diff --git a/doc/01-About.md b/doc/01-About.md
index e2c9d4932..d815f7c41 100644
--- a/doc/01-About.md
+++ b/doc/01-About.md
@@ -1,9 +1,9 @@
-# About Icinga Web 2
+# About Icinga Web 2
Icinga Web 2 is a powerful PHP framework for web applications that comes in a clean and reduced design.
It's fast, responsive, accessible and easily extensible with modules.
-## The monitoring module
+## The monitoring module
This is the core module for most Icinga Web 2 users.
@@ -14,20 +14,20 @@ you can sort and filter depending on what you want to see.
You can also control the monitoring process itself by sending external commands to Icinga.
Most such actions (like rescheduling a check) can be done with just a single click.
-## Installation
+## Installation
Icinga Web 2 can be installed easily from packages from the official package repositories.
Setting it up is also easy with the web based setup wizard.
See [here](02-Installation.md#installation) for more information about the installation.
-## Configuration
+## Configuration
Icinga Web 2 can be configured via the user interface and .ini files.
See [here](03-Configuration.md#configuration) for more information about the configuration.
-## Authentication
+## Authentication
With Icinga Web 2 you can authenticate against relational databases, LDAP and more.
These authentication methods can be easily configured (via the corresponding .ini file).
@@ -35,7 +35,7 @@ These authentication methods can be easily configured (via the corresponding .in
See [here](05-Authentication.md#authentication) for more information about
the different authentication methods available and how to configure them.
-## Authorization
+## Authorization
In Icinga Web 2 there are permissions and restrictions to allow and deny (respectively)
roles to view or to do certain things.
@@ -44,7 +44,7 @@ These roles can be assigned to users and groups.
See [here](06-Security.md#security) for more information about authorization
and how to configure roles.
-## User preferences
+## User preferences
Besides the global configuration each user has individual configuration options
like the interface's language or the current timezone.
@@ -53,13 +53,13 @@ They can be stored either in a database or in .ini files.
See [here](07-Preferences.md#preferences) for more information about a user's preferences
and how to configure their storage type.
-## Documentation
+## Documentation
With the documentation module you can read the documentation of the framework (and any module) directly in the user interface.
The module can also export the documentation to PDF.
-## Translation
+## Translation
With the translation module every piece of text in the user interface (of the framework itself and any module) can be translated to a language of your choice.
diff --git a/doc/02-Installation.md b/doc/02-Installation.md
index 4ea058566..84fd92ff2 100644
--- a/doc/02-Installation.md
+++ b/doc/02-Installation.md
@@ -1,4 +1,4 @@
-# Installation
+# Installation
The preferred way of installing Icinga Web 2 is to use the official package repositories depending on which operating
system and distribution you are running. But it is also possible to install Icinga Web 2 directly from source.
@@ -7,7 +7,7 @@ In case you are upgrading from an older version of Icinga Web 2
please make sure to read the [upgrading](02-Installation.md#upgrading) section
thoroughly.
-## Installing Requirements
+## Installing Requirements
* A web server, e.g. Apache or nginx
* PHP >= 5.3.0 w/ gettext, intl, mbstring and OpenSSL support
@@ -18,7 +18,7 @@ thoroughly.
* MySQL or PostgreSQL PHP libraries
* cURL PHP library when using the Icinga 2 API for transmitting external commands
-### PageSpeed Module Incompatibility
+### PageSpeed Module Incompatibility
It seems that Web 2 is not compatible with the PageSpeed module. Please disable the PageSpeed module using one of the
following methods.
@@ -33,7 +33,7 @@ ModPagespeedDisallow "*/icingaweb2/*"
pagespeed Disallow "*/icingaweb2/*";
```
-## Installing Icinga Web 2 from Package
+## Installing Icinga Web 2 from Package
Below is a list of official package repositories for installing Icinga Web 2 for various operating systems.
@@ -52,7 +52,7 @@ Below is a list of official package repositories for installing Icinga Web 2 for
Packages for distributions other than the ones listed above may also be available.
