Pacnew files - some common-sense advice

So you just got a shiny new something.pacnew file.

You get these when a system file has been modified from the upstream default. If the file has been modified, it is assumed (and rightly so) that there’s a reason it was modified, and so instead of overwriting the file with the upstream defaults a .pacnew file is created.

Here’s some common-sense advice:

Before doing anything, make a backup copy of both the original file and the pacnew file. So, using passwd as an example, you’d have 2 copies: passwd.bak and passwd.pacnew.bak (you could use a different extension other than .bak if you like).

Now you’ve got an untouched, original copy of both files. If something goes wrong, you can replace the file you borked with the copy of the original file, and start all over again from a clean slate.

As to merging the files - don’t automate it by hitting a “merge” button in some application. Look at what the changes are, think about what these changes are, and then make the necessary changes yourself.

If a file contains passwords, or user accounts, the pacnew file obviously won’t have those - upstream doesn’t know what your username is, or what your passwords are. Blindly overwriting something like passwd or shadow is recipe for disaster. But if you made a backup of the original file, you can easily recover.

So, please - make a backup copy before changing a system file.


So i just got one of those pacnew for passwd and i did nothing with it as i have no idea what is changed. This is what’s in the file:


That is exactly what changed.

The old file has the line:

You want to replace that line with the one in the pacnew:

It ain’t rocket science.

But that looks the same to me. What am i missing?

Compare the two files. Compare passwd with passwd.pacnew.

Okay … I thought i did but I’ll check again.

Oh, sorry, I see I had put the wrong line in my previous post. i corrected it.

The difference is:




Yes i see now and exactly what does the change mean. It’s using the bash file from /usr/bin/ instead of /bin/bash.

They changed the path. It’s more in line with what it should be. You should make the change.

1 Like

Thanks… I have limited experience with some things like these and normally i wouldn’t use pacdiff just because I’m not that familiar with using it so i tend to make the changes manually with a text editor.

That’s fine, but using pacdiff to at least view the files side by side is not a bad idea. Then you can manually apply any changes with whatever method you’re most familiar with.

1 Like

You can use pwck to make sure there are no syntax errors or duplicate entries in you passwd file after you edit it.

For example:

sudo pwck /etc/passwd


sudo pwck -q /etc/passwd

There’s also vipw which is to passwd as visudo is to sudoers files, if you’re familiar with visudo (and you should be).


Nothing returns on either command so i guess it’s okay? Yes I’m a somewhat familiar with visudo using it when installing Arch but that’s about it.

Yes, it will only return errors.

1 Like

Where does the command pwck come from? It’s not a pkg i take it?

Here is my question on this whole bash thing. For right now, /bin/bash still exists. But are they going to eventually eliminate /bin/bash and go with only /usr/bin/bash.

I ask because should I go through all my ARM scripts and change




to prepare for this?


I think it’s provided by shadow. Check for yourself with pacman -F.

It might affect something in the future, as that path will be expected.


You mean like this?

[ricklinux@asus-tuff ~]$ sudo pacman -Fy pwck
[sudo] password for ricklinux: 
:: Synchronizing package databases...
 endeavouros                           141.3 KiB   625 KiB/s 00:00 [------------------------------------] 100%
 core                                 1060.4 KiB  1354 KiB/s 00:01 [------------------------------------] 100%
 extra                                  39.0 MiB  6.83 MiB/s 00:06 [------------------------------------] 100%
 multilib                              209.2 KiB   528 KiB/s 00:00 [------------------------------------] 100%
core/shadow 4.14.3-1 [installed]
extra/bash-completion 2.11-3 [installed]
[ricklinux@asus-tuff ~]$ 

Yes, I mean like that.