ACL on Linux - Part 1
0 likes208 views
This document outlines the agenda for a webinar on Access Control Lists (ACLs) on Linux hosted by GLC Networks. The webinar will include an introduction to ACLs, a review of prerequisite Linux permission knowledge, a demonstration of how to configure ACLs using commands like getfacl and setfacl, a live practice session, and a question and answer period. The trainer, Achmad Mardiansyah, will lead the webinar and has over 20 years of experience working with Linux and Mikrotik networks.
ACL on Linux - Part 1
- 1. www.glcnetworks.com Access Control List (ACL) on Linux GLC Webinar, 21 Dec 2021 Achmad Mardiansyah M. Taufik nurhuda 1
- 2. www.glcnetworks.com Agenda ● Introduction ● Review prerequisite knowledge ● Permission in UNIX ● ACL ● Live practice ● Q & A 2
- 4. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● Based in Bandung, Indonesia ● Areas: Training, IT Consulting ● Certified partner for: Mikrotik, Ubiquity, Linux foundation ● Product: GLC radius manager ● Regular event 4
- 5. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since 1999, mikrotik user since 2007, UBNT 2011 ● Mikrotik Certified Trainer (MTCNA/RE/WE/UME/INE/TCE/IPv6) ● Mikrotik/Linux Certified Consultant ● Website contributor: achmadjournal.com, mikrotik.tips, asysadmin.tips ● More info: http://au.linkedin.com/in/achmadmardiansyah 5
- 6. www.glcnetworks.com Past experience 6 ● 2021 (PNG, Malaysia): network support, radius/billing integration ● 2020 (Congo DRC, Malaysia): IOT integration, network automation ● 2019, Congo (DRC): build a wireless ISP from ground-up ● 2018, Malaysia: network revamp, develop billing solution and integration, setup dynamic routing ● 2017, Libya (north africa): remote wireless migration for a new Wireless ISP ● 2016, United Kingdom: workshop for wireless ISP, migrating a bridged to routed network
- 7. www.glcnetworks.com About GLC webinar? ● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS) ● As a sharing event with various topics: linux, networking, wireless, database, programming, etc ● Regular schedule ● Irregular schedule: as needed ● Checking schedule: http://www.glcnetworks.com/schedule ● You are invited to be a presenter ○ No need to be an expert ○ This is a forum for sharing: knowledge, experiences, information 7
- 8. www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 8
- 9. www.glcnetworks.com Prerequisite ● This presentation requires some prerequisite knowledge ● We assume you already know: ○ Linux in general ○ Linux command line 9
- 11. www.glcnetworks.com UNIX object (everything is a file) 11
- 12. www.glcnetworks.com Welcome to UNIX ● UNIX is an Operating system ● UNIX/Linux has FHS, File Hierarchy Standard ● UNIX has system to manage files -> filesystem ○ Ext3, ext4 ○ XFS ○ etc ● In UNIX, everything is a file ○ Folder ○ Harddisk (block device) ○ keyboard/mouse ○ etc 12
- 13. www.glcnetworks.com File security, access control 13
- 14. www.glcnetworks.com Security concepts ● User → accessing → objects ● User has: ○ User ID ○ GroupID ● Objects has: ○ Ownership ■ User (owner) ■ Group ○ Permission ■ Permission for owner ■ Permission for group ■ Permission for others 14 Source: www.guru99.com
- 16. www.glcnetworks.com File ownership ● Every file must have owner and belong to a group ● Only superuser (root) can change ownership ● To change ownership use command “chown” 16 Source: www.digitalocean.com
- 18. www.glcnetworks.com File permission ● Explain how you can access the file/folder ○ File ■ Can you read the file ■ Can you modify the file ■ Can you execute the file ○ Folder ■ Can you list the folder content ■ Can you delete the folder content ■ Can you change directory 18 Source: pressidium.com
- 20. www.glcnetworks.com Configure access ● File permission is done by owner ● Use command: chmod ● Mode: ○ Symbolic ○ Octal 20 Source: www.thegeekdiary.com
- 23. www.glcnetworks.com Access Control List (ACL) 23
- 24. www.glcnetworks.com Configure ACL ACL is used to provide a fine-grained permission. Example: ● user1: read only ● user2: read, write ● user3: readonly ● user4: read, execute Command used: getfacl, setfacl Notes: ● Make sure ACL is supported on OS (check fstab) ● There are different setfacl implementation among OSes ● Get info: man setfacl 24
- 26. www.glcnetworks.com preparation ● SSH client ● SSH parameters ○ SSH address ○ SSH port ○ SSH username ○ SSH password 26
- 28. www.glcnetworks.com Interested? Just come to our training... ● Topics are arranged in systematic and logical way ● You will learn from experienced teacher ● Not only learn the materials, but also sharing experiences, best-practices, and networking 28
- 29. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Find our further event on our website : https://www.glcnetworks.com/en/ ● Like our facebook page: https://www.facebook.com/glcnetworks ● Slide: https://www.slideshare.net/glcnetworks/ ● Discord (bahasa indonesia): (https://discord.gg/6MZ3KUHHBX) ● Recording (youtube): https://www.youtube.com/c/GLCNetworks ● Stay tune with our schedule ● Any questions? 29