ORA-24247处理过程

ORA-24247处理过程

码农世界 2024-05-17 前端 70 次浏览 0个评论

文章目录

  • 问题描叙
  • Solution
    • 设置SMTP_OUT_SERVER 参数
    • 创建ACLS
    • 验证

      问题描叙

      记录一下ORA-24247引发job执行失败的处理过程:

      select sjrd.log_id,sjrd.log_date,sj.owner,sj.job_name,sj.job_subname,sjrd.status from dba_scheduler_job_run_details sjrd
join dba_scheduler_jobs sj
on sjrd.owner=sj.owner and sjrd.job_name=sj.job_name
where sjrd.status<>'SUCCEEDED'
order by log_date desc

      输出:

          LOG_ID LOG_DATE                     OWNER      JOB_NAME     JOB_SUBNAM STATUS
---------- --------------------------------------------------------------------------- ---------- ------------ ---------- ----------
    716776 17-MAY-24 03.04.04.980417 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    716700 16-MAY-24 03.04.03.233071 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    716624 15-MAY-24 03.04.02.564900 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    716548 14-MAY-24 03.04.02.866003 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    716348 12-MAY-24 03.04.03.004062 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    716223 11-MAY-24 03.04.03.778856 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    716071 09-MAY-24 03.04.03.256950 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    715990 08-MAY-24 03.04.06.599765 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED
    715914 07-MAY-24 03.04.07.171701 AM +07:00                                         IPCASICS   IT_INVENTORY            FAILED

      查看addition_info信息:

      addition_info显示错误为ORA-24247

      select sjrd.additional_info from dba_scheduler_job_run_details sjrd
join dba_scheduler_jobs sj
on sjrd.owner=sj.owner and sjrd.job_name=sj.job_name
where sjrd.log_id=716776 and sjrd.status<>'SUCCEEDED'
order by log_date desc

      输出:

      ADDITIONAL_INFO
-------------------------------------------------
ORA-24247: 存取控制清單 (ACL) 拒絕網路存取
ORA-06512: 在 "SYS.UTL_TCP", line 17
ORA-06512: 在 "SYS.UTL_TCP", line 267
ORA-06512: 在 "SYS.UTL_SMTP", line 161
ORA-06512: 在 "SYS.UTL_SMTP", line 197
ORA-06512: 在 "IPCASICS.PKG_MAIL", line 240
ORA-06512: 在 "IPCASICS.PKG_MAIL", line 118
ORA-06512: 在 "IPCASICS.PKG_MAIL", line 333
ORA-06512: 在 "IPCASICS.EMAIL", line 30
ORA-06512: 在 line 9
ORA-24247: 存取控制清單 (ACL) 拒絕網路存取

      手动执行IPCASICS.EMAIL产生的错误讯息跟addition_info记录一致:

      exec ipcasics.email('SYS.ADMIN@YUYUN.COM','BOB@YUYUN.COM','TEST','THIS A TEST')
ERROR at line 1:
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 267
ORA-06512: at "SYS.UTL_SMTP", line 161
ORA-06512: at "SYS.UTL_SMTP", line 197
ORA-06512: at "IPCASICS.PKG_MAIL", line 240
ORA-06512: at "IPCASICS.PKG_MAIL", line 118
ORA-06512: at "IPCASICS.PKG_MAIL", line 333
ORA-06512: at "IPCASICS.EMAIL", line 30
ORA-06512: at line 1

      Solution

      从 11g 开始,要使用 UTL_MAIL 或 UTL_SMTP 发送邮件,需要在数据库中创建 ACL。

      执行下面的查询,host部风为mail.yuyun.com,实际公司mail host已经变更为zsys.yuyun.com,看来问题出在这里

      SELECT na.aclid,na.acl,nap.principal,nap.privilege,nap.is_grant,na.host FROM dba_network_acl_privileges nap
JOIN dba_network_acls na
ON nap.aclid=na.aclid
ACLID                            ACL                            PRINCIPAL                      PRIVILEGE               IS_GRANT             HOST
-------------------------------- ------------------------------ ------------------------------ ----------------------- -------------------- ------------------------------
77DAF452E0DF08C9E050007F01005A84 /sys/acls/UTL_SMTP.xml         IPCASICS                       connect                 true                 mail.yuyun.com

      设置SMTP_OUT_SERVER 参数

      SQL> alter system set smtp_out_server='zsys.yuyum.com' scope=both;
System altered.

      创建ACLS

      --- creating ACL as below
exec DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('send_mail.xml','Allow mail to be send', 'IPCASICS', TRUE, 'connect');
commit;
----Grant the connect and resource privilege as below
exec DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE('send_mail.xml','IPCASICS',TRUE, 'connect');
exec DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE('send_mail.xml','IPCASICS',TRUE, 'resolve');
exec DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('send_mail.xml','ZSYS.YUYUN.COM',25);
commit;

      验证

      查看权限已经成功授予

      SELECT na.aclid,na.acl,nap.principal,nap.privilege,nap.is_grant,na.host FROM dba_network_acl_privileges nap
JOIN dba_network_acls na
ON nap.aclid=na.aclid
ACLID                            ACL                            PRINCIPAL                      PRIVILEGE               IS_GRANT             HOST
-------------------------------- ------------------------------ ------------------------------ ----------------------- -------------------- ------------------------------
77DAF452E0DF08C9E050007F01005A84 /sys/acls/UTL_SMTP.xml         IPCASICS                       connect                 true                 mail.yuyun.com
18A4B8E845E61416E0634A0113AC8DBC /sys/acls/send_mail.xml        IPCASICS                       connect                 true                 zsys.yuyun.com
18A4B8E845E61416E0634A0113AC8DBC /sys/acls/send_mail.xml        IPCASICS                       resolve                 true                 zsys.yuyun.com

      重新手动执行email发送成功

      SQL> exec ipcasics.email('SYS.ADMIN@YUYUN.COM','BOB@YUYUN.COM','TEST','THIS A TEST');
PL/SQL procedure successfully completed.

转载请注明来自码农世界,本文标题:《ORA-24247处理过程》

百度分享代码,如果开启HTTPS请参考李洋个人博客
37815篇文章 站点 微博
每一天,每一秒,你所做的决定都会改变你的人生!

发表评论

快捷回复:

评论列表 (暂无评论,70人围观)参与讨论

还没有评论,来说两句吧...

Top