diff --git a/usr/lib/security-misc/permission-hardening b/usr/lib/security-misc/permission-hardening
index 06b7533..188ccb9 100755
--- a/usr/lib/security-misc/permission-hardening
+++ b/usr/lib/security-misc/permission-hardening
@@ -110,7 +110,7 @@ add_nosuid_statoverride_entry() {
     fi
     setsgid=""
     setsgid_output=""
-    if test -g "$file_name"; then
+    if test -g "$file_name" ; then
       setsgid=true
       setsgid_output="set-group-id"
     fi
@@ -169,13 +169,13 @@ add_nosuid_statoverride_entry() {
 
       echo "INFO: $setuid_output $setsgid_output found - file_name: '$file_name' | existing_mode: '$existing_mode' | new_mode: '$new_mode'"
 
-      if dpkg-statoverride $dpkg_admindir_parameter_existing_mode --list "$file_name"; then
+      if dpkg-statoverride --list "$file_name" $dpkg_admindir_parameter_existing_mode ; then
          ## Existing mode already saved previously. No need to save again.
          true OK
       else
          ## Save existing_mode in separate database.
          ## Not using --update as not intending to enforce existing_mode.
-         echo_wrapper_silent_audit $dpkg_admindir_parameter_existing_mode --add "$existing_owner" "$existing_group" "$existing_mode" "$file_name"
+         echo_wrapper_silent_audit --add "$existing_owner" "$existing_group" "$existing_mode" "$file_name" $dpkg_admindir_parameter_existing_mode
       fi
 
       ## No need to check "dpkg-statoverride --list" for existing entries.
@@ -186,13 +186,13 @@ add_nosuid_statoverride_entry() {
       echo_wrapper_ignore dpkg-statoverride --remove "$file_name"
 
       ## Remove from separate database.
-      echo_wrapper_ignore $dpkg_admindir_parameter_new_mode dpkg-statoverride --remove "$file_name"
+      echo_wrapper_ignore dpkg-statoverride --remove "$file_name" $dpkg_admindir_parameter_new_mode
 
       ## Add to real database and use --update to make changes on disk.
       echo_wrapper_audit dpkg-statoverride --add --update "$existing_owner" "$existing_group" "$new_mode" "$file_name"
 
       ## Not using --update as this is only for recording.
-      echo_wrapper_silent_audit $dpkg_admindir_parameter_new_mode dpkg-statoverride --add "$existing_owner" "$existing_group" "$new_mode" "$file_name"
+      echo_wrapper_silent_audit dpkg-statoverride --add "$existing_owner" "$existing_group" "$new_mode" "$file_name"
     fi
 
   ## /lib will hit ARG_MAX.
@@ -276,12 +276,12 @@ set_file_perms() {
          continue
       fi
 
-      if ! getent passwd | grep -q "^${owner_from_config}:"; then
+      if ! getent passwd | grep -q "^${owner_from_config}:" ; then
          echo "ERROR: owner_from_config '$owner_from_config' does not exist!" >&2
          continue
       fi
 
-      if ! getent group | grep -q "^${group_from_config}:"; then
+      if ! getent group | grep -q "^${group_from_config}:" ; then
          echo "ERROR: group_from_config '$group_from_config' does not exist!" >&2
          continue
       fi
@@ -336,9 +336,9 @@ set_file_perms() {
       ## root root 755 /home
       ##
       ## dpkg-statoverride does not show leading '0'.
-      if dpkg-statoverride --list "$fso_without_trailing_slash"; then
+      if dpkg-statoverride --list "$fso_without_trailing_slash" ; then
         ## There is an fso entry. Check if owner/group/mode match.
-        if dpkg-statoverride --list | grep -q "$owner_from_config $group_from_config $mode_for_grep $fso_without_trailing_slash"; then
+        if dpkg-statoverride --list | grep -q "$owner_from_config $group_from_config $mode_for_grep $fso_without_trailing_slash" ; then
           ## The owner/group/mode matches. No further action required.
           true OK
         else
@@ -346,16 +346,16 @@ set_file_perms() {
           ## fso_without_trailing_slash instead of fso to prevent
           ## "dpkg-statoverride: warning: stripping trailing /"
 
