Thursday, January 19, 2023

19C : Pluggable database in restricted mode due to datapatch failure

By Gowthami | apps-dba.com | Oracle Administration Series

A common issue after Oracle Database 19c patching is a Pluggable Database (PDB) opening in RESTRICTED mode due to a datapatch failure. This occurs when datapatch — the tool that applies SQL-based patch changes — fails or is not run after the binary patch is applied. This post explains root causes and step-by-step resolution.

Key Insight: After applying Oracle patches (OPatch), you MUST run datapatch to apply the SQL-based portions of the patch to each database. If datapatch fails mid-way, PDBs may open in RESTRICTED mode until the SQL patches are successfully applied.

Symptoms

-- PDB shows RESTRICTED in open mode
SELECT con_id, name, open_mode, restricted
FROM v$pdbs;

-- Output:
-- CON_ID  NAME    OPEN_MODE   RESTRICTED
-- 3       PROD    READ WRITE  YES        <-- Problem!

-- Alert log shows:
-- "PDB PROD is restricted because datapatch has not been run"
-- or errors in /oracle/diag/rdbms/db/trace/ datapatch logs

Root Causes

  • OPatch was applied but datapatch was not run afterward
  • datapatch ran but failed with errors (DB not open, network issue, ORA- error)
  • PDB was closed when datapatch ran and didn't get the SQL changes
  • Registry mismatch between CDB and PDB patch levels

Diagnosing the Issue

-- Check registry status in the affected PDB
ALTER SESSION SET CONTAINER = PROD;

SELECT comp_id, comp_name, status, version, modified
FROM dba_registry
ORDER BY comp_id;
-- Look for: STATUS = 'INVALID' or version mismatch

-- Check datapatch history
SELECT patch_id, patch_uid, action, status, action_time, description
FROM dba_registry_sqlpatch
ORDER BY action_time DESC;
-- Look for BOOTSTRAP or WITH ERRORS status

-- Check CDB vs PDB versions
SELECT con_id, version, status
FROM cdb_registry
WHERE comp_id = 'CATPROC'
ORDER BY con_id;

Resolution: Re-run datapatch

-- Step 1: Ensure the PDB is open (READ WRITE)
-- Connect as SYSDBA to CDB
ALTER PLUGGABLE DATABASE PROD OPEN;

-- Step 2: Run datapatch from OS (as oracle user)
cd $ORACLE_HOME/OPatch
./datapatch -verbose

-- For a specific PDB only:
./datapatch -pdbs PROD -verbose

-- Step 3: Monitor datapatch output
-- Look for: "Patch application complete" for each PDB
-- datapatch log: $ORACLE_BASE/cfgtoollogs/sqlpatch/

After datapatch Completes

-- Verify PDB is no longer restricted
SELECT con_id, name, open_mode, restricted FROM v$pdbs;
-- RESTRICTED should now show NO

-- Verify registry is valid
ALTER SESSION SET CONTAINER = PROD;
SELECT comp_id, status, version FROM dba_registry;
-- All components should show 'VALID'

-- If still restricted, try restarting the PDB
ALTER PLUGGABLE DATABASE PROD CLOSE;
ALTER PLUGGABLE DATABASE PROD OPEN;

Prevention Best Practices

  • Always run datapatch immediately after OPatch apply, before starting services
  • Ensure ALL PDBs are open (READ WRITE) before running datapatch
  • Run datapatch in a maintenance window, not during production hours
  • Review datapatch logs even when it reports success
  • Test the patching procedure in a non-production environment first

Summary

PDBs opening in RESTRICTED mode after patching is a common Oracle 12c/19c issue. The fix is straightforward: ensure the PDB is open, re-run datapatch targeting the affected PDB, and verify the registry shows all components as VALID. Build datapatch into your standard patching runbook to prevent this issue in future patch cycles.

Oracle Exadata - The Complete Guide

Master Oracle administration, patching, and Exadata-specific management with Gowthami's complete guide.

Get the Book
on
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)