With rpp-verify you can check the permissions, owner, group and other properties of one or more installed packages. It is used like rpp-query:
rpp-verify [options] [name [version [type [prefix]]]]
where name, version, type and prefix are as in rpp-query. For example to check all binary packages, use:
# rpp-verify - - bin
Any anomalies with respect to the info specified in the original package will be reported. If you specify the -f option the permissions, owner and group will be set to those originally specified in the package.
The -S option verifies the BSD checksum of each package file. To find out what files (those ``owned'' by packages) on your system have been changed:
# rpp-verify -aS ... sendmail 8.6.9 bin / /var/log/sendmail.st: checksum different /etc/sendmail.cf: checksum different ...
This shows that two configuration files in the sendmail package have been altered. This is probably OK, but if you found that /bin/su or some other security sensitive file were changed, you may want to investigate.