Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Monitors file-changes in configured directories. If changes happened, it adjusts the file-permissions and ownership.
Latest commit 8b012bf @open-dynaMIX markdown


Distributed under the GNU GPL
Or see the file ./COPYING


Monitors file-changes happened in the directory set in experms.conf. If changes
happened, it adjusts the file-permissions and ownership/group.

You can either define directories (and also sub-directories) with different
ownerships and permissions.

It also allows exclusions based on directories or patterns (regex).
Further it is able to restore all the ownerships and permissions of all files
based on the config-file.

experms needs to be run with root-permissions.


experms depends on:

  • python2
  • python2-pyinotify (name can vary on different Linux distributions)
  • systemd (optional)


You can start and/or enable experms with systemd:

# systemctl start experms
# systemctl enable experms

Following arguments are available:

usage: experms [-h] [-c CONFIG] [-r] [-t] [-v] [-d]


optional arguments:
  -h, --help            show this help message and exit
  -c CONFIG, --config CONFIG
                        Configuration file to use
  -r, --restore         Just restore all the permissions and exit
  -t, --total           Count the directories to watch and exit
  -v, --version         Print the version and exit
  -d, --debug           Print debug-messages

Note: You need to edit the configuration file before running experms for the
first time!

The Configuration File

experms.conf is located under /etc/experms.conf
You can use another file with the argument '--config'.

If changes happened to experms.conf, it is necessary to restart


# /etc/experms.conf

log_activities = no
restore = no

chmodd = 755

path = /first/directory
user = first-user
group = first-group
chmodf = 640
chmodd = g+w
excludepath = /first/directory/exclude1,/first/directory/subdir/exclude2

path = /second/directory
group = second-group
chmodf = 0644
excludepattern = .txt$|.TXT$|.sh$|.SH$

path = /second/directory/subdirectory
group = third-group
chmodf = g+w,o-r
chmodd = g+w,o-rx

General Section

log_activities = yes | no
Decide, if experms should print a log.

restore = yes | no
Decide, if experms should restore all the ownerships and permissions
of all files based on the config-file. In case there were changes
while experms was not running.

Default Section

Rules that should apply to all directory sections. They can be over‐
written inside a directory section.

Directory Section

path = /path/to/watch/dir
Set the directory where your rules should apply.

owner = username|UID
Set the owner of all the files and directories.

group = groupname|GID
Set the group of all the files and directories.

chmodf = permissions
Set the permission for all the files.
Accepted is octal (0777) or symbolic mode (comma separated list).
Symbolic mode has limited functionality and only supports
You can use set-UID, set-GID and sticky-bit if you wish to. E.g. 4660.

chmodd = permissions
Set the permission of all the directories.
See chmodf above.

excludepath = /path/to/exclude/dir,/path/to/exclude/file...
Exclude some directories and files from the rules (comma seperated).

excludepattern = regular expression
Exclude files (and only files) based on a pattern.

Inotify Configuration

experms uses inotify to monitor the directories.
Inotify allows only a limited number of directories to watch per user.
Per default this is set to 8192.
You can increase this number by writing to /proc/sys/fs/inotify/max_user_watches
To make this change permanent, the following line should be added to
/etc/sysctl.conf or /etc/sysctl.d/99-sysctl.conf
fs.inotify.max_user_watches=8192 (your amount of directories)

You can check the amount of directories recursively with:

# experms --total

Something went wrong with that request. Please try again.