Hello, I started writing a script last week, but I think I'm pretty bad at this. IMO, it's ugly, long, complicated, slow and unsafe. I'm sending it not for usage, but since I don't see any progress, I thought maybe you could pick some ideas for writing a better one :) Now a little description of what it does : it takes the list of NoUpgrade config in /etc/pacman.conf . If it doesn't find any, it takes the default list in pacman2. It then builds the list of packages owning these files, and stores the result temporary in /tmp/backup/ It then checks if the package are available in the cache (/var/cache/pacman/pkg), if not, it tries to download them. If it's still can't download it, it'll just use a fake md5sum (0^32) for the config files in this package. Then, for each package, it'll go look at the md5sum of its config files in /var/lib/pacman/local , and compare them with the md5sum from the original package. If they are different, it's wrong, and was most certainly caused by NoUpgrade. If this file was indeed in the NoUpgrade array, and additionally the md5sum stored in the local database is the same than the md5sum of the config in the filesystem, then everything confirms that it's wrong, and the script is happy. Note : there are already 2 places where root is needed, just for checking : for downloading the missing packages, and for reading the config files in the filesystem only readable by root, like /etc/shadow. I used sudo for these 2 lines. It would then also be needed for actually correcting the md5sum.