-
加我微信
加我QQ
标签云
asm 恢复 asm恢复 bbed bootstrap$ dul In Memory kcbzib_kcrsds_1 kccpb_sanity_check_2 kfed MySQL恢复 ORA-00312 ORA-00607 ORA-00704 ORA-01110 ORA-01555 ORA-01578 ORA-08103 ORA-600 2662 ORA-600 2663 ORA-600 3020 ORA-600 4000 ORA-600 4137 ORA-600 4193 ORA-600 4194 ORA-600 16703 ORA-600 kcbzib_kcrsds_1 ORA-600 KCLCHKBLK_4 ORA-15042 ORA-15196 ORACLE 12C oracle dul ORACLE PATCH Oracle Recovery Tools oracle加密恢复 oracle勒索 oracle勒索恢复 oracle异常恢复 ORACLE恢复 Oracle 恢复 ORACLE数据库恢复 oracle 比特币 OSD-04016 YOUR FILES ARE ENCRYPTED 勒索恢复 比特币加密文章分类
- Others (2)
- 中间件 (2)
- WebLogic (2)
- 操作系统 (100)
- 数据库 (1,598)
- DB2 (22)
- MySQL (70)
- Oracle (1,463)
- Data Guard (49)
- EXADATA (7)
- GoldenGate (21)
- ORA-xxxxx (158)
- ORACLE 12C (72)
- ORACLE 18C (6)
- ORACLE 19C (13)
- ORACLE 21C (3)
- Oracle ASM (65)
- Oracle Bug (7)
- Oracle RAC (47)
- Oracle 安全 (6)
- Oracle 开发 (27)
- Oracle 监听 (27)
- Oracle备份恢复 (530)
- Oracle安装升级 (84)
- Oracle性能优化 (62)
- 专题索引 (5)
- 勒索恢复 (75)
- PostgreSQL (18)
- PostgreSQL恢复 (6)
- SQL Server (27)
- SQL Server恢复 (8)
- TimesTen (7)
- 达梦数据库 (2)
- 生活娱乐 (2)
- 至理名言 (11)
- 虚拟化 (2)
- VMware (2)
- 软件开发 (36)
- Asp.Net (9)
- JavaScript (12)
- PHP (2)
- 小工具 (19)
-
最近发表
- PostgreSQL解析wal日志之—walminer
- Oracle 19c/21c最新patch信息-202404
- PostgreSQL恢复系列:pg_filedump批量处理
- PostgreSQL部分主要字典信息
- PostgreSQL恢复系列:pg_filedump恢复字典构造
- PostgreSQL 16 源码安装
- ORA-00742 ORA-00312 恢复
- 数据库open成功后报ORA-00353 ORA-00354错误引起的一系列问题(本质ntfs文件系统异常)
- ORA-600 ktsiseginfo1故障
- ORA-00600: internal error code, arguments: [16703], [1403], [4] 原因
- 最近遇到几起ORA-600 16703故障(tab$被清空),请引起重视
- ORA-600 2662快速恢复之Patch scn工具
- TNS-12518: TNS:listener could not hand off client connection
- ora.storage无法启动报ORA-12514故障处理
- 断电引起文件scn异常数据库恢复
- ORA-16188: LOG_ARCHIVE_CONFIG settings inconsistent with previously started instance
- .[hudsonL@cock.li].mkp勒索加密数据库完美恢复
- 模拟带库实现rman远程备份
- 又一例:ORA-600 kclchkblk_4和2662故障
- Oracle误删除数据文件恢复
月归档:三月 2019
非归档数据库异常恢复一例
由于存储故障,数据库为非归档模式,通过Oracle数据库异常恢复检查脚本(Oracle Database Recovery Check)收集信息确认数据库redo异常
Thu Mar 28 11:36:13 2019
ALTER DATABASE RECOVER CONTINUE DEFAULT
Media Recovery Log /u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397869_%u_.arc
Thu Mar 28 11:36:13 2019
Errors with log /u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397869_%u_.arc
Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_pr00_17611.trc:
ORA-00308:cannot open archived log
'/u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397869_%u_.arc'
ORA-27037: unable to obtain file status
Linux-x86_64 Error: 2: No such file or directory
Additional information: 3
ORA-308 signalled during: ALTER DATABASE RECOVER CONTINUE DEFAULT ...
