diff --git a/include/ntux/ntux.h b/include/ntux/ntux.h
index 76a1965..936b101 100644
--- a/include/ntux/ntux.h
+++ b/include/ntux/ntux.h
@@ -31,6 +31,13 @@ extern "C" {
 
 #define NTUX_DRIVER_VERSION		0x0010
 #define NTUX_DRIVER_DRY_RUN		0x0020
+#define NTUX_DRIVER_VERBOSE		0x0040
+#define NTUX_DRIVER_SILENT		0x0080
+
+#define NTUX_DRIVER_RECURSIVE		0x0100
+#define NTUX_DRIVER_CHANGES		0x0200
+#define NTUX_DRIVER_ROOTED		0x0400
+#define NTUX_DRIVER_ROOTLESS		0x0800
 
 #define NTUX_DRIVER_ANNOTATE_ALWAYS	0x10000000
 #define NTUX_DRIVER_ANNOTATE_NEVER	0x20000000
@@ -54,6 +61,7 @@ enum ntux_cmd {
 	NTUX_CMD_STAT,
 	NTUX_CMD_SPAWN,
 	NTUX_CMD_STRACE,
+	NTUX_CMD_CHMOD,
 	NTUX_CMD_CAP,
 };
 
@@ -95,6 +103,8 @@ struct ntux_common_ctx {
 	char **				senvp;
 	const char *			loader;
 	const char *			logfile;
+	const char *			refmode;
+	const char *			strmode;
 	uint32_t			sysmask[16];
 	uint32_t			dbgmask[16];
 	uint32_t			osmask [32];
@@ -125,6 +135,7 @@ ntux_api int  ntux_get_driver_fdctx     (const struct ntux_driver_ctx *, struct 
 ntux_api int  ntux_set_driver_fdctx     (struct ntux_driver_ctx *, const struct ntux_fd_ctx *);
 
 /* cmd api */
+ntux_api int  ntux_cmd_chmod            (const struct ntux_driver_ctx *, const char *);
 ntux_api int  ntux_cmd_stat             (const struct ntux_driver_ctx *, const char *);
 ntux_api int  ntux_cmd_spawn            (const struct ntux_driver_ctx *);
 ntux_api int  ntux_cmd_strace           (const struct ntux_driver_ctx *);
diff --git a/project/common.mk b/project/common.mk
index f88c5fd..651ec93 100644
--- a/project/common.mk
+++ b/project/common.mk
@@ -6,6 +6,7 @@ INIT_SRCS = \
 DRIVER_SRCS = \
 	src/driver/ntux_amain.c \
 	src/driver/ntux_driver_ctx.c \
+	src/skin/ntux_skin_chmod.c \
 	src/skin/ntux_skin_default.c \
 	src/skin/ntux_skin_spawn.c \
 	src/skin/ntux_skin_strace.c \
@@ -20,6 +21,7 @@ INTERNAL_SRCS = \
 	src/internal/ntux_strerr_impl.c \
 
 CMD_SRCS = \
+	src/cmds/ntux_cmd_chmod.c \
 	src/cmds/ntux_cmd_spawn.c \
 	src/cmds/ntux_cmd_stat.c \
 	src/cmds/ntux_cmd_strace.c \
diff --git a/project/extras.mk b/project/extras.mk
index 5795402..0238ef6 100644
--- a/project/extras.mk
+++ b/project/extras.mk
@@ -38,13 +38,16 @@ install-app-extras:
 	mkdir -p $(DESTDIR)$(BINDIR)
 
 	rm -f bin/$(NICKNAME).stat$(OS_APP_SUFFIX).tmp
+	rm -f bin/$(NICKNAME).chmod$(OS_APP_SUFFIX).tmp
 	rm -f bin/$(NICKNAME).spawn$(OS_APP_SUFFIX).tmp
 	rm -f bin/$(NICKNAME).strace$(OS_APP_SUFFIX).tmp
 
