Skip to content

2.1.13 Ensure rsync services are not in use

Audit#

Run the following command to verify rsync is not installed: 

# dpkg-query -s rsync &>/dev/null && echo "rsync is installed"
Nothing should be returned.

- OR - - IF - the rsync package is required as a dependency: Run the following command to verify rsync.service is not enabled: 

# systemctl is-enabled rsync.service 2>/dev/null | grep 'enabled'
Nothing should be returned.

Run the following command to verify rsync.service is not active: 

# systemctl is-active rsync.service 2>/dev/null | grep '^active
Nothing should be returned.

Note: If the package is required for a dependency - Ensure the dependent package is approved by local site policy - Ensure stopping and masking the service and/or socket meets local site policy

Remediation#

Run the following commands to stop rsync.service, and remove the rsync package 

# apt purge rsync
- OR - - IF - the rsync package is required as a dependency: Run the following commands to stop and mask rsync.service: 
# systemctl stop slapd.service
# systemctl mask slapd.service