Information
The rsyncd service can be used to synchronize files between systems over network links.
Rationale:
Unless required, the rsync package should be removed to reduce the attack surface area of the system.
The rsyncd service presents a security risk as it uses unencrypted protocols for communication.
Note: If a required dependency exists for the rsync package, but the rsyncd service is not required, the service should be masked.
Impact:
There are packages that are dependent on the rsync package. If the rsync package is removed, these packages will be removed as well.
Before removing the rsync package, review any dependent packages to determine if they are required on the system. If a dependent package is required, mask the rsyncd service and leave the rsync package installed.
Solution
Run the following command to remove the rsync package:
# yum remove rsync
OR
Run the following command to mask the rsyncd service:
# systemctl --now mask rsyncd