Linux Commands Examples

A great documentation place for Linux commands


override ownership and mode of files

see also : dpkg


dpkg-statoverride [option...] command

add an example, a script, a trick and tips

: email address (won't be displayed)
: name

Step 2

Thanks for this example ! - It will be moderated and published shortly.

Feel free to post other examples
Oops ! There is a tiny cockup. A damn 404 cockup. Please contact the loosy team who maintains and develops this wonderful site by clicking in the mighty feedback button on the side of the page. Say what happened. Thanks!


for f in /etc/certain/CA /etc/certain/CA/private /etc/certain/private; do
if ! dpkg-statoverride --list $f > /dev/null; then
if ! dpkg-statoverride --list $f > /dev/null; then
dpkg-statoverride --update --add certain certain 0700 $f
for f in /etc/certain /etc/certain/CSRCache /etc/certain/certs /var/log/certain; do
for f in /etc/certain{,/private,/CA,/CA/private,/CSRCache,/certs,/store,/certain.conf} /var/log/certain; do
if dpkg-statoverride --list $f > /dev/null; then
if dpkg-statoverride --list $f > /dev/null; then
dpkg-statoverride --remove $f
if getent passwd certain >/dev/null 2>&1; then
userdel certain


stat overrides’ are a way to tell dpkg(1) to use a different owner or mode for a file when a package is installed. (note: I use the word ’file’ here, but in reality this can be any filesystem object that dpkg handles, including directories, devices, etc.). This can be used to force programs that are normally setuid to be install without a setuid flag, or only executable by a certain group.

dpkg-statoverride is a utility to manage the list of stat overrides. It has three basic functions: adding, removing and listing overrides.


--admindir directory

Change the directory of the dpkg database where the statoverride file is also stored. Defaults to /var/lib/dpkg.


Force an action, even if a sanity check would otherwise prohibit it. This is necessary to override an existing override.


Immediately try to change the file to the new owner and mode if it exists.


Be less verbose about what we do.


--add user group mode file

Add an override for file. file does not need to exist when this command is used; the override will be stored and used later. Users and groups can be specified by their name (for example root or nobody), or by their number by prepending the number with a ’#’ (for example #0 or #65534). The mode needs to be specified in octal.

If --update is specified and file exists, it is immediately set to the new owner and mode.

--remove file

Remove an override for file, the status of file is left unchanged by this command.

--list [glob-pattern]

List all overrides. If a glob pattern is specified restrict the output to overrides which match the glob. If there are no overrides or none match the glob dpkg-statoverride will exit with an exitcode of 1.


Show the usage message and exit.


Show the version and exit.



If set and the --admindir option has not been specified, it will be used as the dpkg data directory.



File which contains the current list of stat overrides of the system. It is located in the dpkg administration directory, along with other files important to dpkg, such as ’status’ or ’available’.
Note: dpkg-statoverride preserves the old copy of this file, with extension "-old", before replacing it with the new one.

see also

dpkg .

How can this site be more helpful to YOU ?

give  feedback