fix(core): [v3.6.0] 彻底重构 OTA 升级调度,引入外挂延时脚本实现 100% 的网络脱壳与静默重启
This commit is contained in:
hotyue
@@ -310,27 +310,26 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
|
||||
self.wfile.write(b"403 Forbidden: OTA Disabled\n")
|
||||
return
|
||||
|
||||
# 1. 精确斩断 HTTP 请求:声明长度并主动 Close,让 curl 瞬间拿回执退出 (0毫秒延迟)
|
||||
resp_msg = b"Action Accepted: trigger_upgrade\n"
|
||||
# 1. 物理隔离:生成外挂延时升级脚本,彻底斩断进程血缘
|
||||
ota_script = '/tmp/ip_sentinel_ota.sh'
|
||||
with open(ota_script, 'w') as f:
|
||||
f.write("#!/bin/bash\n")
|
||||
f.write("sleep 3\n")
|
||||
f.write("export SILENT_OTA=true\n")
|
||||
f.write("curl -sL https://raw.githubusercontent.com/hotyue/IP-Sentinel/main/core/install.sh | bash\n")
|
||||
os.chmod(ota_script, 0o755)
|
||||
|
||||
# 2. 独立拉起该脚本 (瞬间返回,不阻塞网络)
|
||||
os.system(f"nohup {ota_script} >/dev/null 2>&1 &")
|
||||
|
||||
# 3. 安全挂断电话,将成功回执秒发给 Master
|
||||
self.send_response(200)
|
||||
self.send_header("Content-type", "text/plain")
|
||||
self.send_header("Content-Length", str(len(resp_msg)))
|
||||
self.send_header("Connection", "close")
|
||||
self.end_headers()
|
||||
self.wfile.write(resp_msg)
|
||||
self.wfile.write(b"Action Accepted: trigger_upgrade\n")
|
||||
|
||||
# 2. 真正的 Unix 级金蝉脱壳术
|
||||
# close_fds=True 是绝对核心:彻底禁止子进程继承网络套接字,根除死锁!
|
||||
cmd = "sleep 2 && export SILENT_OTA=true && curl -sL https://raw.githubusercontent.com/hotyue/IP-Sentinel/main/core/install.sh | bash"
|
||||
subprocess.Popen(["bash", "-c", cmd],
|
||||
start_new_session=True,
|
||||
close_fds=True,
|
||||
stdout=subprocess.DEVNULL,
|
||||
stderr=subprocess.DEVNULL)
|
||||
|
||||
except Exception as e:
|
||||
self.send_response(500)
|
||||
self.end_headers()
|
||||
pass
|
||||
|
||||
# ================== [v3.6.0 新增: 模块动态启停接口] ==================
|
||||
elif req_path == '/trigger_toggle':
|
||||
|
||||
Reference in New Issue
Block a user