From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Sun, 16 Jun 2019 02:36:23 +0200
Subject: [PATCH] gnu: dstat: Skip devices without I/O.

Taken verbatim from a pull request[0] that will never be merged.

[0]: https://github.com/dagwieers/dstat/pull/164

From 0988589ea4ee092b285bd4049d56add5f61e3f69 Mon Sep 17 00:00:00 2001
From: Tobias Gruetzmacher <tobias-git@23.gs>
Date: Fri, 15 Feb 2019 18:46:57 +0100
Subject: [PATCH] Skip devices without I/O

Linux 4.18+ has added more fields to the diskstats proc file, so the
original skip condition for devices without I/O didn't apply anymore.
---
 dstat | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dstat b/dstat
index 9359965..5c2fb53 100755
--- a/dstat
+++ b/dstat
@@ -763,7 +763,7 @@ class dstat_disk(dstat):
         ret = []
         for l in self.splitlines():
             if len(l) < 13: continue
-            if l[3:] == ['0',] * 11: continue
+            if l[3:] == ['0',] * (len(l) - 3): continue
             name = l[2]
             ret.append(name)
         for item in objlist: ret.append(item)
1da89a5fc518dd96d2430fe1749041d29'>refs</a><a class='active' href='/guix/log/nix/libutil'>log</a><a href='/guix/tree/nix/libutil?id=c5c7def1da89a5fc518dd96d2430fe1749041d29'>tree</a><a href='/guix/commit/nix/libutil?id=c5c7def1da89a5fc518dd96d2430fe1749041d29'>commit</a><a href='/guix/diff/nix/libutil?id=c5c7def1da89a5fc518dd96d2430fe1749041d29'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/nix/libutil'>
<input type='hidden' name='id' value='c5c7def1da89a5fc518dd96d2430fe1749041d29'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=c5c7def1da89a5fc518dd96d2430fe1749041d29'>root</a>/<a href='/guix/log/nix?id=c5c7def1da89a5fc518dd96d2430fe1749041d29'>nix</a>/<a href='/guix/log/nix/libutil?id=c5c7def1da89a5fc518dd96d2430fe1749041d29'>libutil</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/nix/libutil?id=c5c7def1da89a5fc518dd96d2430fe1749041d29&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2024-05-13 16:31:34 +0200'>2024-05-13</span></td><td><a href='/guix/commit/nix/libutil?id=7757fdd491862fa5c33f1f894503346b89898a01'>daemon: Loop over ‘copy_file_range’ upon short writes.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://issues.guix.gnu.org/70877&gt;.

* nix/libutil/util.cc (copyFile): Loop over ‘copy_file_range’ instead of
throwing upon short write.

Reported-by: Ricardo Wurmus &lt;rekado@elephly.net&gt;
Change-Id: Id7b8a65ea59006c2d91bc23732309a68665b9ca0
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-03-12 14:07:28 +0100'>2024-03-12</span></td><td><a href='/guix/commit/nix/libutil?id=ff1251de0bc327ec478fc66a562430fbf35aef42'>daemon: Address shortcoming in previous security fix for CVE-2024-27297.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.

Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
ways: (1) it didn’t have any effet for fixed-output derivations
performed in a chroot, which is the case for all of them except those
using “builtin:download” and “builtin:git-download”, and (2) it did not
preserve ownership when copying, leading to “suspicious ownership or
permission […] rejecting this build output” errors.

* nix/libstore/build.cc (DerivationGoal::buildDone): Account for
‘chrootRootDir’ when copying ‘drv.outputs’.
* nix/libutil/util.cc (copyFileRecursively): Add ‘fchown’ and ‘fchownat’
calls to preserve file ownership; this is necessary for chrooted
fixed-output derivation builds.
* nix/libutil/util.hh: Update comment.

Change-Id: Ib59f040e98fed59d1af81d724b874b592cbef156
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-03-11 22:12:34 +0100'>2024-03-11</span></td><td><a href='/guix/commit/nix/libutil?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143'>daemon: Protect against FD escape when building fixed-output derivations (CVE...</a><span class='msg-avail'>...<span class='msg-tooltip'>This fixes a security issue (CVE-2024-27297) whereby a fixed-output
derivation build process could open a writable file descriptor to its
output, send it to some outside process for instance over an abstract
AF_UNIX socket, which would then allow said process to modify the file
in the store after it has been marked as “valid”.

Vulnerability discovered by puck &lt;https://github.com/puckipedia&gt;.

Nix security advisory:
https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37

Nix fix:
https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9

* nix/libutil/util.cc (readDirectory): Add variants that take a DIR* and
a file descriptor.  Rewrite the ‘Path’ variant accordingly.
(copyFile, copyFileRecursively): New functions.
* nix/libutil/util.hh (copyFileRecursively): New declaration.
* nix/libstore/build.cc (DerivationGoal::buildDone): When ‘fixedOutput’
is true, call ‘copyFileRecursively’ followed by ‘rename’ on each output.

Change-Id: I7952d41093eed26e123e38c14a4c1424be1ce1c4

Reported-by: Picnoir &lt;picnoir@alternativebit.fr&gt;, Théophane Hufschmitt &lt;theophane.hufschmitt@tweag.io&gt;
Change-Id: Idb5f2757f35af86b032a9851cecb19b70227bd88
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2023-01-09 17:40:54 +0100'>2023-01-09</span></td><td><a href='/guix/commit/nix/libutil?id=407175a1d0e29f45639e7f28a531b3981cd20085'>daemon: Improve error message for wrong hash sizes.</a><span class='msg-avail'>...<span class='msg-tooltip'>* nix/libutil/hash.cc (parseHash): Show the hash algorithm name and
expected size in the error message.
* tests/derivations.scm ("fixed-output derivation, invalid hash size"):
New test.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-12-18 01:16:47 +0100'>2022-12-18</span></td><td><a href='/guix/commit/nix/libutil?id=2d4d26769d6a3be1b21302b0bb2bd099fd55ccf8'>daemon: Make "opening file" error messages distinguishable.</a><span class='msg-avail'>...<span class='msg-tooltip'>* nix/libstore/build.cc (DerivationGoal::openLogFile): Customize
"opening file" error message.
* nix/libutil/hash.cc (hashFile): Likewise.
* nix/libutil/util.cc (readFile, writeFile): Likewise.
</span></span></td><td>Ludovic Courtès</td></tr>
it/tests/guix-refresh.sh?id=ebcb5c8e120b39a3dd07c27bc17d520ee653ec23'>tests: Do not try to create "$HOME/.config".</a><span class='msg-avail'>...<span class='msg-tooltip'>Previously this test would fail when HOME=/homeless-shelter and said
directory cannot be created.

* tests/guix-refresh.sh: Pass '--keyring' together with '-u'.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2023-01-08 16:11:45 +0100'>2023-01-08</span></td><td><a href='/guix/commit/tests/guix-refresh.sh?id=04f247be81dcb5296ecab776f735bb615a1039d3'>refresh: Add CLI tests.</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/import/test.scm, tests/guix-refresh.sh: New files.
* Makefile.am (MODULES, SH_TESTS): Add them.
</span></span></td><td>Ludovic Courtès</td></tr>