chg: [doc] Leveled RHEL7/RHEL8 Install procedure (WiP)

2019-07-01 13:15:15 +09:00 · 2019-07-01 13:15:15 +09:00 · 93a55a1e89
parent 4d590160da
commit 93a55a1e89
2 changed files with 203 additions and 140 deletions
--- a/docs/INSTALL.rhel7.md
+++ b/docs/INSTALL.rhel7.md
@ -211,16 +211,15 @@ installCoreRHEL () {
  $SUDO_WWW git config core.filemode false
  # Install packaged pears
-  sudo $RUN_PHP "pear channel-update pear.php.net"
+  sudo $RUN_PHP -- pear channel-update pear.php.net
-  sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml"
+  sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
-  sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml"
+  sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
  # Create a python3 virtualenv
-  $SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
+  $SUDO_WWW $RUN_PYTHON -- virtualenv -p python3 $PATH_TO_MISP/venv
  sudo mkdir /usr/share/httpd/.cache
  sudo chown $WWW_USER:$WWW_USER /usr/share/httpd/.cache
  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
  cd $PATH_TO_MISP/app/files/scripts
  $SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
@ -466,6 +465,7 @@ apacheConfig_RHEL () {
  # A sample vhost can be found in $PATH_TO_MISP/INSTALL/apache.misp.centos7
  sudo cp $PATH_TO_MISP/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
  #sudo sed -i "s/SetHandler/\#SetHandler/g" /etc/httpd/conf.d/misp.ssl.conf
  sudo rm /etc/httpd/conf.d/ssl.conf
  sudo chmod 644 /etc/httpd/conf.d/misp.ssl.conf
  sudo sed -i '/Listen 80/a Listen 443' /etc/httpd/conf/httpd.conf
@ -653,17 +653,6 @@ EOF
 # <snippet-end 2_configMISP_RHEL.sh>
 ```
 ```bash
 # In case you have no /etc/rc.local make a bare-bones one.
 if [ ! -e /etc/rc.local ]
 then
    echo '#!/bin/sh -e' | sudo tee -a /etc/rc.local
    echo 'exit 0' | sudo tee -a /etc/rc.local
    sudo chmod u+x /etc/rc.local
 fi
 ```
 !!! note
    There is a bug that if a passphrase is added MISP will produce an error on the diagnostic page.<br />
    /!\ THIS WANTS TO BE VERIFIED AND LINKED WITH A CORRESPONDING ISSUE.
@ -702,7 +691,7 @@ sudo systemctl daemon-reload
 sudo systemctl enable --now misp-workers.service
 ```
-## 9.07/ misp-modules (WIP!)
+## 9.07/ misp-modules
 ```bash
 # some misp-modules dependencies
 sudo yum install openjpeg-devel gcc-c++ poppler-cpp-devel pkgconfig python-devel redhat-rpm-config -y
--- a/docs/INSTALL.rhel8.md
+++ b/docs/INSTALL.rhel8.md
@ -19,7 +19,7 @@ Make sure you are reading the parsed version of this Document. When in doubt [cl
    ```
    **The above does NOT work yet**
-## 0/ Overview and Assumptions
+### 0/ Overview and Assumptions
 {!generic/community.md!}
@ -31,6 +31,10 @@ Make sure you are reading the parsed version of this Document. When in doubt [cl
 This document details the steps to install MISP on Red Hat Enterprise Linux 8.x (RHEL 8.x).
 This document details the steps to install MISP on Red Hat Enterprise Linux 8.x (RHEL 8.x) and CentOS 8.x.
 At time of this writing it was tested on versions 8.0 for RHEL.
 This is a joint RHEL/CentOS install guide. The authors tried to make it contextually evident what applies to which flavor.
 The following assumptions with regard to this installation have been made.
 - A valid support agreement allowing the system to register to the Red Hat Customer Portal and receive updates
@ -71,18 +75,21 @@ sudo subscription-manager register --auto-attach # register your system to an ac
 ## 1.4/ **[RHEL]** Enable the optional, extras and Software Collections (SCL) repos
 ```bash
 # <snippet-begin 0_RHEL_SCL.sh>
 # To be confirmed, no access to RHSCL
 sudo subscription-manager refresh 
 sudo subscription-manager repos --enable rhel-8-server-optional-rpms
 sudo subscription-manager repos --enable rhel-8-server-extras-rpms
 sudo subscription-manager repos --enable rhel-server-rhscl-8-rpms
 # <snippet-end 0_RHEL_SCL.sh>
 ```
-### 1.5a/ Install the deltarpm package to help reduce download size when installing updates (optional)
+## 1.5a/ Install the deltarpm package to help reduce download size when installing updates (optional)
 ```bash
 sudo yum install drpm -y
 ```
-### 1.5.b/ Install vim (optional)
+## 1.5.b/ Install vim (optional)
 ```bash
 # Because vim is just so practical
 sudo yum install vim -y
@ -106,7 +113,10 @@ sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noa
 # <snippet-end 0_RHEL_EPEL.sh>
 ```
-# 2/ Dependencies
+### 2/ Dependencies
 !!! note
    This guide installs PHP 7.2 from SCL
 !!! warning
    [PHP 5.6 and 7.0 aren't supported since December 2018](https://secure.php.net/supported-versions.php). Please update accordingly. In the future only PHP7 will be supported.
