as root on the server:
mkdir /eregion/temp
cd /eregion/temp
setfacl -d -m g::rwx acltest/
setfacl -d -m m::rwx acltest/
setfacl -d -m g:netusers:rwx acltest/
setfacl -m g:netusers:rwx acltest/
… now the folder /eregion/temp/acltest has mode 755, owner root:root, but still users in the netusers group can create folders and files within, that are group-owned by netusers and writeable by the netusers group…

Powered by ScribeFire.