Warning: directory permissions differ on /etc/ssl/private/ filesystem: 755 package: 700

HardCode4All · June 10, 2026, 4:46am

During pacman -Syu, I just got this warning:

:: Processing package changes...
(1/2) upgrading openssl                                          [-----------------------------------] 100%
warning: directory permissions differ on /etc/ssl/private/
filesystem: 755  package: 700

Now, Perplexity tells me:

What it means

755 allows other users to traverse the directory, while 700 restricts access to the owner only. For a private-key directory under /etc/ssl, that restriction is normal and desirable because it reduces the chance of unintended access to sensitive TLS material.

Recommended fix

Set the directory back to the package’s expected permissions:

bash
sudo chmod 700 /etc/ssl/private
That matches the packaged mode reported in the upgrade warning and is the simplest and most appropriate fix in this case.

What to verify

After changing it, confirm the mode is correct:

bash
stat -c '%a %n' /etc/ssl/private
You should see 700. If a future update changes the package’s expected permissions again, pacman may warn you similarly, and in that case you should follow the packaged default rather than keeping a manually modified mode.

But we all know the “quality” of AI answers so I’d rather ask the friendly experts in my neigborhood. Is Perplexity right this time?

cscs · June 10, 2026, 4:50am

Yeah the LLM more or less has it.

This kind of notice may be printed any time permissions do not match the permissions the file would have as dictated by the package normally and now.

You may have different permissions because they used to be different by default.

Or you may have changed them for some reason of functionality.

It is ultimately up to you whether you should use the permissions you already have or the ones the package has (or something else entirely).

But if we assume there is no reason you need to have it as 755 then 700 would be that much more locked down and so probably desirable.

PS.

I have a little snippet in my shells rc for printing the octal;

octal () 
{ 
    stat -c '%a %n' "$@"
}

And/or the following may be useful for visualizing the definitons;
https://chmod-calculator.com/

HardCode4All · June 10, 2026, 5:09am

Probably because

I doubt that

And thanks for the octal tip.

Privacy_Goblin · June 10, 2026, 5:17am

This does not have anything to do with the question at hand, but when you say Perplexity do you mean using one of their own models for the search, or one of the paid ones that they pull from Anthropic, OpenAI, Moonshot AI or Google?

Edit:
I have never used Perplexity, so I am merely curious. I was not sure what had been used when I looked at the shared chat session.

HardCode4All · June 10, 2026, 5:42am

I use the publicly available website together with some uBlock Origin rules that Gemini wrote for me, to avoid having to log in I don’t even know which model they use, but I find Perplexity pretty good for technical stuff.