GithubBackup/IP-Sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(core): [v3.6.0] 彻底重构 OTA 升级调度,引入外挂延时脚本实现 100% 的网络脱壳与静默重启

Browse Source
This commit is contained in:
hotyue
2026-04-17 02:09:05 +00:00
parent 2d580eaea2
commit 8a3d7c305b
1 changed files with 15 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
core/agent_daemon.sh
View File

@@ -310,27 +310,26 @@ class AgentHandler(http.server.BaseHTTPRequestHandler):
self.wfile.write(b"403 Forbidden: OTA Disabled\n") self.wfile.write(b"403 Forbidden: OTA Disabled\n")
return return
# 1. 精确斩断 HTTP 请求:声明长度并主动 Close让 curl 瞬间拿回执退出 (0毫秒延迟) # 1. 物理隔离:生成外挂延时升级脚本,彻底斩断进程血缘
resp_msg = b"Action Accepted: trigger_upgrade\n" ota_script = '/tmp/ip_sentinel_ota.sh'
with open(ota_script, 'w') as f:
f.write("#!/bin/bash\n")
f.write("sleep 3\n")
f.write("export SILENT_OTA=true\n")
f.write("curl -sL https://raw.githubusercontent.com/hotyue/IP-Sentinel/main/core/install.sh | bash\n")
os.chmod(ota_script, 0o755)
# 2. 独立拉起该脚本 (瞬间返回,不阻塞网络)
os.system(f"nohup {ota_script} >/dev/null 2>&1 &")
# 3. 安全挂断电话,将成功回执秒发给 Master
self.send_response(200) self.send_response(200)
self.send_header("Content-type", "text/plain") self.send_header("Content-type", "text/plain")
self.send_header("Content-Length", str(len(resp_msg)))
self.send_header("Connection", "close")
self.end_headers() self.end_headers()
self.wfile.write(resp_msg) self.wfile.write(b"Action Accepted: trigger_upgrade\n")
# 2. 真正的 Unix 级金蝉脱壳术
# close_fds=True 是绝对核心:彻底禁止子进程继承网络套接字,根除死锁!
cmd = "sleep 2 && export SILENT_OTA=true && curl -sL https://raw.githubusercontent.com/hotyue/IP-Sentinel/main/core/install.sh | bash"
subprocess.Popen(["bash", "-c", cmd],
start_new_session=True,
close_fds=True,
stdout=subprocess.DEVNULL,
stderr=subprocess.DEVNULL)
except Exception as e: except Exception as e:
self.send_response(500) pass
self.end_headers()
# ================== [v3.6.0 新增: 模块动态启停接口] ================== # ================== [v3.6.0 新增: 模块动态启停接口] ==================
elif req_path == '/trigger_toggle': elif req_path == '/trigger_toggle':