Collabora Online Permission Denied


im installing Nextcloud & Collabora Online currently.

Did it like its described here:

I installed 2 Virtual Maschines for my Solution.
First Virtual Maschine is running the Nextcloud and the other is running the Collabora Online Server.

Installed the app on me Nextcloud server and entered the link in settings.

Now when i try to edit a file or just open it, i recieve the error “Permission denied”

Where is the Problem???

Didnt cut Collabora to a special group. Doesnt work with Admin and Normal user.

Thank you for your Help !

Did you setup the link to Collabora Online server your admin settings?

yes i already did that

What does “docker ps” say?

please answer the following questions to get to an quicker result:

error message
does https://collabora-domain/hosting/discovery show an xml File?
docker ps
docker logs
result of docker info
anonymized docker start command
the anonymized content of their collabora-webinstance (f.e. /etc/apache/sites-enabled/collabora.domain.tld.conf)
which SSL-Certs are being used (self signed or from a recognized authority)
result of "uname -a"
the date of the download of the collabora-image
If it already worked or not and if possible with which image-date.

-Nextcloud Version: 11.0.1
-How do i find out mit Plugin Version? I installed it via Docker
-Error Message: Permission Denied
-Yes it does show an Xml-File

-docker ps:
2ff33871f33a collabora/code "/bin/sh -c 'bash ..." 2 days ago Up 2 days>9980/tcp condescending_tesla

-docker logs 2ff33871f33a
loolforkit version details: 2.0.2 - 2.0.2
frk-06171-6171 08:49:02.975938 [ loolforkit ] FTL Capability cap_sys_chroot is not set for the loolforkit program.| kit/ForKit.cpp:145
frk-06171-6171 08:49:02.975999 [ loolforkit ] FTL Capability cap_mknod is not set for the loolforkit program.| kit/ForKit.cpp:145
frk-06171-6171 08:49:02.976050 [ loolforkit ] FTL Capability cap_fowner is not set for the loolforkit program.| kit/ForKit.cpp:145

This message repeated about 500 times

docker info:
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 1
Server Version: 1.13.0
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 10
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 03e5862ec0d8d3b3f750e19fca3ee367e13c090e
runc version: 2f7393a47307a16f8cee44a37b262e8b81021e3e
init version: 949e6fa
Kernel Version: 3.16.0-4-amd64
Operating System: Debian GNU/Linux 8 (jessie)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.963 GiB
Name: mysystem
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
WARNING: No memory limit support
WARNING: No swap limit support
WARNING: No kernel memory limit support
WARNING: No oom kill disable support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
Experimental: false
Insecure Registries:
Live Restore Enabled: false

what do you mean with the anonymized start command?

conf file:
<VirtualHost *:443>
ServerName myip:443

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/somecert.crt
        SSLCertificateKeyFile /etc/apache2/ssl/somekey.key
        SSLProtocol     all -SSLv2 -SSLv3

        AllowEncodedSlashes NoDecode

        SSLProxyEngine On
        SSLProxyVerify None
        SSLProxyCheckPeerCN Off
        SSLProxyCheckPeerName Off

        ProxyPreserveHost On

        ProxyPass       /loleaflet retry=0
        ProxyPassReverse        /loleaflet

        ProxyPass       /hosting/discovery retry=0
        ProxyPassReverse        /hosting/discovery

        ProxyPassMatch  "/lool/(.*)/ws$" wss://$1/ws nocanon

        ProxyPass       /lool/adminws wss://

        ProxyPass       /lool
        ProxyPassReverse        /lool

My Certificates are self signed.

uname -a:
Linux mysystem 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1 (2016-12-30) x86_64 GNU/Linux

Installed Collabora on 2017-02-03

It did not work already.

A capability problem seems either an issue with the self signed certs and/or aufs with your kernel version.

Sometimes you get that fixed by adding your own CA to the nextxloud-certbundle file, change to letsencrypt if possible, and changing to overlayfs or devicemapper and/or upgrading/installing a custom kernel. There are dome threads with the solutions you could try.

how does the commandline look like with that you start the docker container. most problems are issues with escaping the special caracters in the domain name. you have to use ONE backshlash per sepcial character.

CODE is now starting, the Problem was that i didnt add my certificate to nextclouds certificate bundle.

Now CODE says Connecting… for a long time and throws the message that CODE wasnt able to load my document.
How much resources does CODE need?

if you just see a blank screen in the CODE-Frame you need to set an alias in the dockerimage. there is a fix thread

Could you send me the link please?