Есть ли способ отключить все права записи для определенного пользователя в каталоге?
Это немного сбивает с толку, но
If you are tracking testing or the next-stable code name, you should always have a corresponding deb http://security.debian.org <"testing" or codename>-security main line in your /etc/apt/sources.list. See this FAQ-Item. https://www.debian.org/security/faq#testing:
Q: How is security handled for testing?
A: Security for testing benefits from the security efforts of the entire project for unstable. However, there is a minimum two-day migration delay, and sometimes security fixes can be held up by transitions. The Security Team helps to move along those transitions holding back important security uploads, but this is not always possible and delays may occur. Especially in the months after a new stable release, when many new versions are uploaded to unstable, security fixes for testing may lag behind. If you want to have a secure (and stable) server you are strongly encouraged to stay with stable.
Я думаю, что вам НЕ следует отключать обновления безопасности для тестирования и оставлять строку типа
deb http://security.debian.org testing-security main
Перед применением acl для пользователя p3 Теперь каждый имеет полный доступ к каталогу k2
mkdir k2
chmod 777 k2
getfacl k2
# file: k2
# owner: praveen
# group: praveen
user::rwx
group::rwx
other::rwx
Теперь давайте ограничим доступ пользователя p3 для записи в каталог k2
setfacl -m u:p3:rx k2
$ getfacl k2
# file: k2
# owner: praveen
# group: praveen
user::rwx
user:p3:r-x =====> user p3 have only read and execute acess not write
group::rwx
mask::rwx
other::rwx