_TYPE # wayland or x11echo $WAYLAND_DISPLAY # set if Waylandecho $DISPLAY # set if X11# XWayland — run X11 apps on Waylandsudo pacman -S xorg-xwayland# Most Wayland compositors include XWayland support automatically
# Install Lynissudo pacman -S lynis# Run full system auditsudo lynis audit system# Quick scansudo lynis audit system --quick# View reportcat /var/log/lynis-report.dat# Lynis gives a hardening index score (0-100)# Follow suggestions to improve score
# ── WEEKLY TASKS ───────────────────────────────────────────# 1. Full system updatesudo pacman -Syu# or with AUR:yay -Syuparu -Syu# 2. Check for failed servicessystemctl --failed# 3. Check journal for errorsjournalctl -p err -b# 4. Check disk spacedf -hdu -sh /var/cache/pacman/pkg/# ── MONTHLY TASKS ──────────────────────────────────────────# 5. Clean package cache (keep last 3 versions)sudo paccache -r# 6. Remove orphan packagessudo pacman -Rns $(pacman -Qtdq)# If no orphans: pacman -Qtdq returns nothing, command is safe# 7. Update mirrorlistsudo reflector --country India,Singapore --age 12 \ --protocol https --sort rate --save /etc/pacman.d/mirrorlist# 8. Check pacnew/pacsave filessudo find /etc -name "*.pacnew" -o -name "*.pacsave" 2>/dev/null# Review and merge these files manuallysudo pacdiff # interactive diff tool (from pacman-contrib)
Orphan Package Removal
# List orphan packages (installed as deps, no longer needed)pacman -Qtdq# Remove all orphanssudo pacman -Rns $(pacman -Qtdq)# If the above fails (no orphans), it's safe — just means none exist# Safer version:orphans=$(pacman -Qtdq)[ -n "$orphans" ] && sudo pacman -Rns $orphans || echo "No orphans"
Cache Cleaning
# Install pacman-contrib (includes paccache)sudo pacman -S pacman-contrib# Keep last 3 versions of each package (default)sudo paccache -r# Keep last 1 versionsudo paccache -rk1# Remove all cached versions of uninstalled packagessudo paccache -ruk0# Dry run (see what would be removed)sudo paccache -dsudo paccache -dk1# Enable weekly paccache timersudo systemctl enable paccache.timer# AUR build cache cleanup (yay)yay -Sc# paruparu -Sc
pacnew & pacsave Files
# When pacman updates a config file you've modified, it creates:# file.conf.pacnew → new default config (don't overwrite yours)# file.conf.pacsave → backup of your old config# Find all pacnew filessudo find /etc -name "*.pacnew" 2>/dev/nullsudo find /etc -name "*.pacsave" 2>/dev/null# Review and merge with pacdiffsudo pacman -S pacman-contribsudo pacdiff# Or manually diff and merge:diff /etc/ssh/sshd_config /etc/ssh/sshd_config.pacnew# Merge changes, then remove .pacnew:sudo rm /etc/ssh/sshd_config.pacnew
System Backup with rsync
# Install rsyncsudo pacman -S rsync# Basic backup (local)sudo rsync -aAXv --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*",\"/run/*","/mnt/*","/media/*","/lost+found"} / /mnt/backup/# Backup to remote serverrsync -aAXv --delete /home/user/ user@server:/backup/home/# Incremental backup with hard links (space-efficient)rsync -aAXv --link-dest=/backup/latest / /backup/$(date +%Y-%m-%d)/ln -snf /backup/$(date +%Y-%m-%d) /backup/latest# rsync flags explained:# -a = archive (recursive + preserve permissions/timestamps/symlinks)# -A = preserve ACLs# -X = preserve extended attributes# -v = verbose# --delete = remove files in dest not in source
Timeshift (Snapshot Backup)
# Install Timeshift (GUI + CLI snapshot tool)sudo pacman -S timeshift# or from AUR:yay -S timeshift# Timeshift supports:# - rsync snapshots (any filesystem)# - Btrfs snapshots (if using Btrfs)# CLI usagesudo timeshift --create --comments "Before major update"sudo timeshift --listsudo timeshift --restore --snapshot "2024-01-01_12-00-00"sudo timeshift --delete --snapshot "2024-01-01_12-00-00"# For Btrfs users — snapper is also excellent:sudo pacman -S snapper snap-pac# snap-pac creates snapshots automatically on every pacman transaction
# Install downgrade tool (AUR)yay -S downgrade# Downgrade a packagesudo downgrade packagename# Shows list of available versions from cache + archive# Manual downgrade from cachels /var/cache/pacman/pkg/ | grep packagenamesudo pacman -U /var/cache/pacman/pkg/packagename-1.2.3-1-x86_64.pkg.tar.zst# Prevent package from being upgraded (add to IgnorePkg)sudo nano /etc/pacman.conf# IgnorePkg = packagename# IgnorePkg = pkg1 pkg2 pkg3
Arch Wiki
What is the Arch Wiki?
The Arch Wiki (wiki.archlinux.org) is the most comprehensive Linux documentation resource on the internet.
Used by users of all Linux distributions — not just Arch users.
Community-maintained, constantly updated, covers everything from installation to advanced configuration.
How to Use the Arch Wiki Effectively
1. Search directly: wiki.archlinux.org/title/Topic_Name
Example: wiki.archlinux.org/title/GRUB
2. Use the search bar — fuzzy search works well
3. Google trick: "arch wiki topic" — usually top result
4. Read the entire page, not just the first section
- "Tips and tricks" sections are gold
- "Troubleshooting" sections save hours
5. Check "See also" links at the bottom
6. Check the "Talk" page for known issues
7. Note the "Accuracy" or "Out of date" banners
- Still useful but verify commands