Permissions errors in Nextcloud for cool directories - /opt/cool/child-roots/

HeneryH · January 20, 2023, 2:44pm

The nextcloud logs show a mix of permission and nodev error. I loaded collabora via package install on Ubuntu-22.10

Did I miss a step in the setup process? This might be causing the famed “Document loading failed” error

Jan 20 14:34:17 nextcloud coolwsd[195]: wsd-00195-00793 2023-01-20 14:34:17.173860 +0000 [ docbroker_008 ] ERR  WOPI::CheckFileInfo failed for URI [https://nextcloud.my_domain.org/index.php/apps/richdocuments/wopi/files/7_oc81rcga3ya9?access_token=BQXuj6QNcNA1dftyZN3NsIfsf31jJU3>
Jan 20 14:34:17 nextcloud coolwsd[195]: wsd-00195-00793 2023-01-20 14:34:17.173924 +0000 [ docbroker_008 ] ERR  loading document exception: Access denied, 403. WOPI::CheckFileInfo failed on: https://nextcloud.my_domain.org/index.php/apps/richdocuments/wopi/files/7_oc81rcga3ya9?a>
Jan 20 14:34:17 nextcloud coolwsd[195]: wsd-00195-00793 2023-01-20 14:34:17.173937 +0000 [ docbroker_008 ] ERR  Failed to add session to [https://nextcloud.my_domain.org:443/index.php/apps/richdocuments/wopi/files/7_oc81rcga3ya9] with URI [https://nextcloud.warringtonpatriots.or>
Jan 20 14:34:17 nextcloud coolwsd[195]: wsd-00195-00793 2023-01-20 14:34:17.173951 +0000 [ docbroker_008 ] ERR  Unauthorized Request while starting session on https://nextcloud.my_domain.org:443/index.php/apps/richdocuments/wopi/files/7_oc81rcga3ya9 for socket #25. Terminating c>
Jan 20 14:34:17 nextcloud coolwsd[195]: wsd-00195-00793 2023-01-20 14:34:17.181498 +0000 [ docbroker_008 ] ERR  #19: Read failed, have 0 buffered bytes (ECONNRESET: Connection reset by peer)| net/Socket.hpp:1135
Jan 20 14:34:17 nextcloud coolwsd[195]: wsd-00195-00793 2023-01-20 14:34:17.181519 +0000 [ docbroker_008 ] WRN  Unassociated Kit (792) disconnected unexpectedly| wsd/COOLWSD.cpp:3311
Jan 20 14:34:17 nextcloud coolwsd[800]: kit-00800-00483 2023-01-20 14:34:17.261233 +0000 [ kit_spare_009 ] ERR  mknod(/opt/cool/child-roots/CngKPgeV68TIZNog//tmp/dev/random) failed. Mount must not use nodev flag. (EPERM: Operation not permitted)| common/JailUtil.cpp:300
Jan 20 14:34:17 nextcloud coolwsd[800]: kit-00800-00483 2023-01-20 14:34:17.261270 +0000 [ kit_spare_009 ] ERR  mknod(/opt/cool/child-roots/CngKPgeV68TIZNog//tmp/dev/urandom) failed. Mount must not use nodev flag. (EPERM: Operation not permitted)| common/JailUtil.cpp:312
Jan 20 14:34:18 nextcloud coolwsd[804]: /usr/bin/coolmount: forced unmount of [/opt/cool/child-roots/x7DbvirZFnemTO8S/lo] failed: Permission denied.
Jan 20 14:34:18 nextcloud coolwsd[806]: /usr/bin/coolmount: forced unmount of [/opt/cool/child-roots/x7DbvirZFnemTO8S] failed: Permission denied.

The /opt/cool directories are owned by cool:cool and I tried a simple attempt at adding the cool group to the www-data account but that didn’t solve the problem.

HeneryH · January 20, 2023, 2:58pm

This might be an LXD container issue. Researching in another thread.

relbeoh · January 23, 2023, 7:20pm

Have you found a solution to this issue? I am running coolwsd in an LXC container as well (the nextcloud installation is in a separate VM though, sholudn’t matter for this issue), same error message

HeneryH · January 23, 2023, 8:19pm

Turns out this is just very poor anomaly handling by the software.

I incorrectly added the WOPI Allow list addresses. I thought I added them correctly but I must not have.

I removed list of Allowed addresses (it will then give a warning about that) and the system worked fine.

I wish the system would have thrown a better error telling me my WOPI Allow List didn’t allow what I was trying to do rather than sending me deep into the logs.

weasam · August 16, 2023, 3:13pm

I also have this issue using Proxmox LXC container Ubuntu 22.04. did you find another solution to install it?

when i excuse these command it start to work

sudo coolconfig set ssl.enable false
sudo coolconfig set ssl.termination true

restart coolwsd and restart
sudo systemctl restart coolwsd && sudo systemctl status coolwsd