From 059505459b8cbe138665b91c89f7bab7f8bab97b Mon Sep 17 00:00:00 2001
From: Emery Hemingway <emery@slow.janky.email>
Date: Thu, 16 Jan 2025 07:56:43 +0530
Subject: [PATCH] nixos: remove rsync from environment.defaultPackages

Rsync is a security liability.
---
 nixos/doc/manual/release-notes/rl-2505.section.md | 2 ++
 nixos/modules/config/system-path.nix              | 1 -
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/nixos/doc/manual/release-notes/rl-2505.section.md b/nixos/doc/manual/release-notes/rl-2505.section.md
index fd625646c11e8f..f03b027149ba59 100644
--- a/nixos/doc/manual/release-notes/rl-2505.section.md
+++ b/nixos/doc/manual/release-notes/rl-2505.section.md
@@ -275,6 +275,8 @@
 
 - `python3Packages.opentracing` has been removed due to being unmaintained upstream. [OpenTelemetry](https://opentelemetry.io/) is the recommended replacement.
 
+- `rsync` has been removed from environment.defaultPackages.
+
 - Default file names of images generated by several builders in `system.build` have been changed as outlined in the table below.
 
   Names are now known at evaluation time and customizable via the new options `image.baseName`, `image.extension`, `image.fileName` and `image.filePath` with the latter returning a path relative to the derivations out path (e.g. `iso/${image.fileName` for iso images).
diff --git a/nixos/modules/config/system-path.nix b/nixos/modules/config/system-path.nix
index 42e40e2af5e442..19e174367b93dd 100644
--- a/nixos/modules/config/system-path.nix
+++ b/nixos/modules/config/system-path.nix
@@ -46,7 +46,6 @@ let
 
   defaultPackageNames = [
     "perl"
-    "rsync"
     "strace"
   ];
   defaultPackages = map (