Uninstall rsync Package

An XCCDF Rule

Description

The rsyncd service can be used to synchronize files between systems over network links. The rsync package can be removed with the following command:

$ sudo zypper remove rsync

Rationale

The rsyncd service presents a security risk as it uses unencrypted protocols for communication.

ID: xccdf_org.ssgproject.content_rule_package_rsync_removed
Severity: Medium
References: 2.2.17

CCE-92468-8
Updated: about 1 year ago

- name: Ensure rsync is removed
  package:
    name: rsync
    state: absent
  tags:
  - CCE-92468-8  - disable_strategy
  - low_complexity
  - low_disruption
  - medium_severity
  - no_reboot_needed
  - package_rsync_removed

include remove_rsync

class remove_rsync {
  package { 'rsync':
    ensure => 'purged',
  }}


# CAUTION: This remediation script will remove rsync
#	   from the system, and may remove any packages
#	   that depend on rsync. Execute this
#	   remediation AFTER testing on a non-production
#	   system!
zypper remove -y "rsync"

Uninstall rsync Package

Description

Rationale

Remediation - Ansible

Remediation - Puppet

Remediation - Shell Script