diff --git a/directory.list b/directory.list
index b3cc21e..6264d25 100644
--- a/directory.list
+++ b/directory.list
@@ -34,7 +34,7 @@
 0755 root root /srv/www/htdocs
 1777 root root /tmp
 0755 root root /usr
-0755 root root /usr/bin
+0555 root root /usr/bin
 0755 root root /usr/etc
 0755 root root /usr/etc/X11
 0755 root root /usr/etc/default
@@ -49,7 +49,7 @@
 0755 root root /usr/etc/xdg/autostart
 0755 root root /usr/include
 0755 root root /usr/include/X11
-0755 root root /usr/lib
+0555 root root /usr/lib
 0755 root root /usr/libexec
 0755 root root /usr/lib/X11
 0755 root root /usr/lib/modprobe.d
@@ -86,7 +86,7 @@
 0755 root root /usr/local/sbin
 0755 root root /usr/local/share
 0755 root root /usr/local/src
-0755 root root /usr/sbin
+0555 root root /usr/sbin
 0755 root root /usr/share
 0755 root root /usr/share/appdata
 0755 root root /usr/share/applications
@@ -137,7 +137,7 @@
 0755 root root /var/cache
 0755 root root /var/crash
 0755 root root /var/lib
-0755 root root /var/lib/empty
+0555 root root /var/lib/empty
 0755 root root /var/lib/misc
 0755 root root /var/spool
 1777 root root /var/spool/mail
diff --git a/directory.list64 b/directory.list64
index 40367c5..9fe37a5 100644
--- a/directory.list64
+++ b/directory.list64
@@ -1,4 +1,4 @@
-0755 root root /usr/lib64
+0555 root root /usr/lib64
 0755 root root /usr/lib64/pkgconfig
 0755 root root /usr/lib64/browser-plugins
 0755 root root /usr/local/lib64
diff --git a/filesystem.changes b/filesystem.changes
index bdd81b3..e41e216 100644
--- a/filesystem.changes
+++ b/filesystem.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Mar 26 11:32:25 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- also fix /var/lib/empty to be readonly 
+
+-------------------------------------------------------------------
+Thu Mar 25 19:56:45 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- make bindir/ _lib and _libdir readonly (mode 0555) to avoid
+  runpath-to-writeable-directory warning
+
 -------------------------------------------------------------------
 Wed Feb 10 18:34:25 UTC 2021 - Antoine Belvire <antoine.belvire@opensuse.org>
 
diff --git a/filesystem.spec b/filesystem.spec
index ac8cca0..0c1303c 100644
--- a/filesystem.spec
+++ b/filesystem.spec
@@ -64,6 +64,7 @@ function create_dir () {
     local BDIR=`dirname $NAME`
     test -d "$RPM_BUILD_ROOT/$NAME" && { echo "dir $NAME does already exist" ; echo "input out of sequence ?" ; exit 1 ; }
     test -n "$BDIR" -a ! -d $RPM_BUILD_ROOT$BDIR && create_dir 0755 root root $BDIR
+    test -w $RPM_BUILD_ROOT$BDIR || chmod u+w $RPM_BUILD_ROOT$BDIR
     mkdir -m $MODE $RPM_BUILD_ROOT/$NAME
     echo "$XTRA%%dir %%attr($MODE,$OWNR,$GRUP) $NAME" >> filesystem.list
     case "$NAME" in
@@ -95,15 +96,15 @@ usr/lib64 /lib64
 EOF
 %else
 cat >> directory.list << EOF
-0755 root root /bin
-0755 root root /lib
-0755 root root /sbin
+0555 root root /bin
+0555 root root /lib
+0555 root root /sbin
 %ifarch s390x %sparc x86_64 ppc64 ppc aarch64 ppc64le riscv64
-0755 root root /lib64
+0555 root root /lib64
 %endif
 EOF
 %endif
-cat >> directory.list <<EOF 
+cat >> directory.list <<EOF
 0755 root root %{?usrmerged:/usr}/lib/modules
 0755 root root %{_firmwaredir}
 EOF