From 34f2c7e123f6393600f348f6a1c6adbed9fb244d Mon Sep 17 00:00:00 2001
From: hotyue <52734432+hotyue@users.noreply.github.com>
Date: Mon, 20 Apr 2026 17:13:48 +0000
Subject: [PATCH] =?UTF-8?q?fix(core):=20=E5=BC=95=E5=85=A5=20systemd-run?=
 =?UTF-8?q?=20=E9=80=83=E9=80=B8=E6=9C=BA=E5=88=B6=EF=BC=8C=E5=BD=BB?=
 =?UTF-8?q?=E5=BA=95=E4=BF=AE=E5=A4=8D=20OTA=20=E5=8D=87=E7=BA=A7=E6=97=B6?=
 =?UTF-8?q?=E5=9B=A0=E5=AD=90=E8=BF=9B=E7=A8=8B=E8=A2=AB=20Cgroup=20?=
 =?UTF-8?q?=E8=AF=AF=E6=9D=80=E5=AF=BC=E8=87=B4=E7=9A=84=E5=81=87=E6=AD=BB?=
 =?UTF-8?q?=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/agent_daemon.sh | 15 +++++++++++----
 master/tg_master.sh  |  8 +++++++-
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/core/agent_daemon.sh b/core/agent_daemon.sh
index f2b3a64..1094ba2 100755
--- a/core/agent_daemon.sh
+++ b/core/agent_daemon.sh
@@ -375,10 +375,17 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
                 self.wfile.write(b"Action Accepted: trigger_ota\n")
                 
                 # 挂起异步升级进程 (注入 SILENT_OTA 旁路变量跳过所有 read -p 交互)
-                # 注意：这里我们写死拉取 dev-v3.6.0 分支的安装脚本进行覆盖测试，未来正式版上线时会改回 main
-                repo_url = "https://raw.githubusercontent.com/hotyue/IP-Sentinel/dev-v3.6.0"
-                ota_cmd = f"export SILENT_OTA='true'; curl -sL {repo_url}/core/install.sh | bash > /opt/ip_sentinel/logs/ota_upgrade.log 2>&1 &"
-                subprocess.Popen(['bash', '-c', ota_cmd])
+                import shutil
+                repo_url = "https://raw.githubusercontent.com/hotyue/IP-Sentinel/main"
+                ota_cmd = f"export SILENT_OTA='true'; curl -sL {repo_url}/core/install.sh | bash > /opt/ip_sentinel/logs/ota_upgrade.log 2>&1"
+                
+                # [修复] 逃逸 Systemd Cgroup，防止 Agent 在升级时被同归于尽机制误杀
+                if shutil.which("systemd-run"):
+                    full_cmd = f"systemd-run --quiet --no-block bash -c \"{ota_cmd}\""
+                else:
+                    full_cmd = f"nohup bash -c \"{ota_cmd}\" &"
+                    
+                subprocess.Popen(full_cmd, shell=True)
                 
             except Exception as e:
                 self.send_response(500)
diff --git a/master/tg_master.sh b/master/tg_master.sh
index 06d9390..d15911d 100755
--- a/master/tg_master.sh
+++ b/master/tg_master.sh
@@ -267,7 +267,13 @@ while true; do
                     # 抛出幽灵进程进行脱壳升级，传递静默变量与回执 ID
                     export SILENT_MASTER_OTA="true"
                     export OTA_CHAT_ID="$CHAT_ID"
-                    nohup bash /tmp/install_master.sh >/dev/null 2>&1 & disown
+                    
+                    # [修复] 逃逸 Systemd Cgroup，防止被同归于尽机制误杀
+                    if command -v systemd-run >/dev/null 2>&1; then
+                        systemd-run --quiet --no-block /bin/bash /tmp/install_master.sh
+                    else
+                        nohup bash /tmp/install_master.sh >/dev/null 2>&1 & disown
+                    fi
                     
                     # 当前旧进程休眠并等待被幽灵进程处决
                     sleep 10