 	ln -s $(NICKNAME)$(OS_APP_SUFFIX) bin/$(NICKNAME).stat$(OS_APP_SUFFIX).tmp
+	ln -s $(NICKNAME)$(OS_APP_SUFFIX) bin/$(NICKNAME).chmod$(OS_APP_SUFFIX).tmp
 	ln -s $(NICKNAME)$(OS_APP_SUFFIX) bin/$(NICKNAME).spawn$(OS_APP_SUFFIX).tmp
 	ln -s $(NICKNAME)$(OS_APP_SUFFIX) bin/$(NICKNAME).strace$(OS_APP_SUFFIX).tmp
 
 	mv bin/$(NICKNAME).stat$(OS_APP_SUFFIX).tmp      $(DESTDIR)$(BINDIR)/$(NICKNAME).stat$(OS_APP_SUFFIX)
+	mv bin/$(NICKNAME).chmod$(OS_APP_SUFFIX).tmp     $(DESTDIR)$(BINDIR)/$(NICKNAME).chmod$(OS_APP_SUFFIX)
 	mv bin/$(NICKNAME).spawn$(OS_APP_SUFFIX).tmp     $(DESTDIR)$(BINDIR)/$(NICKNAME).spawn$(OS_APP_SUFFIX)
 	mv bin/$(NICKNAME).strace$(OS_APP_SUFFIX).tmp    $(DESTDIR)$(BINDIR)/$(NICKNAME).strace$(OS_APP_SUFFIX)
diff --git a/src/cmds/ntux_cmd_chmod.c b/src/cmds/ntux_cmd_chmod.c
new file mode 100644
index 0000000..00788eb
--- /dev/null
+++ b/src/cmds/ntux_cmd_chmod.c
@@ -0,0 +1,26 @@
+/***********************************************************/
+/*  ntux: native translation und extension                 */
+/*  Copyright (C) 2016--2018  Z. Gilboa                    */
+/*  Released under GPLv2 and GPLv3; see COPYING.NTUX.      */
+/***********************************************************/
+
+#include <ntapi/ntapi.h>
+#include <psxabi/sys_sysapi.h>
+#include <psxabi/sys_stat.h>
+#include <psxabi/sys_errno.h>
+
+#include <psxxfi/xfi_ofd.h>
+#include <psxxfi/xfi_unicode.h>
+
+#include <ntux/ntux.h>
+#include "ntux_driver_impl.h"
+#include "ntux_nolibc_impl.h"
+#include "ntux_errinfo_impl.h"
+
+int ntux_cmd_chmod(const struct ntux_driver_ctx * dctx, const char * dunit)
+{
+	(void)dctx;
+	(void)dunit;
+
+	return 0;
+}
diff --git a/src/driver/ntux_amain.c b/src/driver/ntux_amain.c
index 0a24125..5b6587e 100644
--- a/src/driver/ntux_amain.c
+++ b/src/driver/ntux_amain.c
@@ -55,6 +55,9 @@ static void ntux_perform_unit_actions(
 {
 	if (dctx->cctx->cmd == NTUX_CMD_STAT)
 		ntux_cmd_stat(dctx,unit);
+
+	else if (dctx->cctx->cmd == NTUX_CMD_CHMOD)
+		ntux_cmd_chmod(dctx,unit);
 }
 
 static int ntux_exit(struct ntux_driver_ctx * dctx, int ret)
diff --git a/src/driver/ntux_driver_ctx.c b/src/driver/ntux_driver_ctx.c
index 47718ce..370c69b 100644
--- a/src/driver/ntux_driver_ctx.c
+++ b/src/driver/ntux_driver_ctx.c
@@ -35,6 +35,7 @@ static const char * const ntux_cmd_name[NTUX_CMD_CAP] = {
 	[NTUX_CMD_STAT]       = "stat",
 	[NTUX_CMD_SPAWN]      = "spawn",
 	[NTUX_CMD_STRACE]     = "strace",
+	[NTUX_CMD_CHMOD]      = "chmod",
 };
 
