loc2log

RedHat Package Manager (all well known rpm) can check integrity of installed components. It can indicate if there were any of installed files modified, or did somebody change a permission?

To run a basic and comprehensive install integrity check, you simply execute (preferably as root):

If there are no issues, you'll get empty output and return code 0. That is:

$ rpm -V libusb
$ echo $?
0

For a modified deployed file you may see something like this:

$ rpm -V httpd
..?...... /usr/sbin/suexec
.....UG.. /var/www
.....UG.. /var/www/cgi-bin
.M...UG.. /var/www/html

In the case of a modified install the return code will be 1:

httpd install test above translates as:

The question mark in rpm -V output means a certain test could not have been performed. In our example above "..?...... /usr/sbin/suexec" means md5 sum can't be calculated for /usr/sbin/suexec.

That is often because rpm can not access a file being verified under current user account. To avoid "can't verify" question mark in the rpm -V output, just execute rpm as root:

$ sudo rpm -V httpd
.....UG.. /var/www
.....UG.. /var/www/cgi-bin
.M...UG.. /var/www/html

See that "..?...... /usr/sbin/suexec" gone? :-)

By default rpm performs a bunch of tests, each denoted by dot in the case of rpm metadata and installed item match, or "what's wrong" attribute otherwise:

1. S - file Size differs
2. M - Mode differs (includes permissions and file type)
3. 5 - MD5 sum differs
4. D - Device major/minor number mismatch
5. L - readLink path mismatch
6. U - User ownership differs
7. G - Group ownership differs
8. T - mTime differs
9. P - caPabilities differ

The output can also have an attribute marker:

c %config configuration file.
d %doc documentation file.
g %ghost file (i.e. the file contents are not included in the package payload).
l %license license file.
r %readme readme file.