Please contact your distribution packagers.
-### Setting up Package Repositories
+### Setting up Package Repositories
You need to add the Icinga repository to your package management configuration for installing Icinga Web 2.
If you've already configured your OS to use the Icinga repository for installing Icinga 2, you may skip this step.
@@ -119,7 +119,7 @@ apk update
>
> Latest version of Icinga Web 2 is in the edge repository, which is the -dev branch.
-#### RHEL/CentOS Notes
+#### RHEL/CentOS Notes
The packages for RHEL/CentOS depend on other packages which are distributed as part of the
[EPEL repository](http://fedoraproject.org/wiki/EPEL). Please make sure to enable this repository by following
@@ -128,14 +128,14 @@ The packages for RHEL/CentOS depend on other packages which are distributed as p
> Please note that installing Icinga Web 2 on **RHEL/CentOS 5** is not supported due to EOL versions of PHP and PostgreSQL.
-#### Alpine Linux Notes
+#### Alpine Linux Notes
The example provided suppose that you are running Alpine edge, which is the -dev branch and is a rolling release.
If you are using a stable version, in order to use the latest Icinga Web 2 version you should "pin" the edge repository.
In order to correctly manage your repository, please follow
[these instructions](https://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management).
-### Installing Icinga Web 2
+### Installing Icinga Web 2
You can install Icinga Web 2 by using your distribution's package manager to install the `icingaweb2` package.
Below is a list with examples for various distributions. The additional package `icingacli` is necessary on RPM based systems for being able to follow further steps in this guide. In DEB based systems, the icingacli binary is included in the icingaweb2 package.
@@ -162,7 +162,7 @@ apk add icingaweb2
```
For Alpine Linux please read the [package repositories notes](#package-repositories-alpine-notes).
-### Preparing Web Setup
+### Preparing Web Setup
You can set up Icinga Web 2 quickly and easily with the Icinga Web 2 setup wizard which is available the first time
you visit Icinga Web 2 in your browser. When using the web setup you are required to authenticate using a token.
@@ -179,12 +179,12 @@ icingacli setup token show
Finally visit Icinga Web 2 in your browser to access the setup wizard and complete the installation:
`/icingaweb2/setup`.
-## Installing Icinga Web 2 from Source
+## Installing Icinga Web 2 from Source
Although the preferred way of installing Icinga Web 2 is to use packages, it is also possible to install Icinga Web 2
directly from source.
-### Getting the Source
+### Getting the Source
First of all, you need to download the sources. Icinga Web 2 is available through a Git repository. You can clone this
repository either via git or http protocol using the following URLs:
@@ -200,7 +200,7 @@ This version also offers snapshots for easy download which you can use if you do
git clone git://git.icinga.com/icingaweb2.git
```
-### Installing Requirements from Source
+### Installing Requirements from Source
You will need to install certain dependencies depending on your setup listed [here](02-Installation.md#installing-requirements).
@@ -217,7 +217,7 @@ yum install php php-gd php-intl php-ZendFramework php-ZendFramework-Db-Adapter-P
The setup wizard will check the pre-requisites later on.
-### Installing Icinga Web 2
+### Installing Icinga Web 2
Choose a target directory and move Icinga Web 2 there.
@@ -225,7 +225,7 @@ Choose a target directory and move Icinga Web 2 there.
mv icingaweb2 /usr/share/icingaweb2
```
-### Configuring the Web Server
+### Configuring the Web Server
Use `icingacli` to generate web server configuration for either Apache or nginx.
@@ -261,7 +261,7 @@ Example for Apache on Alpine Linux:
```
icingacli setup config webserver apache --document-root /usr/share/webapps/icingaweb2/public > /etc/apache2/conf.d/icingaweb2.conf
```
-### Preparing Icinga Web 2 Setup
+### Preparing Icinga Web 2 Setup
You can set up Icinga Web 2 quickly and easily with the Icinga Web 2 setup wizard which is available the first time
you visit Icinga Web 2 in your browser. Please follow the steps listed below for preparing the web setup.
