Digital Mages

Digital Mages - fssecure(8)


fssecure - Filesystem Security/Permissions tool


$Id:,v 1.0 2011/08/25 23:44:49 acorliss Exp $


    fssecure [-h|--help] [-l|--list] [-s|--show {policy}]
             [-v|--verbose] [-V|--version] 
             [policy1 [policy2] ...]


fssecure is a tool meant to (re)apply filesystem permissions on a per-package basis according to security templates. This tool allows for standard package templates as well as per-host (or site) modified templates.


None. If called with no options it will silently apply all the templates reporting only errors. When called with specific policy names only those will be applied.


The following options are available:

  -h --help         Prints out this usage summary.
  -l --list         Lists all installed security policies
  -s --show         Displays the requested policy to STDOUT
  -v --verbosity    Produces verbose output
  -V --version      Displays program version

Short options can be bundled, with some options (like verbosity can be declared multiple times to increase output.


This tool automatically prints out all errors as they're encountered to STDERR.


The following return values are used:

    0  All operations succeeded
    1  Errors occured


Security templates are stored in /etc/fsperms. Custom templates intended to override standard templates are stored in /etc/fsperms/site.conf.


Each template consists of targets and associated rules such as the following:

  # Restrict access to everything in /usr/ccs, but
  # let other users traverse to /usr/ccs/lib and
  # read/execute elflibs.
    owner:    root
    group:    devtools
    mode:     ug+rx o-rw o+x
    owner:    root
    group:    devtools
    mode:     o-rwx
    recurse:  yes
    mode:     o-w o+x
    recurse:  yes
    mode:     o-w o+x
    type:     file

Each target must not have any preceding whitespace, and each associated rule must. The level of indentation for rules is not important.

Targets can incorporate simple shell-style globbing like:


and so on. As the examples demonstrate you can have multiple globs and all the major types of globbing constructs are supported.

Five types of rules are possible for every target. All are optional, but at least one must be present for every target:

  owner:    {self-explanatory}
  group:    {self-explanatory}
  mode:     {permissions}
  recurse:  {yes|no}
  type:     {file|directory|any}

mode can be either an explicity octal permission (such as 770 or 4755) or relative permissions as supported by chmod (ug+rx o-rwx). If the latter format is used you can list multiple relative permissions to be applied in a space-delimited format.

recurse defaults to 'no' if not specified, and can be used to recursively apply ownership or permissions to a directory hierarchy.

type will restrict ownership or permissions application to only files or directories. If not specified it will default to 'any'. This can be set to 'file' and still set 'recurse' to 'yes'. Only files will be affected, but it will recursive search directories in the glob for more.

Rules and targets are processed in each template in the order in which they are listed.


Be exceedingly careful and explicit when constructing security templates. Mistakes can render a system unusable if you make a mistake in system directories and files.

In addition, be aware that this program applies permissions in the same way as the command line chmod program does: permissions will be applied to the target, not the symlink. While we explicitly do not follow symlinks when recursing into directories, permissions may be applied outside of a directory tree if the symlink points to a file or directory there.

Report bugs to <> with a subject line of "BUG: fsperms".


Arthur Corliss (


This software is licensed under the same terms as Perl, itself. Please see for more information.

(c) 2006, Arthur Corliss (