Am 27.06.2013 um 20:36 schrieb Rob Townley <rob.townley at gmail.com>: > Given a particular user or particular group, is there a rpm command that > returns what package created that particular user or particular group? > > Analogous to `rpm -q --whatprovides /etc/security/limits.conf` returns the > package "pam". > Is there an rpm command that returns what package generated a particular > user? > > Most of us already know that the httpd package is associated with the user > apache. But there are passwd and group entries that i would like to verify > and want to know exactly how they got on my system. Further i would like > to know which the security implications of adding another group to a user > account. > > Something like the following command: > `rpm --query --user apache` would return "httpd" > `rpm --query --group pulse-access` might return pulseaudio take a look at the pre/post-script parts of the rpms rpm -q --scripts httpd other users/groups are "installed" via centos setup (anaconda). -- LF