@ -114,23 +124,25 @@ sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noa
 ## 2.01/ Install some base system dependencies
 ```bash
 # <snippet-begin 0_yumInstallCoreDeps.sh>
-# Install the dependencies:
+yumInstallCoreDeps () {
-sudo yum install @httpd -y
+  # Install the dependencies:
-sudo yum install gcc git zip \
+  sudo yum install @httpd -y
-       httpd \
+  sudo yum install gcc git zip \
-       mod_ssl \
+                   httpd \
-       redis \
+                   mod_ssl \
-       mariadb \
+                   redis \
-       mariadb-server \
+                   mariadb \
-       python3-devel python3-pip python3-virtualenv \
+                   mariadb-server \
-       libxslt-devel zlib-devel ssdeep-devel -y
+                   python3-devel python3-pip python3-virtualenv \
-sudo alternatives --set python /usr/bin/python3
+                   python3-policycoreutils \
                   libxslt-devel zlib-devel ssdeep-devel -y
  sudo alternatives --set python /usr/bin/python3
-# Enable and start redis
+  # Enable and start redis
-sudo systemctl enable --now redis.service
+  sudo systemctl enable --now redis.service
-PHP_INI=/etc/php.ini
+  PHP_INI=/etc/php.ini
-sudo yum install php php-fpm php-devel php-pear \
+  sudo yum install php php-fpm php-devel php-pear \
       php-mysqlnd \
       php-mbstring \
       php-xml \
@ -138,14 +150,15 @@ sudo yum install php php-fpm php-devel php-pear \
       php-opcache \
       php-json \
       php-gd -y
 }
 # <snippet-end 0_yumInstallCoreDeps.sh>
 ```
-!!! note
+!!! notice
    MISP 2.4 requires PHP 5.6 as a minimum, we need a higher version than base RHEL provides.<br />
    This guide installs PHP 7.2
-!!! note
+!!! notice
    If we want to use httpd from RHEL base we can use the rh-php72-php-fpm service instead
 ## 2.05/ Start the PHP FPM service and enable to start on boot
@ -167,106 +180,117 @@ sudo systemctl enable --now haveged.service
 ```bash
 # <snippet-begin 1_mispCoreInstall_RHEL.sh>
-# Download MISP using git in the /var/www/ directory.
+installCoreRHEL () {
-sudo mkdir $PATH_TO_MISP
+  # Download MISP using git in the /var/www/ directory.
-sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
+  sudo mkdir $PATH_TO_MISP
-cd /var/www
+  sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
-$SUDO_WWW git clone https://github.com/MISP/MISP.git
+  cd /var/www
-cd $PATH_TO_MISP
+  $SUDO_WWW git clone https://github.com/MISP/MISP.git
-##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
+  cd $PATH_TO_MISP
-# if the last shortcut doesn't work, specify the latest version manually
+  ##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
-# example: git checkout tags/v2.4.XY
+  # if the last shortcut doesn't work, specify the latest version manually
-# the message regarding a "detached HEAD state" is expected behaviour
+  # example: git checkout tags/v2.4.XY
-# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
+  # the message regarding a "detached HEAD state" is expected behaviour
  # (you only have to create a new branch, if you want to change stuff and do a pull request for example)
-# Fetch submodules
+  # Fetch submodules
-$SUDO_WWW git submodule update --init --recursive
+  $SUDO_WWW git submodule update --init --recursive
-# Make git ignore filesystem permission differences for submodules
+  # Make git ignore filesystem permission differences for submodules
-$SUDO_WWW git submodule foreach --recursive git config core.filemode false
+  $SUDO_WWW git submodule foreach --recursive git config core.filemode false
-# Make git ignore filesystem permission differences
+  # Make git ignore filesystem permission differences
-$SUDO_WWW git config core.filemode false
+  $SUDO_WWW git config core.filemode false
-# Install packaged pears
+  # Install packaged pears
-sudo $RUN_PHP "pear channel-update pear.php.net"
+  sudo $RUN_PHP -- pear channel-update pear.php.net
-sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml"
+  sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
-sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml"
+  sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
-# Create a python3 virtualenv
+  # Create a python3 virtualenv
-$SUDO_WWW virtualenv-3 -p python3 $PATH_TO_MISP/venv
+  $SUDO_WWW virtualenv-3 -p python3 $PATH_TO_MISP/venv
