diff --git a/core/agent_daemon.sh b/core/agent_daemon.sh index 1914210..336e10e 100755 --- a/core/agent_daemon.sh +++ b/core/agent_daemon.sh @@ -310,27 +310,26 @@ class AgentHandler(http.server.BaseHTTPRequestHandler): self.wfile.write(b"403 Forbidden: OTA Disabled\n") return - # 1. 精确斩断 HTTP 请求:声明长度并主动 Close,让 curl 瞬间拿回执退出 (0毫秒延迟) - resp_msg = b"Action Accepted: trigger_upgrade\n" + # 1. 物理隔离:生成外挂延时升级脚本,彻底斩断进程血缘 + ota_script = '/tmp/ip_sentinel_ota.sh' + with open(ota_script, 'w') as f: + f.write("#!/bin/bash\n") + f.write("sleep 3\n") + f.write("export SILENT_OTA=true\n") + f.write("curl -sL https://raw.githubusercontent.com/hotyue/IP-Sentinel/main/core/install.sh | bash\n") + os.chmod(ota_script, 0o755) + + # 2. 独立拉起该脚本 (瞬间返回,不阻塞网络) + os.system(f"nohup {ota_script} >/dev/null 2>&1 &") + + # 3. 安全挂断电话,将成功回执秒发给 Master self.send_response(200) self.send_header("Content-type", "text/plain") - self.send_header("Content-Length", str(len(resp_msg))) - self.send_header("Connection", "close") self.end_headers() - self.wfile.write(resp_msg) + self.wfile.write(b"Action Accepted: trigger_upgrade\n") - # 2. 真正的 Unix 级金蝉脱壳术 - # close_fds=True 是绝对核心:彻底禁止子进程继承网络套接字,根除死锁! - cmd = "sleep 2 && export SILENT_OTA=true && curl -sL https://raw.githubusercontent.com/hotyue/IP-Sentinel/main/core/install.sh | bash" - subprocess.Popen(["bash", "-c", cmd], - start_new_session=True, - close_fds=True, - stdout=subprocess.DEVNULL, - stderr=subprocess.DEVNULL) - except Exception as e: - self.send_response(500) - self.end_headers() + pass # ================== [v3.6.0 新增: 模块动态启停接口] ================== elif req_path == '/trigger_toggle':