This document outlines the agenda for a webinar on Access Control Lists (ACLs) on Linux hosted by GLC Networks. The webinar will include an introduction to ACLs, a review of prerequisite Linux permission knowledge, a demonstration of how to configure ACLs using commands like getfacl and setfacl, a live practice session, and a question and answer period. The trainer, Achmad Mardiansyah, will lead the webinar and has over 20 years of experience working with Linux and Mikrotik networks.

1. www.glcnetworks.com
Access Control
List (ACL) on
Linux
GLC Webinar,
21 Dec 2021
Achmad Mardiansyah
M. Taufik nurhuda
1

2. www.glcnetworks.com
Agenda
● Introduction
● Review prerequisite knowledge
● Permission in UNIX
● ACL
● Live practice
● Q & A
2

3. www.glcnetworks.com
introduction
3

4. www.glcnetworks.com
What is GLC?
● Garda Lintas Cakrawala (www.glcnetworks.com)
● Based in Bandung, Indonesia
● Areas: Training, IT Consulting
● Certified partner for: Mikrotik, Ubiquity, Linux foundation
● Product: GLC radius manager
● Regular event
4

5. www.glcnetworks.com
Trainer Introduction
● Name: Achmad Mardiansyah
● Base: bandung, Indonesia
● Linux user since 1999, mikrotik user since 2007, UBNT
2011
● Mikrotik Certified Trainer
(MTCNA/RE/WE/UME/INE/TCE/IPv6)
● Mikrotik/Linux Certified Consultant
● Website contributor: achmadjournal.com, mikrotik.tips,
asysadmin.tips
● More info:
http://au.linkedin.com/in/achmadmardiansyah
5

6. www.glcnetworks.com
Past experience
6
● 2021 (PNG, Malaysia): network support, radius/billing
integration
● 2020 (Congo DRC, Malaysia): IOT integration,
network automation
● 2019, Congo (DRC): build a wireless ISP from
ground-up
● 2018, Malaysia: network revamp, develop billing
solution and integration, setup dynamic routing
● 2017, Libya (north africa): remote wireless migration
for a new Wireless ISP
● 2016, United Kingdom: workshop for wireless ISP,
migrating a bridged to routed network

7. www.glcnetworks.com
About GLC webinar?
● First webinar: january 1, 2010 (title:
tahun baru bersama solaris - new year
with solaris OS)
● As a sharing event with various topics:
linux, networking, wireless, database,
programming, etc
● Regular schedule
● Irregular schedule: as needed
● Checking schedule:
http://www.glcnetworks.com/schedule
● You are invited to be a presenter
○ No need to be an expert
○ This is a forum for sharing: knowledge,
experiences, information
7

8. www.glcnetworks.com
Please introduce yourself
● Your name
● Your company/university?
● Your networking experience?
● Your mikrotik experience?
● Your expectation from this course?
8

9. www.glcnetworks.com
Prerequisite
● This presentation requires some prerequisite knowledge
● We assume you already know:
○ Linux in general
○ Linux command line
9

10. www.glcnetworks.com
Review prerequisite knowledge
10

11. www.glcnetworks.com
UNIX object (everything is a file)
11

12. www.glcnetworks.com
Welcome to UNIX
● UNIX is an Operating system
● UNIX/Linux has FHS, File Hierarchy Standard
● UNIX has system to manage files -> filesystem
○ Ext3, ext4
○ XFS
○ etc
● In UNIX, everything is a file
○ Folder
○ Harddisk (block device)
○ keyboard/mouse
○ etc
12

13. www.glcnetworks.com
File security, access control
13

14. www.glcnetworks.com
Security concepts
● User → accessing → objects
● User has:
○ User ID
○ GroupID
● Objects has:
○ Ownership
■ User (owner)
■ Group
○ Permission
■ Permission for owner
■ Permission for group
■ Permission for others
14
Source: www.guru99.com

15. www.glcnetworks.com
File ownership
15

16. www.glcnetworks.com
File ownership
● Every file must have owner and belong to a group
● Only superuser (root) can change ownership
● To change ownership use command “chown”
16
Source: www.digitalocean.com

17. www.glcnetworks.com
File permission
17

18. www.glcnetworks.com
File permission
● Explain how you can access the file/folder
○ File
■ Can you read the file
■ Can you modify the file
■ Can you execute the file
○ Folder
■ Can you list the folder content
■ Can you delete the folder content
■ Can you change directory
18
Source: pressidium.com

19. www.glcnetworks.com
Permission
19

20. www.glcnetworks.com
Configure access
● File permission is done by owner
● Use command: chmod
● Mode:
○ Symbolic
○ Octal
20
Source: www.thegeekdiary.com

21. www.glcnetworks.com
Symbolic mode
21
Source: CSCI330

22. www.glcnetworks.com
octal mode
22
Source: CSCI330

23. www.glcnetworks.com
Access Control List (ACL)
23

24. www.glcnetworks.com
Configure ACL
ACL is used to provide a fine-grained permission. Example:
● user1: read only
● user2: read, write
● user3: readonly
● user4: read, execute
Command used: getfacl, setfacl
Notes:
● Make sure ACL is supported on OS (check fstab)
● There are different setfacl implementation among OSes
● Get info: man setfacl
24

25. www.glcnetworks.com
LIVE practice
25

26. www.glcnetworks.com
preparation
● SSH client
● SSH parameters
○ SSH address
○ SSH port
○ SSH username
○ SSH password
26

27. www.glcnetworks.com
Q & A
27

28. www.glcnetworks.com
Interested? Just come to our training...
● Topics are arranged in systematic and logical way
● You will learn from experienced teacher
● Not only learn the materials, but also sharing experiences, best-practices, and
networking
28

29. www.glcnetworks.com
End of slides
● Thank you for your attention
● Please submit your feedback: http://bit.ly/glcfeedback
● Find our further event on our website : https://www.glcnetworks.com/en/
● Like our facebook page: https://www.facebook.com/glcnetworks
● Slide: https://www.slideshare.net/glcnetworks/
● Discord (bahasa indonesia): (https://discord.gg/6MZ3KUHHBX)
● Recording (youtube): https://www.youtube.com/c/GLCNetworks
● Stay tune with our schedule
● Any questions?
29