 /* ntux command options */
@@ -43,6 +44,7 @@ static const struct argv_option * ntux_cmd_options[NTUX_CMD_CAP] = {
 	[NTUX_CMD_STAT]       = ntux_default_options,
 	[NTUX_CMD_SPAWN]      = ntux_spawn_options,
 	[NTUX_CMD_STRACE]     = ntux_strace_options,
+	[NTUX_CMD_CHMOD]      = ntux_chmod_options,
 };
 
 /* package info */
@@ -179,6 +181,14 @@ static int ntux_cctx_update(
 					cctx->drvflags |= NTUX_DRIVER_VERSION;
 					break;
 
+				case TAG_VERBOSE:
+					cctx->drvflags |= NTUX_DRIVER_VERBOSE;
+					break;
+
+				case TAG_SILENT:
+					cctx->drvflags |= NTUX_DRIVER_SILENT;
+					break;
+
 				case TAG_CMD:
 					if (*nunits)
 						return ntux_driver_usage(
@@ -195,6 +205,9 @@ static int ntux_cctx_update(
 					else if (!strcmp(entry->arg,"strace"))
 						cctx->cmd = NTUX_CMD_STRACE;
 
+					else if (!strcmp(entry->arg,"chmod"))
+						cctx->cmd = NTUX_CMD_CHMOD;
+
 					break;
 
 				case TAG_LOADER:
@@ -204,6 +217,32 @@ static int ntux_cctx_update(
 				case TAG_LOGFILE:
 					cctx->logfile = entry->arg;
 					break;
+
+				case TAG_REFMODE:
+					cctx->refmode = entry->arg;
+					break;
+
+				case TAG_STRMODE:
+					cctx->strmode = entry->arg;
+					break;
+
+				case TAG_RECURSIVE:
+					cctx->drvflags |= NTUX_DRIVER_RECURSIVE;
+					break;
+
+				case TAG_CHANGES:
+					cctx->drvflags |= NTUX_DRIVER_CHANGES;
+					break;
+
+				case TAG_ROOTED:
+					cctx->drvflags &= ~(uint64_t)NTUX_DRIVER_ROOTLESS;
+					cctx->drvflags |= NTUX_DRIVER_ROOTED;
+					break;
+
+				case TAG_ROOTLESS:
+					cctx->drvflags &= ~(uint64_t)NTUX_DRIVER_ROOTED;
+					cctx->drvflags |= NTUX_DRIVER_ROOTLESS;
+					break;
 			}
 		} else {
 			(*nunits)++;
@@ -241,6 +280,8 @@ static int ntux_cmd_from_program(const char * program)
 		return NTUX_CMD_SPAWN;
 	else if (!strcmp(mark,"strace"))
 		return NTUX_CMD_STRACE;
+	else if (!strcmp(mark,"chmod"))
+		return NTUX_CMD_CHMOD;
 
 	return NTUX_CMD_DEFAULT;
 }
@@ -380,6 +421,9 @@ int ntux_get_driver_ctx(
 	else if (cctx.cmd == NTUX_CMD_STRACE)
 		argv_optv_init(ntux_strace_options,optv);
 
+	else if (cctx.cmd == NTUX_CMD_CHMOD)
+		argv_optv_init(ntux_chmod_options,optv);
+
 	/* spawn, strace */
 	if ((cctx.cmd == NTUX_CMD_SPAWN) || (cctx.cmd == NTUX_CMD_STRACE)) {
 		argv_scan(argv,optv,&ctx,0);
diff --git a/src/internal/ntux_driver_impl.h b/src/internal/ntux_driver_impl.h
index e55fdb6..0ab0394 100644
--- a/src/internal/ntux_driver_impl.h
+++ b/src/internal/ntux_driver_impl.h
@@ -15,6 +15,7 @@
 extern   const struct argv_option   ntux_default_options[];
 extern   const struct argv_option   ntux_spawn_options[];
 extern   const struct argv_option   ntux_strace_options[];
+extern   const struct argv_option   ntux_chmod_options[];
 extern   const struct _ntapi_vtbl * ntux_ntapi;
 