ALTER DATABASE RECOVER CONTINUE DEFAULT
Media Recovery Log /u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397869_%u_.arc
Errors with log /u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397869_%u_.arc
Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_pr00_17611.trc:
ORA-00308:cannot open archived log
'/u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397869_%u_.arc'
ORA-27037: unable to obtain file status
Linux-x86_64 Error: 2: No such file or directory
Additional information: 3
ORA-308 signalled during: ALTER DATABASE RECOVER CONTINUE DEFAULT ...
Thu Mar 28 11:38:44 2019
ALTER DATABASE RECOVER datafile 5,6
Media Recovery Start
Serial Media Recovery started
Recovery of Online Redo Log: Thread 1 Group 3 Seq 5397870 Reading mem 0
Mem# 0: /u01/app/oracle/oradata/orcl/redo03.log
ORA-279 signalled during: ALTER DATABASE RECOVER datafile 5,6 ...
Thu Mar 28 11:39:08 2019
ALTER DATABASE RECOVER CONTINUE DEFAULT
Media Recovery Log /u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397870_%u_.arc
Errors with log /u01/app/oracle/flash_recovery_area/ORCL/archivelog/2019_03_28/o1_mf_1_5397870_%u_.arc
ORA-308 signalled during: ALTER DATABASE RECOVER CONTINUE DEFAULT ...
ALTER DATABASE RECOVER CANCEL
Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_ora_17605.trc (incident=365041):
ORA-00600: internal error code, arguments: [3051], [82], [], [], [], [], [], [], [], [], [], []
ORA-600 signalled during: ALTER DATABASE RECOVER CANCEL ...
通过屏蔽一致性,强制打开库,报kgegpa错误,实例启动失败
Database Characterset is ZHS16GBK No Resource Manager plan active Exception[type:SIGSEGV, Address not mapped to object][ADDR:0x319C0CF3] [PC:0x2297740, kgegpa()+40] [flags: 0x0, count:1] Exception[type:SIGSEGV, Address not mapped to object][ADDR:0x319C0CF3] [PC:0x229596B, kgebse()+279][flags: 0x2, count:2] Exception[type:SIGSEGV, Address not mapped to object][ADDR:0x319C0CF3] [PC:0x229596B, kgebse()+279][flags: 0x2, count:2] Thu Mar 28 11:43:15 2019 PMON (ospid: 17939): terminating the instance due to error 397 Instance terminated by PMON, pid = 17939
处理上述错误相关undo,启动数据库报ORA-00600 4193,ORA-00600 4137, ORA-00600 6006
Thu Mar 28 11:50:37 2019 Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_p001_18267.trc (incident=373059): ORA-00600: internal error code, arguments: [6006], [1], [], [], [], [], [], [], [], [], [], [] Incident details in: /u01/app/oracle/diag/rdbms/orcl/orcl/incident/incdir_373059/orcl_p001_18267_i373059.trc Stopping background process MMON Trace dumping is performing id=[cdmp_20190328115038] Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_smon_18247.trc (incident=372995): ORA-00600: internal error code, arguments: [6006], [1], [], [], [], [], [], [], [], [], [], [] Incident details in: /u01/app/oracle/diag/rdbms/orcl/orcl/incident/incdir_372995/orcl_smon_18247_i372995.trc Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_smon_18247.trc (incident=372996): ORA-00600: internal error code, arguments: [4137], [34.22.4206895], [0], [0], [], [], [], [], [], [], [], [] Incident details in: /u01/app/oracle/diag/rdbms/orcl/orcl/incident/incdir_372996/orcl_smon_18247_i372996.trc Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_ora_18263.trc (incident=373044): ORA-00600: internal error code, arguments: [4193], [], [], [], [], [], [], [], [], [], [], [] Incident details in: /u01/app/oracle/diag/rdbms/orcl/orcl/incident/incdir_373044/orcl_ora_18263_i373044.trc ORACLE Instance orcl (pid = 16) - Error 600 encountered while recovering transaction (34, 22). Errors in file /u01/app/oracle/diag/rdbms/orcl/orcl/trace/orcl_smon_18247.trc: ORA-00600: internal error code, arguments: [4137], [34.22.4206895], [0], [0], [], [], [], [], [], [], [], []
通过重建undo,相关报错消失,安排数据导出重建库
ORA-00322 ORA-00312恢复
数据库启动ORA-00322 ORA-00312错误,无法正常启动
Fri Mar 29 17:44:20 2019 ALTER DATABASE RECOVER datafile 1 Media Recovery Start Serial Media Recovery started Media Recovery failed with error 19909 ORA-283 signalled during: ALTER DATABASE RECOVER datafile 1 ... Fri Mar 29 17:44:20 2019 Errors in file c:\app\administrator\diag\rdbms\xff\xff\trace\xff_m000_5392.trc: ORA-00322: log 1 of thread 1 is not current copy ORA-00312: online log 1 thread 1: 'D:\APP\ADMINISTRATOR\ORADATA\xff\REDO01.LOG' Errors in file c:\app\administrator\diag\rdbms\xff\xff\trace\xff_m000_5392.trc: ORA-00322: log 2 of thread 1 is not current copy ORA-00312: online log 2 thread 1: 'D:\APP\ADMINISTRATOR\ORADATA\xff\REDO02.LOG' Errors in file c:\app\administrator\diag\rdbms\xff\xff\trace\xff_m000_5392.trc: ORA-00322: log 3 of thread 1 is not current copy ORA-00312: online log 3 thread 1: 'D:\APP\ADMINISTRATOR\ORADATA\xff\REDO03.LOG'
人工指定redo应用,报ORA-00600 3051错误
Fri Mar 29 17:56:33 2019 ALTER DATABASE RECOVER datafile 1 Media Recovery Start Serial Media Recovery started Recovery of Online Redo Log: Thread 1 Group 2 Seq 27542 Reading mem 0 Mem# 0: D:\XIFENFEI\REDO02.LOG ORA-279 signalled during: ALTER DATABASE RECOVER datafile 1 ... Fri Mar 29 17:56:49 2019 ALTER DATABASE RECOVER LOGFILE 'D:\xifenfei\REDO02.log' Media Recovery Log D:\xifenfei\REDO02.log Errors with log D:\xifenfei\REDO02.log ORA-363 signalled during: ALTER DATABASE RECOVER LOGFILE 'D:\xifenfei\REDO02.log' ... ALTER DATABASE RECOVER CANCEL Errors in file c:\app\administrator\diag\rdbms\xff\xff\trace\xff_ora_8532.trc (incident=147928): ORA-00600: ??????, ??: [3051], [82], [], [], [], [], [], [], [], [], [], [] Incident details in: c:\app\administrator\diag\rdbms\xff\xff\incident\incdir_147928\xff_ora_8532_i147928.trc
比较明显redo无法正常应用,通过屏蔽数据库一致性,强制拉库