@@ -326,7 +326,7 @@ In case you do not remember the token you can show it using the `icingacli`:
./bin/icingacli setup token show
```
-### Icinga Web 2 Setup Wizard
+### Icinga Web 2 Setup Wizard
Finally visit Icinga Web 2 in your browser to access the setup wizard and complete the installation:
`/icingaweb2/setup`.
@@ -334,7 +334,7 @@ Finally visit Icinga Web 2 in your browser to access the setup wizard and comple
Paste the previously generated token and follow the steps on-screen. Then you are done here.
-### Icinga Web 2 Manual Setup
+### Icinga Web 2 Manual Setup
If you have chosen not to run the setup wizard, you will need further knowledge
about
@@ -354,7 +354,7 @@ Puppet, Ansible, Chef, etc. modules.
> If you are unsure about certain settings, use the [setup wizard](02-Installation.md#web-setup-wizard-from-source) once
> and then collect the generated configuration as well as sql dumps.
-#### Icinga Web 2 Manual Database Setup
+#### Icinga Web 2 Manual Database Setup
Create the database and add a new user as shown below for MySQL:
@@ -379,7 +379,7 @@ INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('icingaadmin',
quit
```
-#### Icinga Web 2 Manual Configuration
+#### Icinga Web 2 Manual Configuration
[resources.ini](04-Resources.md#resources) providing the details for the Icinga Web 2 and
@@ -445,7 +445,7 @@ users = "icingaadmin"
permissions = "*"
```
-#### Icinga Web 2 Manual Configuration Monitoring Module
+#### Icinga Web 2 Manual Configuration Monitoring Module
**config.ini** defining additional security settings.
@@ -477,33 +477,33 @@ transport = "local"
path = "/var/run/icinga2/cmd/icinga2.cmd"
```
-#### Icinga Web 2 Manual Setup Login
+#### Icinga Web 2 Manual Setup Login
Finally visit Icinga Web 2 in your browser to login as `icingaadmin` user: `/icingaweb2`.
-## Upgrading Icinga Web 2
+## Upgrading Icinga Web 2
-### Upgrading to Icinga Web 2 2.4.x
+### Upgrading to Icinga Web 2 2.4.x
* Icinga Web 2 version 2.4.x does not introduce any backward incompatible change.
-### Upgrading to Icinga Web 2 2.3.x
+### Upgrading to Icinga Web 2 2.3.x
* Icinga Web 2 version 2.3.x does not introduce any backward incompatible change.
-### Upgrading to Icinga Web 2 2.2.0
+### Upgrading to Icinga Web 2 2.2.0
* The menu entry `Authorization` beneath `Config` has been renamed to `Authentication`. The role, user backend and user
group backend configuration which was previously found beneath `Authentication` has been moved to `Application`.
-### Upgrading to Icinga Web 2 2.1.x
+### Upgrading to Icinga Web 2 2.1.x
* Since Icinga Web 2 version 2.1.3 LDAP user group backends respect the configuration option `group_filter`.
Users who changed the configuration manually and used the option `filter` instead
have to change it back to `group_filter`.
-### Upgrading to Icinga Web 2 2.0.0
+### Upgrading to Icinga Web 2 2.0.0
* Icinga Web 2 installations from package on RHEL/CentOS 7 now depend on `php-ZendFramework` which is available through
the [EPEL repository](http://fedoraproject.org/wiki/EPEL). Before, Zend was installed as Icinga Web 2 vendor library
@@ -525,7 +525,7 @@ Finally visit Icinga Web 2 in your browser to login as `icingaadmin` user: `/ici
**<config-dir>/preferences/<username>/config.ini**.
The content of the file remains unchanged.
-### Upgrading to Icinga Web 2 Release Candidate 1
+### Upgrading to Icinga Web 2 Release Candidate 1
The first release candidate of Icinga Web 2 introduces the following non-backward compatible changes:
@@ -544,12 +544,12 @@ The first release candidate of Icinga Web 2 introduces the following non-backwar
predefined subset of filter columns. Please see the module's security
related documentation for more details.
