$ mkdir d $ cd d $ whoami > root $ touch a b c d e f $ nfs4acl --set 'owner@:*::allow' a $ nfs4acl --set 'owner@:*::allow bin:w::allow' b $ nfs4acl --set 'owner@:*::allow bin:a::allow' c $ nfs4acl --set 'owner@:*::allow bin:wa::allow' d $ nfs4acl --set 'bin:a::deny owner@:*::allow bin:w::allow' e $ nfs4acl --set 'bin:w::deny owner@:*::allow bin:a::allow' f $ su bin $ echo a > a > /bin/sh: a: Permission denied $ echo b > b $ echo c > c > /bin/sh: c: Permission denied $ echo d > d $ echo e > e $ echo f > f > /bin/sh: f: Permission denied $ echo A >> a > /bin/sh: a: Permission denied $ echo B >> b > /bin/sh: b: Permission denied $ echo C >> c $ echo D >> d $ echo E >> e > /bin/sh: e: Permission denied $ echo F >> f $ su $ cat a b c d e f > b > C > d > D > e > F $ cd .. $ rm -rf d