Product SiteDocumentation Site

A.2.5. Verifying Packages

Verifying a package is comparing information about files on the system installed from a package with the same information from the original package. Among other parameters, verifying compares the file size, MD5 sum, permissions, type, owner, and the group of each file.
Use the rpm command with the -V (or --verify) option to verify packages. For example:
~]$ rpm -V tree
See the Package Selection Options subheading in the rpm(8) manual page for a list of options that can be used to further refine or qualify your query. Use options listed below the Verify Options subheading to specify what characteristics to verify in the queried packages.
If everything verifies properly, there is no output. If there are any discrepancies, they are displayed. The output consists of lines similar to these:
~]# rpm -V abrt
S.5....T.  c /etc/abrt/abrt.conf
.M.......    /var/spool/abrt-upload
The format of the output is a string of nine characters followed by an optional attribute marker and the name of the processed file.
The first nine characters are the results of tests performed on the file. Each test is the comparison of one attribute of the file to the value of that attribute as recorded in the RPM database. A single period (.) means the test passed, and the question-mark character (?) signifies that the test could not be performed. The following table lists symbols that denote specific discrepancies:
Table A.1. RPM Verification Symbols
Symbol Description
S file size differs
M mode differs (includes permissions and file type)
5 digest (formerly MD5 sum) differs
D device major/minor number mismatch
L readLink(2) path mismatch
U user ownership differs
G group ownership differs
T mtime differs
P capabilities differ

The attribute marker, if present, describes the purpose of the given file. The following table lists the available attribute markers:
Table A.2. RPM Verification Symbols
Marker Description
c configuration file
d documentation file
l license file
r readme file

If you see any output, use your best judgment to determine if you should remove the package, reinstall it, or fix the problem in another way.