Arch Linux 14 min read

The Essential Toolchain for Arch & EndeavourOS

Adrian Kuczyński
Senior Security Developer
The Essential Toolchain for Arch & EndeavourOS

You’ve finally ditched the training wheels and made the leap to Arch Linux—or its pragmatic, time-saving cousin, EndeavourOS (because we both know you want to ship production-ready code this weekend, not spend forty-eight hours troubleshooting legacy Wi-Fi drivers).

Now, you’re staring at a blinking prompt on a naked TTY. What's next?

Unlike Ubuntu, macOS, or Fedora, Arch refuses to hold your hand. It tosses you the keys to a barebones, high-performance engine, smiles, and walks away. For a senior developer, security researcher, or systems architect, this unopinionated, raw control isn't terrifying—it’s the entire point. It’s glorious. You get to build a tailored environment where every running daemon, every byte of RAM, and every kernel parameter is there solely because you authorized it.

But let’s be real: raw computing power is a massive, volatile liability without the right tooling to harness it. Without a bulletproof foundation, you are always just one bad system update away from an unbootable machine.

I’ve bricked enough boot partitions in the trenches to know what actually matters when your livelihood depends on your local uptime. We aren't here to talk about r/unixporn aesthetic gimmicks or obscure terminal rice that looks cool in screenshots but breaks under heavy compiler load. We are focusing purely on the mission-critical utilities you will reach for every single day to prevent kernel panics, strip away system friction, and transform your naked OS into a hardened, high-leverage local workstation.

Let’s load out your machine with the ultimate survival gear. First up, we need to address the absolute lifeblood of the Arch ecosystem—the undisputed champion of package management that will completely change how you handle dependency resolution.

Package Management: Mastering the Pacman Engine

On Arch, your package manager isn't just a utility—it is the engine of your operating system. pacman is blisteringly fast because it bypasses overhead and handles raw tarball archives directly. However, that speed comes with a trade-off: it expects you to drive with precision.

1. System Maintenance and the Cardinal Sin

To keep your rolling-release environment stable, you must synchronize your local package databases and upgrade your entire system in a single, atomic operation:

sudo pacman -Syu

The Golden Rule: Never, under any circumstances, run pacman -Sy to install a package without upgrading the system. This triggers a partial upgrade state. Arch does not support partial upgrades. Because packages are dynamically linked against the latest shared libraries, mismatched versions will cause ABI breakages, execution faults, and a broken system. Always sync and upgrade (-Syu) together.

To install new software securely:

sudo pacman -S git neovim tmux

2. Surgical Package Removal

A stock pacman -R command behaves like a blunt instrument, leaving orphaned system dependencies scattered across your disk. To cleanly strip a application, its local configuration adjustments, and all of its unused dependencies, run:

sudo pacman -Rns firefox

  • -R: Initiates the removal process.

  • -n: Purges backup and configuration files.

  • -s: Recursively targets and prunes orphan dependencies no longer needed by other tools.

3. Auditing and Inspecting System State

For compliance, security audits, or debugging local environments, you need to query the system state. Use these key diagnostic parameters:

  • Discover remote packages:

``bash pacman -Ss ripdrag ``

  • Inventory every package on the host:

``bash pacman -Q ``

  • Inspect metadata and origin details for an installed binary:

``bash pacman -Qi neovim ``

  • Map physical files back to their parent packages:

``bash pacman -Ql neovim ``

4. Managing the Cache (Before It Fills Your Drive)

By default, pacman never purges its package download cache (/var/cache/pacman/pkg/). This is a deliberate design choice: keeping older package versions locally ensures you can instantly roll back a broken package upgrade offline.

The downside? Left unchecked, this directory will consume your root partition.

Avoid pacman -Sc—it wipes out all cached historical archives, leaving you zero rollback options if a dependency breaks. Instead, safely trim your storage footprint using paccache (bundled in the pacman-contrib package):

# Keep only the last 3 versions of each package in cache
sudo paccache -r

Now that your core system engine is clean, updated, and optimized, you aren't limited to the official repositories. Let's head into Arch's most powerful asset: the massive, community-driven universe of the AUR.

AUR Helpers — Accessing the Arch User Repository

The AUR is Arch's killer feature — community-maintained build scripts for virtually any Linux software. pacman doesn't touch the AUR, so you need a helper.

yay (Yet Another Yogurt) is the most popular:

# Install yay (first time, from the AUR manually)
sudo pacman -S --needed git base-devel
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si

# Now use yay just like pacman
yay -S google-chrome

# Update everything — official repos AND AUR packages
yay -Syu

# Search both official repos and AUR
yay -Ss obsidian

paru is a solid alternative written in Rust:

# Install paru
sudo pacman -S --needed git base-devel
git clone https://aur.archlinux.org/paru.git
cd paru
makepkg -si

# Same workflow
paru -S discord
paru -Syu

A critical warning: Always read the PKGBUILD before installing AUR packages. The AUR is community-maintained — anyone can upload anything. yay and paru will show you the build files. Take 30 seconds to skim them for anything suspicious.