-### Upgrading to Icinga Web 2 Beta 3
+### Upgrading to Icinga Web 2 Beta 3
Because Icinga Web 2 Beta 3 does not introduce any backward incompatible change you don't have to change your
configuration files after upgrading to Icinga Web 2 Beta 3.
-### Upgrading to Icinga Web 2 Beta 2
+### Upgrading to Icinga Web 2 Beta 2
Icinga Web 2 Beta 2 introduces access control based on roles for secured actions. If you've already set up Icinga Web 2,
you are required to create the file **roles.ini** beneath Icinga Web 2's configuration directory with the following
diff --git a/doc/03-Configuration.md b/doc/03-Configuration.md
index 879c11545..87aedc41e 100644
--- a/doc/03-Configuration.md
+++ b/doc/03-Configuration.md
@@ -1,6 +1,6 @@
-# Configuration
+# Configuration
-## Overview
+## Overview
Apart from its web configuration capabilities, the local configuration is
stored in `/etc/icingaweb2` by default (depending on your config setup).
@@ -8,7 +8,7 @@ stored in `/etc/icingaweb2` by default (depending on your config setup).
| File/Directory | Description/Purpose |
| ------------------------------------------------- | ------------------- |
| **config.ini** | general configuration (logging, preferences, etc.) |
-| [**resources.ini**](04-Ressources.md) | global resources (Icinga Web 2 database for preferences and authentication, Icinga IDO database) |
+| [**resources.ini**](04-Resources.md) | global resources (Icinga Web 2 database for preferences and authentication, Icinga IDO database) |
| **roles.ini** | user specific roles (e.g. `administrators`) and permissions |
| [**authentication.ini**](05-Authentication.md) | authentication backends (e.g. database) |
| **enabledModules** | contains symlinks to enabled modules |
diff --git a/doc/04-Resources.md b/doc/04-Resources.md
index e2a5c311b..5685c43e5 100644
--- a/doc/04-Resources.md
+++ b/doc/04-Resources.md
@@ -1,17 +1,17 @@
-# Resources
+# Resources
The configuration file `config/resources.ini` contains information about data sources that can be referenced in other
configuration files. This allows you to manage all data sources at one central place, avoiding the need to edit several
different files, when the information about a data source changes.
-## Configuration
+## Configuration
Each section in `config/resources.ini` represents a data source with the section name being the identifier used to
reference this specific data source. Depending on the data source type, the sections define different directives.
The available data source types are *db*, *ldap*, *ssh* and *livestatus* which will described in detail in the following
paragraphs.
-### Database
+### Database
A Database resource defines a connection to a SQL databases which can contain users and groups
to handle authentication and authorization, monitoring data or user preferences.
@@ -27,7 +27,7 @@ to handle authentication and authorization, monitoring data or user preferences.
| **dbname** | The database to use. |
| **charset** | The character set to use for the database connection. |
-#### Example
+#### Example
```
[icingaweb-mysql-tcp]
@@ -57,7 +57,7 @@ password = icingaweb
dbname = icingaweb
```
-### LDAP
+### LDAP
A LDAP resource represents a tree in a LDAP directory. LDAP is usually used for authentication and authorization.
@@ -71,7 +71,7 @@ A LDAP resource represents a tree in a LDAP directory. LDAP is usually used for
| **bind_pw** | The password to use when connecting to the server. |
| **encryption** | Type of encryption to use: `none` (default), `starttls`, `ldaps`. |
-#### Example
+#### Example
```
[ad]
@@ -83,7 +83,7 @@ bind_dn = "cn=admin,ou=people,dc=icinga,dc=org"
bind_pw = admin
```
-### SSH
+### SSH
A SSH resource contains the information about the user and the private key location, which can be used for the key-based
ssh authentication.
