Is There A Rpm Command To Find The Package That Created A Particular User Or Particular Group?

Home » General » Is There A Rpm Command To Find The Package That Created A Particular User Or Particular Group?
General 4 Comments

Given a particular user or particular group, is there a rpm command that returns what package created that particular user or particular group?

Analogous to `rpm -q –whatprovides /etc/security/limits.conf` returns the package “pam”. Is there an rpm command that returns what package generated a particular user?

Most of us already know that the httpd package is associated with the user apache. But there are passwd and group entries that i would like to verify and want to know exactly how they got on my system. Further i would like to know which the security implications of adding another group to a user account.

Something like the following command:
`rpm –query –user apache` would return “httpd”
`rpm –query –group pulse-access` might return pulseaudio

4 thoughts on - Is There A Rpm Command To Find The Package That Created A Particular User Or Particular Group?

  • Am 27.06.2013 um 20:36 schrieb Rob Townley :

    take a look at the pre/post-script parts of the rpms

    rpm -q –scripts httpd

    other users/groups are “installed” via CentOS setup (anaconda).

  • –scripts is helpful, the following returns a great deal of package scripts having to do with users and groups, but ideally would return just the package names involved in creating the user or group.

    rpm -qa –scripts | egrep ‘user|group|id\s|getent|pass’

    rpm -qa –scripts | less does not seem to list any package names, but may be a more formal rpm would help:

    rpm –queryformat “%{FILEUSERNAME} %{TRIGGERSCRIPTS}
    %{TRIGGERSCRIPTPROG}\n” –query httpd

    does not return a script name and i do not see anything else in rpm
    –querytags that would help.

    Has to be a way, but not today.

  • Just saw this. Here’s how to do it via brute force. I have the user
    “ovirtagent” on one of my boxes, and wanted to find out who provided it. So I did the following:

    rpm –qf “%{NAME}\n” -qa | while read rname ; do if rpm -q –scripts
    ${rname} | grep -q ovirtagent ; then echo $rname ; fi ; done

    It’s not efficient, but it works.

    -I

  • Ian Forde wrote:

    Does ovirtagent own any files? If so, rpm -q –whatprovides
    /what/ever/ovirtagentfile will do the job.

    mark

LEAVE A COMMENT