Hii @Theking2 welcome to the community 
The error you’re encountering is related to user namespaces and mount namespace isolation not being supported or permitted in your Docker setup. These are needed by default in Collabora Online for process isolation and security (mount_jail_tree).
Option 1
Disable mount_jail_tree in coolwsd.xml
If you’re in a Docker environment and you trust the workload (e.g. not multi-tenant or untrusted docs), the simplest solution is to disable the jail system:
- Locate your
coolwsd.xml(mounted or copied into the container, typically in/etc/coolwsd/coolwsd.xml) - Set:
<mount_jail_tree>false</mount_jail_tree>
- Restart the container.
Security Note: This disables mount namespace isolation, which reduces sandboxing protections. Only do this in trusted, internal setups.
Option 2: Use Docker with Required Capabilities
If you want to keep the jail feature, run your container with extra privileges:
docker run --cap-add=SYS_ADMIN --security-opt seccomp=unconfined ...
Or if you’re using docker-compose:
services:
collabora:
image: collabora/code
cap_add:
- SYS_ADMIN
security_opt:
- seccomp=unconfined
...
This will allow unshare() to succeed and let Collabora isolate the environment properly.
3: Use Podman (Rootless Compatible)
If you prefer to keep your deployment fully rootless and secure, Podman supports user namespaces better than Docker by default.
Thanks
Darshan