@@ -94,7 +94,7 @@ ssh authentication.
| **user** | The username to use when connecting to the server. |
| **private_key** | The path to the private key of the user. |
-#### Example
+#### Example
```
diff --git a/doc/05-Authentication.md b/doc/05-Authentication.md
index ebf349c62..3752bb4b5 100644
--- a/doc/05-Authentication.md
+++ b/doc/05-Authentication.md
@@ -1,4 +1,4 @@
-# Authentication
+# Authentication
**Choosing the Authentication Method**
@@ -8,7 +8,7 @@ authentication to the web server.
Authentication methods can be chained to set up fallback authentication methods
or if users are spread over multiple places.
-## Configuration
+## Configuration
Authentication methods are configured in the INI file **config/authentication.ini**.
@@ -18,7 +18,7 @@ The order of entries in the authentication configuration determines the order of
If the current authentication method errors or if the current authentication method does not know the account being
authenticated, the next authentication method will be used.
-## External Authentication
+## External Authentication
For delegating authentication to the web server simply add `autologin` to your authentication configuration:
@@ -29,7 +29,7 @@ backend = external
If your web server is not configured for authentication though, the `autologin` section has no effect.
-### Example Configuration for Apache and Basic Authentication
+### Example Configuration for Apache and Basic Authentication
The following example will show you how to enable external authentication in Apache
using **Basic access authentication**.
@@ -60,13 +60,13 @@ Require valid-user
Restart your web server to apply the changes.
-## Active Directory or LDAP Authentication
+## Active Directory or LDAP Authentication
If you want to authenticate against Active Directory or LDAP, you have to define a
[LDAP resource](04-Resources.md#resources-configuration-ldap) which will be referenced as data source for the
Active Directory or LDAP configuration method.
-### LDAP
+### LDAP
| Directive | Description |
| ------------------------- | ----------- |
@@ -91,7 +91,7 @@ Note that in case the set *user_name_attribute* holds multiple values it is requ
values are unique. Additionally, a user will be logged in using the exact user id used to authenticate
with Icinga Web 2 (e.g. an alias) no matter what the primary user id might actually be.
-### Active Directory
+### Active Directory
| Directive | Description |
| ------------- | ----------- |
@@ -106,7 +106,7 @@ backend = msldap
resource = my_ad
```
-## Database Authentication
+## Database Authentication
If you want to authenticate against a MySQL or a PostgreSQL database, you have to define a
[database resource](04-Resources.md#resources-configuration-database) which will be referenced as data source for the database
@@ -125,7 +125,7 @@ backend = db
resource = icingaweb-mysql
```
-### Database Setup
+### Database Setup
For authenticating against a database, you have to import one of the following database schemas:
@@ -151,7 +151,7 @@ Insert the user into the database using the generated password hash:
INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('icingaadmin', 1, 'hash from openssl');
```
-## Domain-aware Authentication
+## Domain-aware Authentication
If there are multiple LDAP/AD authentication backends with distinct domains, you should make Icinga Web 2 aware of the
domains. This is possible since version 2.5 and can be done by configuring each LDAP/AD backend's domain. You can also
@@ -184,7 +184,7 @@ converted to "rroe@EXAMPLE" as soon as the user logs in.
Enabling domain-awareness or changing domains in existing setups requires migration of the usernames in the Icinga Web 2
configuration. Consult `icingacli --help migrate config users` for details.
-### Default Domain
+### Default Domain
For the sake of simplicity a default domain can be configured (in `config.ini`).
@@ -198,15 +198,15 @@ default_domain = "icinga.com"
If you configure the default domain like above, the user "jdoe@icinga.com" will be able to just type "jdoe" as username
while logging in.
-### How it works
+### How it works
-### Active Directory
+### Active Directory
When the user "jdoe@ICINGA" logs in, Icinga Web 2 walks through all configured authentication backends until it finds
one which is responsible for that user -- e.g. an Active Directory backend with the domain "ICINGA". Then Icinga Web 2
asks that backend to authenticate the user with the sAMAccountName "jdoe".
