关于我们
技术分享
技术分享
漏洞修复系列 -- Oracle11.2.04单实例打补丁操作
漏洞修复系列 -- Oracle11.2.04单实例打补丁操作
2019-06-05
Oracle 11.2.0.4 单实例打补丁操作
1. 简单介绍
Oracle补丁一般分为2类:CPU和PSU
CPU: Critical Patch Update,紧急补丁更新。每季度发布一次,用来修复安全方面的累积型补丁,即最新的CPU补丁已经包含以往的CPU补丁,只需安装最新的CPU补丁即可。CPU已更名为SPU(Security Patch Update)。
PSU: Patch Set Update,补丁集更新。Oracle选取在每个季度用户下载数量最多、且得到验证具有较低风险的补丁放入到每个季度的PSU中。在每个PSU中不但包含Bug的修复,还包含了最新的CPU。PSU通常随CPU一起发布。PSU通常是增量的,大部分PSU可以直接安装,但有些PSU必须要求安装上一个版本的PSU之后才能继续安装。
2. 演示环境
| 类别 | 说明 |
|---|---|
| IP | 10.0.100.129 |
| 操作系统 | CentOS 6.9 X86_64 |
| Oracle软件安装包 | p13390677_112040_Linux-x86-64_1of7.zip |
| Oracle软件安装包 | p13390677_112040_Linux-x86-64_2of7.zip |
| Oracle 版本 | 11.2.0.4.0 |
| OPatch软件安装包 | p6880880_112000_Linux-x86-64.zip(大小为108M) |
| OPatch版本(当前) | 11.2.0.3.4 |
| OPatch版本(升级) | 11.2.0.3.21 |
| PatchID(PSU) | Patch 28729262(Oracle Database Patch Set Update 11.2.0.4.190115) |
| 数据库补丁包 | p28729262_112040_Linux-x86-64.zip (11.2.0.4.190115) |
3.升级Opatch
3.1.设置环境变量
3.1.1. 编辑~/.bash_profile添加OPatch的路径
[oracle@orcldb OPatch]$ vi ~/.bash_profile /u01/app/oracle/product/11.2.0/db_1/OPatch
3.1.2. 变量生效
source ~/.bash_profile
3.1.3. 查看OPatch的版本
opatch version
3.1.4. 查看已打过的补丁
opatch lspatches opatch lsinv
3.1.5. 查看PSU的版本
col ACTION format a6 col VERSION format a8 col BUNDLE_SERIES format a13 col COMMENTS format a19 select ACTION,VERSION,BUNDLE_SERIES,COMMENTS from dba_registry_history;
3.1.6. 备份OPatch
cd /u01/app/oracle/product/11.2.0/db_1/ mv OPatch/ OPatch_bak20190726
3.1.7. 解压缩
unzip p6880880_112000_Linux-x86-64.zip mv OPatch /u01/app/oracle/product/11.2.0/db_1/
3.2. 备份数据
expdp system directory=dump_dir dumpfile=ods_full_expdp_20190726.dmp logfile=ods_full_expdp_20190726.log full=y exclude=statistics filesize=30G compression=ALL
3.3. 关闭数据库和监听
sqlplus / as sysdba; shutdown immediate; lsnrctl stop
3.4.打PSU补丁
3.4…1. 解压缩文件
unzip p28729262_112040_LINUX.zip --备注:解压后得到目录28729262和文件PatchSearch.xml
3.4.2. 检查PSU补丁是否有冲突
[oracle@xxptods 28729262]$ pwd /software/28729262 [oracle@xxptods 28729262]$ $ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -ph ./ Oracle Interim Patch Installer version 11.2.0.3.15 Copyright (c) 2019, Oracle Corporation. All rights reserved. PREREQ session Oracle Home : /u01/app/oracle/product/11.2.0/db_1 Central Inventory : /u01/app/oraInventory from : /u01/app/oracle/product/11.2.0/db_1/oraInst.loc OPatch version : 11.2.0.3.15 OUI version : 11.2.0.4.0 Log file location : /u01/app/oracle/product/11.2.0/db_1/cfgtoollogs/opatch/opatch2019-07-26_14-34-15PM_1.log Invoking prereq "checkconflictagainstohwithdetail" Prereq "checkConflictAgainstOHWithDetail" passed. OPatch succeeded. --备注:必须要在28729262目录中执行上述命令
3.4.3.手动生成文件ocm.rsp
手动生成OPatch所需的OCM(Oracle Configuration Manager)文件ocm.rsp:
$ORACLE_HOME/OPatch/ocm/bin/emocmrsp [oracle@localhost 29141056]$ $ORACLE_HOME/OPatch/ocm/bin/emocmrsp OCM Installation Response Generator 10.3.7.0.0 - Production Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. Provide your email address to be informed of security issues, install and initiate Oracle Configuration Manager. Easier for you if you use your My Oracle Support Email address/User Name. Visit http://www.oracle.com/support/policies.html for details. Email address/User Name: You have not provided an email address for notification of security issues. Do you wish to remain uninformed of security issues ([Y]es, [N]o) [N]: y The OCM configuration response file (ocm.rsp) was successfully created.
