fix(master): 回滚污染拦截策略,对 install_master.sh 使用子进程独立文件流执行,彻底解决拉取代码卡死及输入串行问题,原版逻辑 100% 无损分拆

This commit is contained in:
hotyue
2026-06-03 03:19:08 +00:00
parent 2e2e81abd3
commit 25c5ad259b
3 changed files with 54 additions and 50 deletions

View File

@@ -1,9 +1,19 @@
#!/bin/bash
# ==========================================================
# 脚本名称: install_master.sh (v4.3.0 Bootstrapper)
# 核心功能: Master 中枢极简引导入口。创建沙盒、拉取模块并启动编排器
# 脚本名称: install_master.sh (v4.3.0 终极模块化引导入口)
# 核心功能: 极简引导入口。包含 Ctrl+C 优雅中断,采用物理文件执行规避管道污染
# ==========================================================
# [中断防护] 捕获 Ctrl+C 并执行优雅清理
cleanup_and_exit() {
echo -e "\n\n\033[33m⚠ 检测到中断信号 (Ctrl+C),安装操作已被手动中止。\033[0m"
echo -e "🧹 正在清理临时沙盒文件..."
rm -rf "$SECURE_TMP" 2>/dev/null
exit 1
}
trap cleanup_and_exit INT QUIT TERM
trap 'rm -rf "$SECURE_TMP" 2>/dev/null' EXIT HUP
if [ "$EUID" -ne 0 ]; then
echo -e "\033[31m❌ 权限被拒绝: 部署 IP-Sentinel 需要最高系统权限。\033[0m"
echo -e "💡 请切换到 root 用户 (执行 su root 或 sudo -i) 后重新运行指令。"
@@ -11,12 +21,11 @@ if [ "$EUID" -ne 0 ]; then
fi
SECURE_TMP=$(mktemp -d /tmp/ips_master_install.XXXXXX)
trap 'rm -rf "$SECURE_TMP"' EXIT HUP INT QUIT TERM
REPO_RAW_URL="https://raw.githubusercontent.com/hotyue/IP-Sentinel/feature/v4.3.0-modular"
echo -e "\n⏳ 正在拉取 IP-Sentinel Master v4.3.0 安装引擎..."
# 仅拉取编排大管家
curl -fsSL --connect-timeout 10 --retry 3 "${REPO_RAW_URL}/install/build_master.sh" -o "${SECURE_TMP}/build_master.sh"
if [ ! -s "${SECURE_TMP}/build_master.sh" ]; then
@@ -27,7 +36,10 @@ fi
export SECURE_TMP
export REPO_RAW_URL
# 【核心解法】不再使用 exec 劫持或 source 嵌套
# 直接以子进程物理文件方式运行,这样终端交互 (TTY) 将自然纯净,毫无污染
chmod +x "${SECURE_TMP}/build_master.sh"
source "${SECURE_TMP}/build_master.sh"
bash "${SECURE_TMP}/build_master.sh"
exit 0
# 透传子进程的退出状态码
exit $?