# yay shows the PKGBUILD by default before building
# paru does the same — press 'v' to view files
paru -S some-unknown-package

Service Management with systemctl

Arch uses systemd for service management. You'll need this for networking, bluetooth, audio, and virtually every background process.

Essential commands:

# Check if a service is running
systemctl status bluetooth

# Start a service immediately
sudo systemctl start bluetooth

# Enable a service to start at boot
sudo systemctl enable bluetooth

# Enable AND start (the combo you'll use most)
sudo systemctl enable --now bluetooth

# Stop and disable a service
sudo systemctl disable --now cups

# List all running services
systemctl list-units --type=service --state=running

# List failed services (invaluable for debugging)
systemctl --failed

Common services new users need to enable:

# Networking (if using NetworkManager)
sudo systemctl enable --now NetworkManager

# Bluetooth
sudo systemctl enable --now bluetooth

# Firewall
sudo systemctl enable --now firewalld

# Sound (PipeWire — the modern default)
systemctl --user enable --now pipewire pipewire-pulse wireplumber

Notice the --user flag on PipeWire — some services run per-user, not system-wide. User services are managed without sudo.

System Logs with journalctl

When something breaks (and it will), journalctl is your primary diagnostic tool.

The commands you'll actually use:

# See all logs from this boot
journalctl -b

# See logs from the previous boot (after a crash)
journalctl -b -1

# Follow logs in real-time (like tail -f)
journalctl -f

# Filter logs for a specific service
journalctl -u NetworkManager

# Filter by time range
journalctl --since "2024-01-15" --until "2024-01-16"
journalctl --since "1 hour ago"

# Show only errors and worse
journalctl -p err

# Kernel messages only (hardware issues)
journalctl -k

A practical debugging example — WiFi not connecting:

journalctl -u NetworkManager --since "10 minutes ago" -f
# Now try connecting — watch the logs reveal what's failing

Hardware Detection & Management

lspci, lsusb, and lshw

You need to know what hardware you have before you can configure it.

# List all PCI devices (GPU, network card, etc.)
lspci

# Filter for your GPU
lspci | grep -i vga

# List USB devices
lsusb

# Detailed hardware report (install with sudo pacman -S lshw)
sudo lshw -short

lsblk — Disk and Partition Overview

# Clean overview of all storage devices
lsblk

# Output looks like:
# NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
# sda      8:0    0 465.8G  0 disk
# ├─sda1   8:1    0   512M  0 part /boot
# ├─sda2   8:2    0    32G  0 part [SWAP]
# └─sda3   8:3    0 433.3G  0 part /

# With filesystem info
lsblk -f

This is infinitely more readable than fdisk -l for quick checks.

Network Management with nmcli

NetworkManager is the standard on both Arch and EndeavourOS. While you can use nmtui (a curses-based UI), knowing nmcli is faster for most tasks.

# List available WiFi networks
nmcli device wifi list

# Connect to a WiFi network
nmcli device wifi connect "MyNetwork" password "MyPassword"

# List all connections
nmcli connection show

# Disconnect
nmcli device disconnect wlan0

# Check general status
nmcli general status

# For those who prefer a TUI interface
nmtui

Wired connections usually "just work" — NetworkManager auto-configures DHCP. WiFi is where you'll need these commands, especially if you're setting up a headless machine.

Kernel Management

Arch gives you kernel choices, and EndeavourOS makes switching painless.

# See your current kernel
uname -r

# Install the LTS kernel (more stable, recommended for new users)
sudo pacman -S linux-lts linux-lts-headers

# Install the Zen kernel (optimized for desktop performance)
sudo pacman -S linux-zen linux-zen-headers

EndeavourOS users have it easier:

# EndeavourOS's kernel manager
sudo eos-kernel-manager

After installing a new kernel, update your bootloader:

# For GRUB
sudo grub-mkconfig -o /boot/grub/grub.cfg

# For systemd-boot (common on UEFI Arch installs)
sudo bootctl update

Why this matters: If a kernel update breaks something (rare but possible), booting into linux-lts gives you a known-working fallback. Always keep a spare kernel installed.

Mirror Management with reflector

Slow downloads? Your mirror list is probably bad. reflector fixes this.

# Install it
sudo pacman -S reflector

# Rate the 200 most recently synced mirrors, sort by speed, save top 20
sudo reflector --latest 200 --sort rate --save /etc/pacman.d/mirrorlist --protocol https --number 20

# Country-specific (dramatically faster)
sudo reflector --country "United States" --latest 50 --sort rate --save /etc/pacman.d/mirrorlist --protocol https --number 10

Automate it on EndeavourOS:

sudo systemctl enable --now reflector.timer

This runs reflector weekly, keeping your mirror list fast automatically.

Snapshots & Backups: Your Safety Net

Timeshift (For Ext4/Btrfs Systems)

If you mess up your system — and you will — Timeshift lets you roll back to a working state.

