Hi I'm studying for RHCT and try to solve ACL problems. I did everything but when a user tries to reach a file from another user's directory I get permission denied message. I want to show you something:
tristan@fc2 tristan]$ setfacl -m u:tippy:rwx,g:lensmen:rwx pizza

[tristan@fc2 tristan]$ setfacl -m mask::r-- pizza

[tristan@fc2 tristan]$ getfacl --omit-header pizza
user::rw-
user:axel:rw- #effective:r--
user:tippy:rwx #effective:r--
group::r--
group:lensmen:rwx #effective:r--
mask::r--
other::r--

It seems ok, but when tippsy tries to read file in user axel's directory I get permission denied message. I tried it without mask, but result was same. Please help me, what did I do wrong? I applied "chmod 700 /home/axel/" before setfacl command as shown in Michael Jang's RHCE book, mount and remount /home with acl, wrote acl command in /etc/fstab/

/etc/fstab is only read at startup or if you issue

mount -a

after editing it.

Anyway, no need for all that. So long as the partition has acls enabled, if you set an acl at the cmd line, it will take effect immediately.

Or
Then run "mount" with no arguments.

ACL should show up on the /home partition

did this solve it?

I dont quite understand your first remark.
/etc/fstab will be read if you do
mount /home

Actually, by default, RHEL5 creates HDD mounts with acl option turned on at install time.
However, if you've got a disk mounted that doesn't have acls enabled, its

mount -o remount,acl /home

'mount' with no options only mounts a disk that is not currently mounted. You have to force a remount (above) to change the settings on a mounted disk.

thank you for your responses. I was trying to solve questions about ACLs. here is the situation:
Q:Set up ACL list on /home, set up project.test on mike's home directory. Configure ACL on project.test to allow user donna to read this file.

I created the file as user mike, then changed the ACL settings of project.test file by using:
chmod u+rwx /home/mike/project.test
chmod g+rwx /home/mike/project.test
chmod o-rwx /home/mike/project.test
then I use: setfacl -m user:donna:r-- /home/mike/project.test
when I use getfacl command i get:
user:rwx
user:donna:r--
group:rwx
mask:rwx
other:---

however when I login as donna and try to read the file by "cat" or open it by "vi" I get permission denied message.
by the way the output of ls -ld /home/mike/project.test :
-rwxrwx---+ 1 mike mike ...... /home/mike/project.test

Please help me, I dont know what I did wrong!