diff --git a/Dockerfile b/Dockerfile
index d0fc0a6f..c53e4a0c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,9 @@
+FROM golang:1.17-bullseye as permset
+WORKDIR /src
+RUN git clone https://github.com/jacobalberty/permset.git /src && \
+    mkdir -p /out && \
+    go build -ldflags "-X main.chownDir=/unifi" -o /out/permset
+
 FROM ubuntu:18.04
 
 LABEL maintainer="Jacob Alberty <jacob.alberty@foundigital.com>"
@@ -55,6 +61,10 @@ RUN set -ex \
  && useradd --no-log-init -r -u $UNIFI_UID -g $UNIFI_GID unifi \
  && /usr/local/bin/docker-build.sh "${PKGURL}"
 
+COPY --from=permset /out/permset /usr/local/bin/permset
+RUN chown 0.0 /usr/local/bin/permset && \
+    chmod +s /usr/local/bin/permset
+
 RUN mkdir -p /unifi && chown unifi:unifi -R /unifi
 
 # Apply any hotfixes that were included
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index aeeb39c0..843ab6e7 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -161,6 +161,11 @@ fi
 
 UNIFI_CMD="java ${JVM_OPTS} -jar ${BASEDIR}/lib/ace.jar start"
 
+if  command -v permset &> /dev/null
+then
+  permset
+fi
+
 # controller writes to relative path logs/server.log
 cd ${BASEDIR}