Need assistance on ACL

Hi Friends,

I went through the ACL threads that were posted in the past but none were matching to my requirement . Hence starting a new thread .

Challenge :
user : a
group : Test1

user: b
group: Test2

Say under user a i create dir /tmp/debug with the privilege of 755 and also setfacl as setfacl -m d:g:Test2:rwx /tmp/debug . Why is that i am still not able to create any files in the directory as the user b even though the group Test2 is been granted full access .

below is the demo for the same :
Oracle Linux Server release 6.2

[root tmp]# groupadd test1
[root tmp]# groupadd test2
[root tmp]# useradd -g test1 a
[root tmp]# useradd -g test2 b
[root tmp]# passwd a
Changing password for user a.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root tmp]# passwd b
Changing password for user b.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root tmp]# su - a
[a ~]$ cd /tmp
[a tmp]$ id a
uid=517(a) gid=1039(test1) groups=1039(test1)
[a tmp]$ id b
uid=518(b) gid=1042(test2) groups=1042(test2)
[a tmp]$ mkdir debug
[a tmp]$ ls -tld debug/
drwxr-xr-x 2 a test1 4096 Aug 10 16:02 debug/
[a tmp]$ chmod 755 debug
[a tmp]$ ls -tld debug/
drwxr-xr-x 2 a test1 4096 Aug 10 16:02 debug/
[a tmp]$ id
uid=517(a) gid=1039(test1) groups=1039(test1)
[a tmp]$ setfacl -m  d:g:test2:rwx /tmp/debug
[a tmp]$ getfacl /tmp/debug
# file: tmp/debug
# owner: a
# group: test1
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:test2:rwx
default:mask::rwx
default:other::r-x

[a tmp]$ id
uid=517(a) gid=1039(test1) groups=1039(test1)
[a tmp]$ su - b
Password:
[b ~]$ cd /tmp/debug/
[b debug]$ touch 1
touch: cannot touch `1': Permission denied
[b debug]$ pwd
/tmp/debug
. 

Any early response would be highly appreciated.

Thanks,
leo

Please post what Operating System and version you are running and what Shell you prefer.

The /tmp directory is special on all correctly-configured systems. It should stop one user interfering with the files of another user.

Please post:

ls -lad /tmp
$ ls -lad /tmp
drwxrwxrwt 16 root root 4096 Aug 14 10:44 /tmp

Though you omitted to mention the Operating System and version, on most modern versions of unix/Linux those permissions on /tmp will stop one user interfering with another user's files. See the special meaning of what used to be known as the "Sticky Bit" in your version of man chmod . When the "Sticky Bit" is set on /tmp the ls -lad /tmp shows a t attribute. You will be well advised to not change the permissions of /tmp .