-          if dpkg-statoverride $dpkg_admindir_parameter_existing_mode --list "$fso_without_trailing_slash"; then
+          if dpkg-statoverride --list "$fso_without_trailing_slash" $dpkg_admindir_parameter_existing_mode ; then
             ## Existing mode already saved previously. No need to save again.
             true OK
           else
             ## Save existing_mode in separate database.
             ## Not using --update as not intending to enforce existing_mode.
-            echo_wrapper_silent_audit $dpkg_admindir_parameter_existing_mode --add "$existing_owner" "$existing_group" "$existing_mode" "$fso_without_trailing_slash"
+            echo_wrapper_silent_audit --add "$existing_owner" "$existing_group" "$existing_mode" "$fso_without_trailing_slash" $dpkg_admindir_parameter_existing_mode
           fi
 
-          echo_wrapper_audit $dpkg_admindir_parameter_new_mode dpkg-statoverride --remove "$fso_without_trailing_slash"
+          echo_wrapper_audit dpkg-statoverride --remove "$fso_without_trailing_slash" $dpkg_admindir_parameter_new_mode
 
           ## Remove from and add to real database.
           echo_wrapper_audit dpkg-statoverride --remove "$fso_without_trailing_slash"
@@ -363,18 +363,18 @@ set_file_perms() {
 
           ## Save in separate database.
           ## Not using --update as this is only for saving.
-          echo_wrapper_silent_audit $dpkg_admindir_parameter_new_mode dpkg-statoverride --add "$owner_from_config" "$group_from_config" "$mode_from_config" "$fso_without_trailing_slash"
+          echo_wrapper_silent_audit dpkg-statoverride --add "$owner_from_config" "$group_from_config" "$mode_from_config" "$fso_without_trailing_slash" $dpkg_admindir_parameter_new_mode
         fi
       else
         ## There is no fso entry. Therefore add one.
 
-        if dpkg-statoverride $dpkg_admindir_parameter_existing_mode --list "$fso_without_trailing_slash"; then
+        if dpkg-statoverride --list "$fso_without_trailing_slash" $dpkg_admindir_parameter_existing_mode ; then
           ## Existing mode already saved previously. No need to save again.
           true OK
         else
           ## Save existing_mode in separate database.
           ## Not using --update as not intending to enforce existing_mode.
-          echo_wrapper_silent_audit $dpkg_admindir_parameter_existing_mode --add "$existing_owner" "$existing_group" "$existing_mode" "$fso_without_trailing_slash"
+          echo_wrapper_silent_audit --add "$existing_owner" "$existing_group" "$existing_mode" "$fso_without_trailing_slash" $dpkg_admindir_parameter_existing_mode
         fi
 
         ## Add to real database.
@@ -382,7 +382,7 @@ set_file_perms() {
 
         ## Save in separate database.
         ## Not using --update as this is only for saving.
-        echo_wrapper_silent_audit $dpkg_admindir_parameter_new_mode dpkg-statoverride --add "$owner_from_config" "$group_from_config" "$mode_from_config" "$fso_without_trailing_slash"
+        echo_wrapper_silent_audit dpkg-statoverride --add "$owner_from_config" "$group_from_config" "$mode_from_config" "$fso_without_trailing_slash" $dpkg_admindir_parameter_new_mode
       fi
     fi
 
@@ -393,7 +393,7 @@ set_file_perms() {
     if [ "$capability_from_config" = "none" ]; then
       echo_wrapper_audit setcap -r "$fso"
     else
-      if ! capsh --print | grep "Bounding set" | grep -q "$capability_from_config"; then
+      if ! capsh --print | grep "Bounding set" | grep -q "$capability_from_config" ; then
          echo "ERROR: capability_from_config '$capability_from_config' does not exist!" >&2
          continue
       fi