取消目录默认的权限：

[root@linuxidc tmp]# setfacl -x d:u:redhat xx/
[root@linuxidc tmp]# getfacl xx/
# file: xx/
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:mask::r-x
default:other::r-x

将某个文件ACL的权限复制给其他文件：

[root@linuxidc tmp]# getfacl passwd | setfacl --set-file=- ens38 
[root@linuxidc tmp]# getfacl ens38 
# file: ens38
# owner: root
# group: root
user::rw-
group::r--
group:redhat:rwx
mask::rwx
other::r-x
[root@linuxidc tmp]# getfacl passwd 
# file: passwd
# owner: root
# group: root
user::rw-
group::r--
group:redhat:rwx
mask::rwx
other::r-x

 
[root@linuxidc tmp]# getfacl setuid.txt 
# file: setuid.txt
# owner: root
# group: root
user::rw-
group::r--
other::r--

    -M 选项可以接受标准输入，但是选项后面要加上-
[root@linuxidc tmp]# getfacl passwd | setfacl -M- setuid.txt 
[root@linuxidc tmp]# getfacl setuid.txt 
# file: setuid.txt
# owner: root
# group: root
user::rwx
user:tom:rwx
group::r--
mask::rwx
other::r-x

-
    -b选项可删除文件所有扩展的ACL权限：
[root@linuxidc tmp]# setfacl -b passwd

 EXAMPLES
      Granting an additional user read access
              setfacl -m u:lisa:r file
      Revoking write access from all groups and all named users (using the effective rights mask)
              setfacl -m m::rx file
      Removing a named group entry from a file's ACL
              setfacl -x g:staff file
      Copying the ACL of one file to another
              getfacl file1 | setfacl --set-file=- file2
      Copying the access ACL into the Default ACL
              getfacl --access dir | setfacl -d -M- dir