-### SQL Database
+### SQL Database
When the user "jdoe@icinga.com" logs in, Icinga Web 2 walks through all configured authentication backends until it
finds one which is responsible for that user -- e.g. a MySQL backend (SQL database backends aren't domain-aware). Then
diff --git a/doc/06-Security.md b/doc/06-Security.md
index 7c0fd40f4..56b2c3914 100644
--- a/doc/06-Security.md
+++ b/doc/06-Security.md
@@ -1,4 +1,4 @@
-# Security
+# Security
Access control is a vital part of configuring Icinga Web 2 in a secure way.
It is important that not every user that has access to Icinga Web 2 is able
@@ -11,7 +11,7 @@ environment they are in charge of.
This chapter will describe how to do the security configuration of Icinga Web 2
and how to apply permissions and restrictions to users or groups of users.
-## Basics
+## Basics
Icinga Web 2 access control is done by defining **roles** that associate permissions
and restrictions with **users** and **groups**. There are two general kinds of
@@ -28,7 +28,7 @@ A permission is a simple list of identifiers of actions a user is
allowed to do. Permissions are described in greater detail in the
section [Permissions](#permissions).
-### Objects
+### Objects
There are all kinds of different objects in Icinga Web 2: Hosts, Services, Notifications, Downtimes and Events.
@@ -118,7 +118,7 @@ allows the hosts and services that match the filter `host_name=*win*` to be disp
by this role.
-#### Syntax
+#### Syntax
Each role is defined as a section, with the name of the role as section name. The following
attributes can be defined for each role in a default Icinga Web 2 installation:
@@ -133,7 +133,7 @@ attributes can be defined for each role in a default Icinga Web 2 installation:
-## Permissions
+## Permissions
Permissions can be used to allow users or groups certain **actions**. By default,
all actions are **prohibited** and must be allowed explicitly by a role for any user.
@@ -153,7 +153,7 @@ a module permission in the format `module/` for each installed modul
When multiple roles assign permissions to the same user (either directly or indirectly
through a group) all permissions are added together to get the users actual permission set.
-### Global Permissions
+### Global Permissions
| Name | Permits |
| ----------------------------- | ------------ |
@@ -163,13 +163,13 @@ through a group) all permissions are added together to get the users actual perm
| **module/<moduleName>** | allow access to module <moduleName> |
-### Monitoring Module Permissions
+### Monitoring Module Permissions
The built-in monitoring module defines an additional set of permissions, that
is described in detail in the monitoring module documentation.
-## Restrictions
+## Restrictions
Restrictions can be used to define what a user or group can see by specifying
a filter expression that applies to a defined set of data. By default, when no
@@ -213,7 +213,7 @@ results of this query instead:
+--- service_handled = 0
-#### Stacking Filters
+#### Stacking Filters
When multiple roles assign restrictions to the same user, either directly or indirectly
through a group, all filters will be combined using an **OR-Clause**, resulting in the final
diff --git a/doc/07-Preferences.md b/doc/07-Preferences.md
index 8348fd886..ea24e5b89 100644
--- a/doc/07-Preferences.md
+++ b/doc/07-Preferences.md
@@ -1,4 +1,4 @@
-# Preferences
+# Preferences
Preferences are settings a user can set for his account only, for example his language and time zone.
@@ -7,11 +7,11 @@ Preferences are settings a user can set for his account only, for example his la
Preferences can be stored either in INI files or in a MySQL or in a PostgreSQL database. By default, Icinga Web 2 stores
preferences in INI files beneath Icinga Web 2's configuration directory.
-## Configuration
+## Configuration
Where to store preferences is defined in the INI file **config/config.ini** in the *preferences* section.
-### Store Preferences in INI Files
+### Store Preferences in INI Files
If preferences are stored in INI Files, Icinga Web 2 automatically creates one file per user using the username as
file name for storing preferences. A INI file is created once a user saves changed preferences the first time.
@@ -24,7 +24,7 @@ For storing preferences in INI files you have to add the following section to th
type = ini
```
-### Store Preferences in a Database
+### Store Preferences in a Database
In order to be more flexible in distributed setups you can store preferences in a MySQL or in a PostgreSQL database.