-sudo mkdir /usr/share/httpd/.cache
+  sudo mkdir /usr/share/httpd/.cache
-sudo chown $WWW_USER:$WWW_USER /usr/share/httpd/.cache
+  sudo chown $WWW_USER:$WWW_USER /usr/share/httpd/.cache
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
-cd $PATH_TO_MISP/app/files/scripts
+  cd $PATH_TO_MISP/app/files/scripts
-$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
+  $SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
-$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
+  $SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
-$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
+  $SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
-$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
+  $SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
-cd $PATH_TO_MISP/app/files/scripts/python-cybox
+  cd $PATH_TO_MISP/app/files/scripts/python-cybox
-# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
+  # If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
-UMASK=$(umask)
+  UMASK=$(umask)
-umask 0022
+  umask 0022
-cd $PATH_TO_MISP/app/files/scripts/python-stix
+  cd $PATH_TO_MISP/app/files/scripts/python-stix
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
-# install mixbox to accommodate the new STIX dependencies:
+  # install mixbox to accommodate the new STIX dependencies:
-cd $PATH_TO_MISP/app/files/scripts/mixbox
+  cd $PATH_TO_MISP/app/files/scripts/mixbox
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
-# install STIX2.0 library to support STIX 2.0 export:
+  # install STIX2.0 library to support STIX 2.0 export:
-cd $PATH_TO_MISP/cti-python-stix2
+  cd $PATH_TO_MISP/cti-python-stix2
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
-# install maec
+  # install maec
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
-# install zmq
+  # install zmq
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
-# install redis
+  # install redis
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
-# lief needs manual compilation
+  # lief needs manual compilation
-sudo yum groupinstall "Development Tools" -y
+  sudo yum groupinstall "Development Tools" -y
-sudo yum install cmake3 cppcheck -y
+  sudo yum install cmake3 cppcheck -y
-cd $PATH_TO_MISP/app/files/scripts/lief
+  cd $PATH_TO_MISP/app/files/scripts/lief
-$SUDO_WWW mkdir build
+  $SUDO_WWW mkdir build
-cd build
+  cd build
-$SUDO_WWW cmake3 \
+  $SUDO_WWW cmake3 \
-DLIEF_PYTHON_API=on \
+  -DLIEF_PYTHON_API=on \
-DPYTHON_VERSION=3.6 \
+  -DPYTHON_VERSION=3.6 \
-DPYTHON_EXECUTABLE=$PATH_TO_MISP/venv/bin/python \
+  -DPYTHON_EXECUTABLE=$PATH_TO_MISP/venv/bin/python \
-DLIEF_DOC=off \
+  -DLIEF_DOC=off \
-DCMAKE_BUILD_TYPE=Release \
+  -DCMAKE_BUILD_TYPE=Release \
-..
+  ..
-$SUDO_WWW make -j3 pyLIEF
+  $SUDO_WWW make -j3 pyLIEF
-# The following adds a PYTHONPATH to where the pyLIEF module has been compiled
+  # In case you get "internal compiler error: Killed (program cc1plus)"
-echo /var/www/MISP/app/files/scripts/lief/build/api/python |$SUDO_WWW tee /var/www/MISP/venv/lib/python3.6/site-packages/lief.pth
+  # You ran out of memory.
  # Create some swap
  # sudo dd if=/dev/zero of=/var/swap.img bs=1024k count=4000
  # sudo mkswap /var/swap.img
  # sudo swapon /var/swap.img
  # And compile again
  # $SUDO_WWW make -j3 pyLIEF
-# install magic, pydeep
+  # The following adds a PYTHONPATH to where the pyLIEF module has been compiled
-$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
+  echo /var/www/MISP/app/files/scripts/lief/build/api/python |$SUDO_WWW tee /var/www/MISP/venv/lib/python3.6/site-packages/lief.pth
-# install PyMISP
+  # install magic, pydeep
-cd $PATH_TO_MISP/PyMISP
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git plyara
 $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
-# Enable python3 for php-fpm
+  # install PyMISP
-sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/php-fpm.d/www.conf
+  cd $PATH_TO_MISP/PyMISP
-sudo systemctl restart php-fpm.service
+  $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
-umask $UMASK
+  # Enable python3 for php-fpm
  sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/php-fpm.d/www.conf
  sudo systemctl restart php-fpm.service
-# Enable dependencies detection in the diagnostics page
+  umask $UMASK
-# This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings.
