internal/router/merlin: hardening pre-run condition

The postconf script added by ctrld requires all of these conditions to work correctly: - /proc, /tmp were mounted. - dnsmasq is running. Currently, ctrld is only waiting for NTP ready, which may not ensure both of those conditions are true. Explicitly checking those conditions is a safer approach.
2026-02-03 22:18:39 +00:00 · 2023-11-21 21:34:50 +07:00
parent 17f6d7a77b
commit 28ec1869fc
1 changed files with 27 additions and 4 deletions
--- a/internal/router/merlin/merlin.go
+++ b/internal/router/merlin/merlin.go
@@ -6,6 +6,7 @@ import (
 	"os"
 	"os/exec"
 	"strings"
+	"time"
 	"unicode"

 	"github.com/kardianos/service"
@@ -44,8 +45,24 @@ func (m *Merlin) Uninstall(_ *service.Config) error {
 }

 func (m *Merlin) PreRun() error {
+	// Wait NTP ready.
 	_ = m.Cleanup()
-	return ntp.WaitNvram()
+	if err := ntp.WaitNvram(); err != nil {
+		return err
+	}
+	// Wait until directories mounted.
+	for _, dir := range []string{"/tmp", "/proc"} {
+		waitDirExists(dir)
+	}
+	// Wait dnsmasq started.
+	for {
+		out, _ := exec.Command("pidof", "dnsmasq").CombinedOutput()
+		if len(bytes.TrimSpace(out)) > 0 {
+			break
+		}
+		time.Sleep(time.Second)
+	}
+	return nil
 }

 func (m *Merlin) Setup() error {
@@ -56,9 +73,6 @@ func (m *Merlin) Setup() error {
 	if val, _ := nvram.Run("get", nvram.CtrldSetupKey); val == "1" {
 		return nil
 	}
-	if _, err := nvram.Run("set", nvram.CtrldSetupKey+"=1"); err != nil {
-		return err
-	}
 	buf, err := os.ReadFile(dnsmasq.MerlinPostConfPath)
 	// Already setup.
 	if bytes.Contains(buf, []byte(dnsmasq.MerlinPostConfMarker)) {
@@ -140,3 +154,12 @@ func merlinParsePostConf(buf []byte) []byte {
 	}
 	return buf
 }
+
+func waitDirExists(dir string) {
+	for {
+		if _, err := os.Stat(dir); !os.IsNotExist(err) {
+			return
+		}
+		time.Sleep(time.Second)
+	}
+}