Hello everyone 
After lurking here for a while and several different trial runs in VirtualBox, I’ve installed EndeavourOS (Cinnamon DE) on bare metal and I’m loving it 
I used the user_pkglist.txt function, and added the Chaotic AUR repo to make installation swift and easy.
I’ve run both openSUSE Tumbleweed and Manjaro in the past, and so far I think I’ll be OK with the rolling nature of Arch/Endeavour, although the pacnew/pacsave thing does perplex me 
Why?
It was exactly the same on Manjaro too, you just haven’t noticed it 
P.S. Welcome!
It’s been 4 years since I last used Manjaro, and I don’t remember having to deal with any 
Thank you 
(again 
)
Oh, they just didn’t nicely tell you about it like we do.
This mechanism exist in all Arch / Arch based distros, that’s how we roll…you can choose to ignore it, but some day it might just backfire, like in those rare times when syntax of some config files might change or important defaults will get pushed upstream and wasn’t auto-merged, because .pacnew asks user nicely if you want to keep your own (or distro) edits to that file.
That’s the bit that worries me. I’ll come here and ask if I’m not sure what to do.
Just in case you haven’t come across this (or anyone else for that matter looking in here) :
A .pacnew file may be created during a package upgrade (
pacman -Syu,pacman -Suorpacman -U) to avoid overwriting a file which already exists and was previously modified by the user. When this happens, a message like the following will appear in the output of pacman:
warning: /etc/pam.d/usermod installed as /etc/pam.d/usermod.pacnewA .pacsave file may be created during a package removal (
pacman -R), or by a package upgrade (the package must be removed first). When the pacman database has a record that a certain file owned by the package should be backed up, it will create a .pacsave file. When this happens pacman outputs a message like the following:
warning: /etc/pam.d/usermod saved as /etc/pam.d/usermod.pacsaveThese files require manual intervention from the user and it is good practice to handle them right after every package upgrade or removal. If left unhandled, improper configurations can result in improper function of the software or the software being unable to run altogether.
Welcome!
Interesting about Chaotic. What was missing from the AUR that you need from Chaotic,??
Cinnamon is awesome.
That’s a bad idea, in my opinion. Of course, it’s your system, you’re free to do whatever you want with it, but I would urge you to get a good understanding of what is going on with packages on Arch, lest you happen to become a victim of malware due to ignorance or negligence.
A good article to read:
A hypothetical scenario illustrating the dangers of the Chaotic-AUR:
Nothing is missing from the AUR that is in Chaotic. The only benefit Chaotic brings is not having to build the packages yourself locally, because the build process is automated on some server. The packages are sourced from the AUR – at least in theory, they are the same PKGBUILDS. The problem with the automated build process is that it is, well, automatic, meaning it lacks human oversight making it susceptible to abuse by malicious actors. Those malicious actors could be the maintainers of the repo, but, given how Chaotic works, it is far more likely that it would be some random person online, since anyone can upload PKGBUILDS to the AUR.
Using the AUR without understanding Arch Linux Package Management and how makepkg works is a huge liability in itself. Combine that with a 3rd party repo that is fully automated, and you’ve got a disaster just waiting to happen.
Hello Benedict!
By your accumulated experience, I know your going to enjoy very much this fantastic free Software for many months and years 
Have the best of good times and squeeze the most out of your computing machinery with EndeavourOS !
I’ll be reading about your adventures and hardware experience
Take care 
Thank you. I had read through that section of the Arch wiki, but I’ve bookmarked your post for future reference 
Thank you for your advice and the links. While I was trying EndeavourOS in virtual machines I did delve into how ‘makepkg’ works. Until a few days ago, the AUR package of qdirstat had not been updated to the new 1.9 version. Looking at the structure of the makepkg file, reading the Arch wiki, and web searches enabled me to edit the file and build the 1.9 version myself. That success led to the answer to this question:
My laptop is 11 years old, and qdirstat (& some other AUR packages) take ages to build 
Having lurked on the Garuda forum and explored the issues at https://github.com/chaotic-aur/ I am (for the moment) comfortable with adding the Chaotic AUR. I note the current security issues with Snaps, that not all Flatpaks are built by the developer of the application, and having used Ubuntu based distros for many years the need to be careful about PPAs. One should always be wary about third party packages. I have also installed a few packages directly from the AUR, in addition to those in the Chaotic AUR.
I have automated rsync to take hourly backups of my /home to a second drive (and regularly take backups from there to other drives), and have installation notes, so if disaster strikes and my system is unrecoverable, I can get up and running again quickly.
I’ll keep the Chaotic AUR under review.
Thank you! It is indeed 
Note that many AUR packages have also a *-bin version of the package, so you don’t need to build everything yourself.
Unfortunately the AUR package qdirstat-bin has not been updated to the latest, but fixing its PKGBUILD should not be too challenging.
Thank you @manuel
My reading of the PKGBUILD for qdirstat-bin is that it sources the bin files from here which does not have a v1.9 file available yet. Please correct me if I am wrong.
You’re correct. It is currently on version 1.8 though it has been flagged out of date (over a month ago, unfortunately).
That would be wise. Using the regular AUR itself is already security risk if the user doesn’t bother to read through the PKGBUILDs themselves and verify the urls that it will be pulling from.
How long does it usually take to build on your laptop?
In general, if build time is a concern, the easiest approach is to just use the bin versions; however, you did mention in one of your posts that the bin version of the package you’re interested in is outdated, in which case I’d like to point out a couple of things.
The first is whether you actually need the latest and shiniest version. If the answer is no, then you should just wait for the bin version to be updated on the AUR.
Now, assuming that you do need to use the latest version and your current machine isn’t powerful enough to build the package within a satisfactory time frame, then you have to find a way to build the package on another machine. One way I can think of is to build the package on a more powerful machine and then put the built package on a custom repo. After that, (assuming you’ve created the custom repo properly and made the needed modifications to /etc/pacman.conf) just install the package with sudo pacman -Syu like it’s a normal package.
The answer is of course “no” if need is in the question, but getting hold of the shiny new things was one of the motivations for switching to EndeavourOS.
Unfortunately I don’t currently have access to a more powerful machine 
How long does it usually take to build qdirstat?
If it’s an old laptop, I’d be more concerned about thermal issues rather than build time tbh. If the build takes a while, just leave it to build and go do something else. On the other hand, the machine can really heat up during compilation. If the cooling system of the laptop sucks and thermal throttling fails for some reason, the machine will just shut down to prevent overheating. Bye bye build progress.
Yes, there is that, although you have to be not too long away to miss the password request timeout. The fans are noticeable but not full on, so I think my laptop would be OK.
I’ve got everything installed and working now, so I’ll look at this again the next time there’s a qdirstat update.