Recovery of Online Redo Log: Thread 1 Group 1 Seq 1 Reading mem 0 Mem# 0: D:\XIFENFEI\REDO01.LOG Block recovery stopped at EOT rba 1.76.16 Block recovery completed at rba 1.76.16, scn 0.1073742057 Doing block recovery for file 3 block 272 Resuming block recovery (PMON) for file 3 block 272 Block recovery from logseq 1, block 72 to scn 1073742051 Recovery of Online Redo Log: Thread 1 Group 1 Seq 1 Reading mem 0 Mem# 0: D:\XIFENFEI\REDO01.LOG Block recovery completed at rba 1.72.16, scn 0.1073742052 Errors in file c:\app\administrator\diag\rdbms\xff\xff\trace\xff_smon_5144.trc: ORA-01595: error freeing extent (16) of rollback segment (10)) ORA-00600: internal error code, arguments: [4194], [], [], [], [], [], [], [], [], [], [], [] Fri Mar 29 17:59:12 2019 Errors in file c:\app\administrator\diag\rdbms\xff\xff\trace\xff_mmon_13928.trc (incident=149097): ORA-00600: internal error code, arguments: [4194], [], [], [], [], [], [], [], [], [], [], [] Incident details in: c:\app\administrator\diag\rdbms\xff\xff\incident\incdir_149097\xff_mmon_13928_i149097.trc Fri Mar 29 17:59:12 2019 Trace dumping is performing id=[cdmp_20190329175912] Completed: alter database open resetlogs
通过重建undo,数据库open正常,安排导出数据导入数据,恢复完成
利用VNCR修复CVE-2012-1675漏洞
随着对安全的重视,TNS Listener远程数据投毒漏洞(CVE-2012-1675)被很多单位要求进行整改,而且级别是高危
如果是11.2.0.4之前版本,特别是在rac环境中,如果要整改该问题相对比较麻烦,需要通过配置Oracle wallet来实现,配置比较复杂,而且还要重启实例,影响比较大,具体参考:Using Class of Secure Transport (COST) to Restrict Instance Registration in Oracle RAC (Doc ID 1340831.1),对于单机环境直接参考以前文章:Oracle Database Server ‘TNS Listener’远程数据投毒漏洞(CVE-2012-1675)的解决方案.从11.2.0.4开始Oracle引入了Valid Node Checking For Registration (VNCR)新特性,可以通过简单的配置即可完成该漏洞修复
在listener.ora文件中增加(grid/oracle用户)
VALID_NODE_CHECKING_REGISTRATION_LISTENER=ON VALID_NODE_CHECKING_REGISTRATION_LISTENER_SCAN1=ON REGISTRATION_INVITED_NODES_LISTENER_SCAN1=(hisdb1,hisdb2)
重启监听
LSNRCTL>set current_listener listener_name LSNRCTL>stop LSNRCTL>start
验证是否生效
1.在远程机器尝试远程注册
alter system set remote_listener='(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.115.15)(PORT=1521))' scope=memory;
2.观察监听日志
类似这样证明已经生效.
补充说明
VALID_NODE_CHECKING_REGISTRATION_listener_name Values: OFF/0 - Disable VNCR//禁用VNCR,此功能不会对注册过来的service进行check; ON/1/LOCAL - The default. Enable VNCR. All local machine IPs can register. 启用VNCR,默认只允许本机的所有IP的服务注册到本监听,可通过REGISTRATION_INVITED_NODES参数添加其他有必要的服务器; SUBNET/2 - All machines in the subnet are allowed registration.//指定子网内的服务器可以注册过来 REGISTRATION_INVITED_NODES_listener-name 控制允许链接过来的节点,可以通过IP地址/主机名/网段来指定 Values are valid IPs, valid hosts, a subnet using CIDR notation (for ip4/6), or wildcard (*) for ipv4. For example:REGISTRATION_INVITED_NODES_Listener=(net-vm1, 127.98.45.209, 127.42.5.*) Note that when an INVITED list is set, it will automatically include the machine's local IP in the list. There is no need to include it. --11.2.0.4和12c不一样之处 在12.1 RAC数据库上,listener的参数VALID_NODE_CHECKING_REGISTRATION_listener_name默认设置为SUBNET / 2, 即子网中的所有计算机都允许注册.所以12c默认不能解决CVE-2012-1675漏洞
参考文档
Valid Node Checking For Registration (VNCR) (Doc ID 1600630.1)
How to Enable VNCR on RAC Database to Register only Local Instances (Doc ID 1914282.1)