 #define  ntapi ntux_ntapi
@@ -25,6 +26,14 @@ enum app_tags {
 	TAG_CMD,
 	TAG_LOADER,
 	TAG_LOGFILE,
+	TAG_VERBOSE,
+	TAG_SILENT,
+	TAG_RECURSIVE,
+	TAG_STRMODE,
+	TAG_REFMODE,
+	TAG_CHANGES,
+	TAG_ROOTED,
+	TAG_ROOTLESS,
 };
 
 struct ntux_driver_ctx_impl {
diff --git a/src/skin/ntux_skin_chmod.c b/src/skin/ntux_skin_chmod.c
new file mode 100644
index 0000000..cb300a6
--- /dev/null
+++ b/src/skin/ntux_skin_chmod.c
@@ -0,0 +1,39 @@
+#include "ntux_driver_impl.h"
+#include "argv/argv.h"
+
+const struct argv_option ntux_chmod_options[] = {
+	{"version",		'v',TAG_VERSION,ARGV_OPTARG_NONE,0,0,0,
+				"show version information"},
+
+	{"help",		'h',TAG_HELP,ARGV_OPTARG_OPTIONAL,0,"short|long",0,
+				"show usage information [listing %s options only]"},
+
+	{"verbose",		'V',TAG_VERBOSE,ARGV_OPTARG_NONE,0,0,0,
+				"dump security descriptor information for each file and action"},
+
+	{"silent",		'f',TAG_VERSION,ARGV_OPTARG_NONE,0,0,0,
+				"suppress most error messages"},
+
+	{"recursive",		'R',TAG_RECURSIVE,ARGV_OPTARG_NONE,0,0,0,
+				"recurse into sub-directories"},
+
+	{"strmode",		's',TAG_STRMODE,ARGV_OPTARG_REQUIRED,0,0,"<STRMODE>",
+				"set mode based on the symbolic mode %s"},
+
+	{"refmode",		'e',TAG_REFMODE,ARGV_OPTARG_REQUIRED,0,0,"<REFMODE>",
+				"set mode based on the reference file %s"},
+
+	{"reference",		0,TAG_REFMODE,ARGV_OPTARG_REQUIRED,0,0,0,
+				"a synonym for --refmode"},
+
+	{"changes",		'c',TAG_CHANGES,ARGV_OPTARG_NONE,0,0,0,
+				"a synonym for --refmode"},
+
+	{"preserve-root",	0,TAG_ROOTED,ARGV_OPTARG_NONE,0,0,0,
+				"disallow operating on the root folder /"},
+
+	{"no-preserve-root",	0,TAG_ROOTLESS,ARGV_OPTARG_NONE,0,0,0,
+				"allow operating on the root folder /"},
+
+	{0,0,0,0,0,0,0,0}
+};
diff --git a/src/skin/ntux_skin_default.c b/src/skin/ntux_skin_default.c
index 73a89bf..f79f008 100644
--- a/src/skin/ntux_skin_default.c
+++ b/src/skin/ntux_skin_default.c
@@ -8,7 +8,7 @@ const struct argv_option ntux_default_options[] = {
 	{"help",		'h',TAG_HELP,ARGV_OPTARG_OPTIONAL,0,"short|long",0,
 				"show usage information [listing %s options only]"},
 
-	{"cmd",			0,TAG_CMD,ARGV_OPTARG_REQUIRED,0,"stat|spawn|strace",0,
+	{"cmd",			0,TAG_CMD,ARGV_OPTARG_REQUIRED,0,"stat|spawn|strace|chmod",0,
 				"invoke one of the following ntux commands: %s"},
 
 	{0,0,0,0,0,0,0,0}