For storing preferences in a database, you have to define a [database resource](04-Resources.md#resources-configuration-database)
@@ -43,7 +43,7 @@ type = db
resource = icingaweb-mysql
```
-#### Database Setup
+#### Database Setup
For storing preferences in a database, you have to import one of the following database schemas:
diff --git a/doc/90-SELinux.md b/doc/90-SELinux.md
index b5e81f2f6..ee34733e2 100644
--- a/doc/90-SELinux.md
+++ b/doc/90-SELinux.md
@@ -1,6 +1,6 @@
-# SELinux
+# SELinux
-## Introduction
+## Introduction
SELinux is a mandatory access control (MAC) system on Linux which adds a fine granular permission system for access
to all resources on the system such as files, devices, networks and inter-process communication.
@@ -11,7 +11,7 @@ For more details on SELinux and how to actually use and administrate it on your
For a simplified (and funny) introduction download the [SELinux Coloring Book](https://github.com/mairin/selinux-coloring-book).
-## Policy
+## Policy
Icinga Web 2 is providing its own SELinux policy for Red Hat Enterprise Linux 7 and its derivates running the targeted
policy which confines Icinga Web 2 with support for all its modules. All other distributions will require some tweaks.
@@ -20,7 +20,7 @@ It is not upstreamed to the reference policies yet.
The policy for Icinga Web 2 will also require the policy for Icinga 2 which provides access to its interfaces.
It covers only the scenario running Icinga Web 2 in Apache HTTP Server with mod_php.
-## Installation
+## Installation
There are two ways to install the SELinux Policy for Icinga Web 2 on Enterprise Linux 7.
Either install it from the provided package which is the preferred option or intall the policy manually, if you need
@@ -42,13 +42,13 @@ Verify that the system runs in enforcing mode.
If problems occur, you can set icinga2 or httpd to run to run its domain in permissive mode.
You can change the configured mode by editing `/etc/selinux/config` and the current mode by executing `setenforce 0`.
-### Package installation
+### Package installation
Simply add the `selinux` subpackage to your installation.
yum install icingaweb2-selinux
-### Manual installation
+### Manual installation
This section describes the manual installation to support development and testing.
@@ -73,19 +73,19 @@ Verify that Apache runs in its own domain `httpd_t` and the Icinga Web 2 configu
ls -ldZ /etc/icingaweb2/
# drwxrws---. root icingaweb2 system_u:object_r:icingaweb2_config_t:s0 /etc/icingaweb2/
-## General
+## General
When the SELinux policy package for Icinga Web 2 is installed, it creates its own type of apache content and labels its
configuration `icingaweb2_config_t` to allow confining access to it.
-## Types
+## Types
The configuration is labeled `icingaweb2_config_t` and other services can request access to it by using the interfaces
`icingaweb2_read_config` and `icingaweb2_manage_config`.
Files requiring read access are labeled `icingaweb2_content_t`. Files requiring write access are labeled
`icingaweb2_rw_content_t`.
-## Booleans
+## Booleans
SELinux is based on the least level of access required for a service to run. Using booleans you can grant more access in
a defined way. The Icinga Web 2 policy package provides the following booleans.
@@ -96,7 +96,7 @@ Having this boolean enabled allows httpd to write to the configuration labeled `
default. If not needed, you can disable it for more security. But this will disable all web based configuration of
Icinga Web 2.
-## Bugreports
+## Bugreports
If you experience any problems while running SELinux in enforcing mode try to reproduce it in permissive mode. If the
problem persists, it is not related to SELinux because in permissive mode SELinux will not deny anything.
diff --git a/doc/99-Vagrant.md b/doc/99-Vagrant.md
index b0d4a28c4..2c5e9ad6e 100644
--- a/doc/99-Vagrant.md
+++ b/doc/99-Vagrant.md
@@ -1,4 +1,4 @@
-# Vagrant
+# Vagrant
This chapter shows how to set up and use our [Icinga Vagrant
boxes](https://github.com/icinga/icinga-vagrant) that we've created for