Information
The rsyncd.service can be used to synchronize files between systems over network links.
Unless required, the rsync-daemon package should be removed to reduce the potential attack surface.
The rsyncd.service presents a security risk as it uses unencrypted protocols for communication.
Solution
Run the following commands to stop rsyncd.socket and rsyncd.service and remove the rsync-daemon package:
# systemctl stop rsyncd.socket rsyncd.service
# dnf remove rsync-daemon
- OR -
- IF - the rsync-daemon package is required as a dependency:
Run the following commands to stop and mask the rsyncd.socket and rsyncd.service :
# systemctl stop rsyncd.socket rsyncd.service
# systemctl mask rsyncd.socket rsyncd.service
Impact:
There may be packages that are dependent on the rsync-daemon package. If the rsync-daemon package is removed, these dependent packages will be removed as well. Before removing the rsync-daemon package, review any dependent packages to determine if they are required on the system.
- IF - a dependent package is required: stop and mask the rsyncd.socket and rsyncd.service leaving the rsync-daemon package installed.