# Install
sudo pacman -S timeshift

# Set up (GUI or CLI)
sudo timeshift-gtk

For Btrfs users, Timeshift supports native snapshots that are instant and take zero additional space (until files change). This is the single best reason to choose Btrfs over ext4 during installation.

Btrfs Snapshots Directly

# Create a snapshot
sudo btrfs subvolume snapshot / /snapshots/root-$(date +%Y%m%d)

# List snapshots
sudo btrfs subvolume list /

# Rollback by booting into a snapshot and promoting it

EndeavourOS's installer offers Btrfs with automatic snapshot support via snapper — say yes to this option.

System Monitoring

btop — The Modern System Monitor

sudo pacman -S btop
btop

It gives you CPU, memory, disk, network, and process info in a beautiful terminal UI. Press q to quit.

fastfetch — The Neofetch Successor

sudo pacman -S fastfetch
fastfetch

Yes, it's mostly for showing off in screenshots. But it also gives you a quick overview of your system: kernel version, DE, WM, shell, and uptime at a glance.

The Text Editor Question

You'll edit config files constantly. Pick one and learn the basics.

nano — Start Here

# Open a file
nano /etc/pacman.conf

# Save: Ctrl+O, then Enter
# Exit: Ctrl+X
# Search: Ctrl+W

vim — Graduate Here

sudo pacman -S vim
vim ~/.bashrc

# Press i to enter insert mode
# Press Esc to return to normal mode
# Type :wq to save and quit
# Type :q! to quit without saving

Even if you use nano daily, learn enough vim to edit files on servers where nano isn't installed. Vim is available everywhere.

Firewall Setup

# Install firewalld
sudo pacman -S firewalld
sudo systemctl enable --now firewalld

# Check status
sudo firewall-cmd --state

# List open ports/services
sudo firewall-cmd --list-all

# Open a port (e.g., for SSH)
sudo firewall-cmd --add-service=ssh --permanent
sudo firewall-cmd --reload

# Open a specific port
sudo firewall-cmd --add-port=8080/tcp --permanent
sudo firewall-cmd --reload

The --permanent flag is crucial — without it, your rule disappears on reboot. Always follow with --reload.

The Arch Wiki: The Most Important "Tool"

This isn't a command, but it's the resource that makes Arch viable for new users. The Arch Wiki is universally considered the best Linux documentation in existence.

# Install the offline wiki (yes, really)
yay -S arch-wiki-docs

# Browse it
arch-wiki-docs

Or just bookmark wiki.archlinux.org. When you have a problem, search the Arch Wiki first. The solutions work for Arch, EndeavourOS, and honestly most other distros too.

A Quick Reference Cheat Sheet

Task

Command

Update system

sudo pacman -Syu

Update system + AUR

yay -Syu

Install package

sudo pacman -S package

Remove package + deps

sudo pacman -Rns package

Search packages

pacman -Ss keyword

Check service status

systemctl status service

Enable service

sudo systemctl enable --now service

View logs

journalctl -u service -f

List hardware

lspci / lsusb / lsblk

Connect WiFi

nmcli device wifi connect "SSID" password "pass"

Check current kernel

uname -r

Optimize mirrors

sudo reflector --country "US" --latest 20 --sort rate --save /etc/pacman.d/mirrorlist

Edit config file

nano /path/to/file

Monitor system

btop

Let’s be honest: the tools we just covered aren’t exotic dark magic. They are your high-throughput production toolkit.

Within a week, you’ll be slinging pacman transactions with zero hesitation, wielding systemctl to aggressively isolate rogue services, and treating journalctl -xef as your ultimate source of truth when a local container or system daemon silently chokes on startup. That AUR helper? It’s your relief valve—the difference between wasting two hours compiling edge-case security tools from source and deploying them in seconds. And those filesystem snapshots? Think of them as your automated rollback strategy right before you pull down a massive kernel upgrade or experiment with volatile driver configurations.

Yes, the initial learning curve has teeth. But here is the secret of the Arch ecosystem: the friction is entirely finite.

Give it two weeks. These commands will migrate from a sticky note on your monitor straight into your muscle memory. That is the exact inflection point where Arch stops being an operating system you have to manage and starts functioning as a highly optimized compiler for your workflow. You stop fighting default desktop environments, telemetry-heavy background daemons, and pre-packaged bloat. Instead, you command an architecture you understand down to the bare metal—a level of absolute control and visibility that developers on "simpler" platforms rarely get to experience.

So run that system update, customize your configurations, and don't be afraid to break things just to see how they fit back together. Welcome to the machine. You are going to absolutely love it here.

Discussion

Read Next

06 Jun 2026

Python Course Part 10: The Capstone Project

This is the one we've been building toward. Across nine posts you've collected every piece you need; now we assemble them into a single tool you'd actually keep around.

 06 Jun 2026

Python Course Part 9: Quality Control — Testing & Type Hints

There's a line every project eventually crosses — the one that separates a script (works on my machine, today, if I squint) from software (works reliably, survives refactors, can be changed without fear). Two habits get you across that line: type hints and automated tests.