+
-echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" |sudo tee -a /etc/php-fpm.d/www.conf
+  # Enable dependencies detection in the diagnostics page
-sudo systemctl restart php-fpm.service
+  # This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings.
  echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" |sudo tee -a /etc/php-fpm.d/www.conf
  sudo systemctl restart php-fpm.service
 }
 # <snippet-end 1_mispCoreInstall_RHEL.sh>
 ```
-# 4/ CakePHP
+### 4/ CakePHP
 ## 4.01/ Install CakeResque along with its dependencies if you intend to use the built in background jobs
 !!! notice
@ -296,6 +320,14 @@ installCake_RHEL ()
  sudo ln -s /etc/php-fpm.d/redis.ini /etc/php.d/99-redis.ini
  sudo systemctl restart php-fpm.service
  # Install gnupg extension
  # NOT working on RHEL 8 gpgme-devel not provided
  ##sudo yum install gpgme-devel -y
  ##sudo pecl install gnupg
  ##echo "extension=gnupg.so" |sudo tee /etc/opt/rh/rh-php72/php-fpm.d/gnupg.ini
  ##sudo ln -s /etc/opt/rh/rh-php72/php-fpm.d/gnupg.ini /etc/opt/rh/rh-php72/php.d/99-gnupg.ini
  ##sudo systemctl restart rh-php72-php-fpm.service
  # If you have not yet set a timezone in php.ini
  echo 'date.timezone = "Asia/Tokyo"' |sudo tee /etc/php-fpm.d/timezone.ini
  sudo ln -s ../php-fpm.d/timezone.ini /etc/php.d/99-timezone.ini
@ -317,7 +349,7 @@ installCake_RHEL ()
 # <snippet-begin 1_installCake_RHEL.sh>
 ```
-# 5/ Set file permissions
+### 5/ Set file permissions
 ```bash
 # <snippet-begin 2_permissions_RHEL.sh>
 # Main function to fix permissions to something sane
@ -345,7 +377,7 @@ permissions_RHEL () {
 # <snippet-end 2_permissions_RHEL.sh>
 ```
-# 6/ Create database and user
+### 6/ Create database and user
 ## 6.01/ Set database to listen on localhost only
 ```bash
@ -404,7 +436,7 @@ EOF
 # <snippet-end 1_prepareDB_RHEL.sh>
 ```
-# 7/ Apache Configuration
+### 7/ Apache Configuration
 !!! notice
    SELinux note, to check if it is running:
@ -429,7 +461,9 @@ apacheConfig_RHEL () {
  # If a valid SSL certificate is not already created for the server, create a self-signed certificate:
  echo "The Common Name used below will be: ${OPENSSL_CN}"
  # This will take a rather long time, be ready. (13min on a VM, 8GB Ram, 1 core)
-  sudo openssl dhparam -out /etc/pki/tls/certs/dhparam.pem 4096
+  if [[ ! -e "/etc/pki/tls/certs/dhparam.pem" ]]; then
    sudo openssl dhparam -out /etc/pki/tls/certs/dhparam.pem 4096
  fi
  sudo openssl genrsa -des3 -passout pass:xxxx -out /tmp/misp.local.key 4096
  sudo openssl rsa -passin pass:xxxx -in /tmp/misp.local.key -out /etc/pki/tls/private/misp.local.key
  sudo rm /tmp/misp.local.key
@ -441,7 +475,6 @@ apacheConfig_RHEL () {
  sudo systemctl restart httpd.service
  # Since SELinux is enabled, we need to allow httpd to write to certain directories
  sudo chcon -t usr_t $PATH_TO_MISP/venv
  sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files
  sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/terms
  sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/tmp
@ -450,16 +483,13 @@ apacheConfig_RHEL () {
  sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/worker/start.sh
  sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/mispzmq/mispzmq.py
  sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/mispzmq/mispzmqtest.py
-  sudo chcon -t httpd_sys_script_exec_t /usr/bin/ps
+  sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/lief/build/api/python/lief.so
-  sudo chcon -t httpd_sys_script_exec_t /usr/bin/grep
+  sudo chcon -t httpd_sys_rw_content_t /tmp
  sudo chcon -t httpd_sys_script_exec_t /usr/bin/awk
  sudo chcon -t httpd_sys_script_exec_t /usr/bin/gpg
  sudo chcon -R -t usr_t $PATH_TO_MISP/venv
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/.git
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Lib
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/orgs
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/custom
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/mispzmq
@ -490,11 +520,13 @@ firewall_RHEL () {
 # <snippet-end 1_firewall_RHEL.sh>
 ```
-# 8/ Log Rotation
+### 8/ Log Rotation
 ## 8.01/ Enable log rotation
-MISP saves the stdout and stderr of it's workers in /var/www/MISP/app/tmp/logs
+MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
 To rotate these logs install the supplied logrotate script:
 FIXME: The below does not work
 ```bash
 # <snippet-begin 2_logRotation_RHEL.sh>
 logRotation_RHEL () {
@ -521,7 +553,7 @@ logRotation_RHEL () {
 # <snippet-end 2_logRotation_RHEL.sh>
 ```
-# 9/ MISP Configuration
+### 9/ MISP Configuration
 ```bash
 # <snippet-begin 2_configMISP_RHEL.sh>
@ -597,6 +629,7 @@ EOF
  sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
  sudo rm -f /tmp/gen-key-script
  sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/.gnupg
  sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/.gnupg
  # And export the public key to the webroot
  sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
@ -617,10 +650,10 @@ EOF
    Make sure that you use the same settings in the MISP Server Settings tool
 ## 9.06/ Use MISP's background workers
-### 9.06a/ Create a systemd unit for the workers
+## 9.06a/ Create a systemd unit for the workers
 ```bash
 echo "[Unit]
-Description=MISP's background workers
+Description=MISP background workers
 After=mariadb.service redis.service fpm.service
 [Service]
@ -634,9 +667,6 @@ RestartSec=10
 [Install]
 WantedBy=multi-user.target" |sudo tee /etc/systemd/system/misp-workers.service
 ```
 sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
  sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
  sudo semodule -i /tmp/misplogrotate.pp
 Make the workers' script executable and reload the systemd units :
 ```bash
@ -647,12 +677,12 @@ sudo semodule_package -o /tmp/workerstartsh.pp -m /tmp/workerstartsh.mod
 sudo semodule -i /tmp/workerstartsh.pp
 ```
-### 9.06b/ Start the workers and enable them on boot
+## 9.06b/ Start the workers and enable them on boot
 ```bash
 sudo systemctl enable --now misp-workers.service
 ```
-### 9.07/ misp-modules (Broken on RHEL8)
+## 9.07/ misp-modules (Broken on RHEL8)
 ```bash
 # some misp-modules dependencies
 sudo yum install openjpeg2-devel -y
@ -666,9 +696,10 @@ sudo yum install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-core popple
 # pip install
 $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS
 $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
 ## poppler/cpp/poppler-document.h missing, under my current setup I cannot find it in the repos.
 echo "[Unit]
-Description=MISP's modules
+Description=MISP modules
 After=misp-workers.service
 [Service]
@ -683,8 +714,51 @@ RestartSec=10
 WantedBy=multi-user.target" |sudo tee /etc/systemd/system/misp-modules.service
 sudo systemctl daemon-reload
 # Test misp-modules
 $SUDO_WWW $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s
 sudo systemctl enable --now misp-modules
  # Enable Enrichment, set better timeouts
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_hover_timeout" 150
  # TODO:"Investigate why the next one fails"
  #$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_btc_steroids_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_ipasn_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_yara_syntax_validator_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_yara_query_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_pdf_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_docx_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_xlsx_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_pptx_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_ods_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_odt_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1"
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666
  # Enable Import modules, set better timeout
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_enable" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_url" "http://127.0.0.1"
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_port" 6666
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_timeout" 300
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_ocr_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_mispjson_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_openiocimport_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_threatanalyzer_import_enabled" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true
  # Enable Export modules, set better timeout
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_enable" true
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_url" "http://127.0.0.1"
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_port" 6666
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_timeout" 300
  $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true
 ```
 {!generic/misp-dashboard-centos.md!}
 {!generic/MISP_CAKE_init.md!}
@ -693,12 +767,12 @@ sudo systemctl enable --now misp-modules
 {!generic/recommended.actions.md!}
-# 11/ LIEF Installation
+### 11/ LIEF Installation
 *lief* is required for the Advanced Attachment Handler and requires manual compilation
 The installation is explained in section **[3.01](https://misp.github.io/MISP/xINSTALL.rhel8/#301-download-misp-code-using-git-in-varwww-directory)**
-# 12/ Known Issues
+### 12/ Known Issues
 ## 12.01/ Workers cannot be started or restarted from the web page
 Possible also due to package being installed via SCL, attempting to start workers through the web page will result in error. Worker's can be restarted via the CLI using the following command.
 ```bash