3.4.4.开始打补丁
cd /software/28729262 $ORACLE_HOME/OPatch/opatch apply -silent -ocmrf ocm.rsp [oracle@localhost 29141056]$ $ORACLE_HOME/OPatch/opatch apply -silent -ocmrf ocm.rsp Oracle Interim Patch Installer version 11.2.0.3.21 Copyright (c) 2019, Oracle Corporation. All rights reserved. Oracle Home : /u01/app/oracle/product/11.2.0/db Central Inventory : /u01/app/oraInventory from : /u01/app/oracle/product/11.2.0/db/oraInst.loc OPatch version : 11.2.0.3.21 OUI version : 11.2.0.4.0 Log file location : /u01/app/oracle/product/11.2.0/db/cfgtoollogs/opatch/opatch2019-08-02_10-12-00AM_1.log Verifying environment and performing prerequisite checks... -------------------------------------------------------------------------------- Start OOP by Prereq process. Launch OOP... Oracle Interim Patch Installer version 11.2.0.3.21 Copyright (c) 2019, Oracle Corporation. All rights reserved. Oracle Home : /u01/app/oracle/product/11.2.0/db Central Inventory : /u01/app/oraInventory from : /u01/app/oracle/product/11.2.0/db/oraInst.loc OPatch version : 11.2.0.3.21 OUI version : 11.2.0.4.0 Log file location : /u01/app/oracle/product/11.2.0/db/cfgtoollogs/opatch/opatch2019-08-02_10-12-11AM_1.log Verifying environment and performing prerequisite checks... OPatch continues with these patches: 17478514 18031668 18522509 19121551 19769489 20299013 20760982 21352635 21948347 22502456 23054359 24006111 24732075 25869727 26609445 26392168 26925576 27338049 27734982 28204707 28729262 29141056 Do you want to proceed? [y|n] Y (auto-answered by -silent) User Responded with: Y All checks passed. Please shutdown Oracle instances running out of this ORACLE_HOME on the local system. (Oracle Home = '/u01/app/oracle/product/11.2.0/db') Is the local system ready for patching? [y|n] Y (auto-answered by -silent) User Responded with: Y Backing up files... Applying sub-patch '17478514' to OH '/u01/app/oracle/product/11.2.0/db' Patching component oracle.rdbms, 11.2.0.4.0... Patching component oracle.rdbms.rsf, 11.2.0.4.0... Patching component oracle.sdo, 11.2.0.4.0... Patching component oracle.sysman.agent, 10.2.0.4.5... Patching component oracle.xdk, 11.2.0.4.0... Patching component oracle.rdbms.dbscripts, 11.2.0.4.0... Patching component oracle.sdo.locator, 11.2.0.4.0... Patching component oracle.nlsrtl.rsf, 11.2.0.4.0... Patching component oracle.xdk.rsf, 11.2.0.4.0... Patching component oracle.rdbms.rman, 11.2.0.4.0... ... ... Applying sub-patch '29141056' to OH '/u01/app/oracle/product/11.2.0/db' Patching component oracle.rdbms, 11.2.0.4.0... Patching component oracle.rdbms.rman, 11.2.0.4.0... Patching component oracle.oracore.rsf, 11.2.0.4.0... Patching component oracle.rdbms.dbscripts, 11.2.0.4.0... Patching component oracle.rdbms.rsf, 11.2.0.4.0... OPatch found the word "error" in the stderr of the make command. Please look at this stderr. You can re-run this make command. Stderr output: chmod: changing permissions of `/u01/app/oracle/product/11.2.0/db/bin/extjobO': Operation not permitted make: [iextjob] Error 1 (ignored) 注:此处的错误可以忽略 Composite patch 29141056 successfully applied. OPatch Session completed with warnings. Log file location: /u01/app/oracle/product/11.2.0/db/cfgtoollogs/opatch/opatch2019-08-02_10-12-11AM_1.log OPatch completed with warnings.
3.4.5.验证补丁包
$ORACLE_HOME/OPatch/opatch lsinv $ORACLE_HOME/OPatch/opatch lspatches
3.5.升级数据字典
For each database instance running on the Oracle home being patched, connect to the database using SQL*Plus. Connect as SYSDBA and run the catbundle.sql script as follows: cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> STARTUP SQL> @catbundle.sql psu apply ----重新编辑无效对象 SQL> @utlrp.sql SQL> QUIT
- 标签:
-
行业资讯
您可能感兴趣的新闻 换一批
热门文章
现在下载,可享30天免费试用
