fix(ip): eliminate zombie sh processes by replacing popen shell with direct subprocess calls

[Copilot]

_ip_regex_match used popen("ip address || ifconfig 2>/dev/null") which spawns a /bin/sh for every DNS update cycle. In Docker containers with crond as PID 1, these shells accumulate as zombies since crond doesn't reap grandchildren.

Changes

• ddns/ip.py: Replace popen with subprocess.check_output — no shell spawned:
  • Try ["ip", "address"] first; fall back to ["ifconfig"] on OSError/CalledProcessError
  • Windows path unchanged: ["ipconfig"]

# Before — spawns sh each cycle
cmd = "ip address || ifconfig 2>/dev/null"
for s in popen(cmd).readlines():
    ...

# After — no shell, direct exec
cmds = [["ip", "address"], ["ifconfig"]]
for cmd in cmds:
    try:
        output = subprocess.check_output(cmd, universal_newlines=True, stderr=subprocess.PIPE)
        break
    except (OSError, subprocess.CalledProcessError):
        continue

• tests/test_ip.py: Add TestIpRegexMatch covering: ip address called first without shell=True, fallback to ifconfig on failure, no-match returns None, all-fail returns None.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[Bug]: 很多僵尸进程</issue_title>
<issue_description>### Describe the bug (描述问题)

/ddns # top
Mem: 11577476K used, 4572680K free, 358072K shrd, 1326680K buff, 6958356K cached
CPU: 17% usr 2% sys 0% nic 80% idle 0% io 0% irq 0% sirq
Load average: 0.08 0.08 0.09 1/922 56920
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
56920 56914 root R 1640 0% 1 3% top
56914 0 root S 1696 0% 3 0% /bin/sh
1 0 root S 1624 0% 2 0% crond -f
8028 1 root Z 0 0% 3 0% [sh]
3456 1 root Z 0 0% 2 0% [sh]
8106 1 root Z 0 0% 0 0% [sh]
8154 1 root Z 0 0% 0 0% [sh]
8208 1 root Z 0 0% 3 0% [sh]
7986 1 root Z 0 0% 1 0% [sh]
8238 1 root Z 0 0% 2 0% [sh]
8316 1 root Z 0 0% 1 0% [sh]
8352 1 root Z 0 0% 0 0% [sh]
8442 1 root Z 0 0% 2 0% [sh]
8550 1 root Z 0 0% 2 0% [sh]
8082 1 root Z 0 0% 1 0% [sh]
8784 1 root Z 0 0% 0 0% [sh]
9564 1 root Z 0 0% 1 0% [sh]
9942 1 root Z 0 0% 1 0% [sh]
10002 1 root Z 0 0% 0 0% [sh]
10608 1 root Z 0 0% 2 0% [sh]
10686 1 root Z 0 0% 2 0% [sh]
10854 1 root Z 0 0% 2 0% [sh]
11844 1 root Z 0 0% 1 0% [sh]
11910 1 root Z 0 0% 2 0% [sh]
8214 1 root Z 0 0% 2 0% [sh]
12144 1 root Z 0 0% 0 0% [sh]
12294 1 root Z 0 0% 3 0% [sh]
12384 1 root Z 0 0% 3 0% [sh]
13116 1 root Z 0 0% 1 0% [sh]
13536 1 root Z 0 0% 0 0% [sh]
13866 1 root Z 0 0% 0 0% [sh]
14010 1 root Z 0 0% 1 0% [sh]
14082 1 root Z 0 0% 0 0% [sh]
14478 1 root Z 0 0% 0 0% [sh]
14646 1 root Z 0 0% 1 0% [sh]
14712 1 root Z 0 0% 0 0% [sh]
14826 1 root Z 0 0% 2 0% [sh]
14988 1 root Z 0 0% 2 0% [sh]
15000 1 root Z 0 0% 2 0% [sh]
15030 1 root Z 0 0% 2 0% [sh]
8580 1 root Z 0 0% 2 0% [sh]
15090 1 root Z 0 0% 2 0% [sh]
15120 1 root Z 0 0% 1 0% [sh]
15144 1 root Z 0 0% 2 0% [sh]
15150 1 root Z 0 0% 2 0% [sh]
15192 1 root Z 0 0% 2 0% [sh]
15408 1 root Z 0 0% 0 0% [sh]
15426 1 root Z 0 0% 3 0% [sh]
15450 1 root Z 0 0% 2 0% [sh]
15648 1 root Z 0 0% 1 0% [sh]

OS Version (操作系统版本)

debian12

Run Type (运行方式)

Docker

DDNS Version (版本)

docker exec ddns ddns --version v4.1.3 (2025-11-18T09:58:50Z) Python-3.8.20 default (Sep 12 2024 21:14:32) Linux-6.1.0-35-amd64 x86_64 ('64bit', '') nuitka_version(major=2, minor=8, micro=5, releaselevel='release', containing_dir='/bin', standalone=True, onefile=True, macos_bundle_mode=False, no_asserts=True, no_docstrings=True, no_annotations=True, module=False, main='main', original_argv0='ddns')

Related Issues (相关问题)

No response

Steps to Reproduce (复现步骤)

docker exec ddns /bin/
top

Configuration (配置)

ddns:
    image: newfuture/ddns:v4.1.3
    container_name: ddns
    restart: always
    environment:
      - TZ=Asia/Shanghai
      - DDNS_DNS=alidns
      - DDNS_ID=**********
      - DDNS_TOKEN=*********
      - DDNS_IPV6=********
      - DDNS_INDEX6=regex:2409.*
    network_mode: "host"

Debug Output (调试输出)

no error

Additional Context (补充说明)

No response</issue_description>

<agent_instructions>2) 减少/避免 ip.py 里额外的 shell
将 ip.py 的 cmd = "ip address || ifconfig 2>/dev/null" 改成：

优先尝试 ip address（无 shell），失败再尝试 ifconfig（无 shell）
用 subprocess.check_output(["ip","address"], text=True) 这种形式
这样能显著减少 sh 子进程数量，也能绕开 popen 在某些环境下的回收/close 细节问题。</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes [Bug]: 很多僵尸进程 #677

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[Copilot]

Pull request overview

This pull request eliminates zombie /bin/sh processes that accumulate in Docker containers when crond is used as PID 1. The issue was caused by popen("ip address || ifconfig 2>/dev/null") spawning shell processes for every DNS update cycle, which crond cannot reap as grandchildren.

Changes:

• Replaced popen shell execution with direct subprocess.check_output calls using command arrays
• Implemented try-first-then-fallback pattern: attempts ip address first, falls back to ifconfig on failure
• Added comprehensive unit tests covering success, fallback, and edge cases

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
ddns/ip.py	Replaced popen with subprocess.check_output in _ip_regex_match, using command arrays instead of shell strings to avoid spawning /bin/sh processes
tests/test_ip.py	Added TestIpRegexMatch test class with 5 test cases covering command execution without shell, fallback behavior, and error handling