Comment # 2 on bug 1231494 from Cathy Hu

@Johannes, i think it might have to do with the fix for bsc#1209890, could you
have a look? feel free to unassign yourself if you dont have the time ;D

my theory is when rsyncd is called by systemd, it transitions into rsync_t and
then tries to execute the rsyncd wrapper from bsc#1209890, see:
https://gitlab.suse.de/selinux/selinux-policy/-/blob/factory/policy/modules/contrib/rsync.te?blame=1#L51
https://build.opensuse.org/projects/network/packages/rsync/files/rsyncd?expand=1

when i run in permissive at least it looks like it:
----
time->Thu Oct 17 18:35:16 2024
type=AVC msg=audit(1729182916.865:1742): avc:  denied  { execute } for 
pid=242836 comm="rsyncd" path="/usr/bin/bash" dev="vda3" ino=924322
scontext=system_u:system_r:rsync_t:s0
tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
----
time->Thu Oct 17 18:35:16 2024
type=AVC msg=audit(1729182916.868:1743): avc:  denied  { execute } for 
pid=242836 comm="rsyncd" name="rsync" dev="vda3" ino=924189
scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:object_r:bin_t:s0
tclass=file permissive=1
----
time->Thu Oct 17 18:35:16 2024
type=AVC msg=audit(1729182916.868:1744): avc:  denied  { execute_no_trans } for
 pid=242836 comm="rsyncd" path="/usr/bin/rsync" dev="vda3" ino=924189
scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:object_r:bin_t:s0
tclass=file permissive=1
----
time->Thu Oct 17 18:35:16 2024
type=AVC msg=audit(1729182916.868:1745): avc:  denied  { open } for  pid=242836
comm="rsync" path="/var/log/rsyncd.log" dev="vda3" ino=1181678
scontext=system_u:system_r:rsync_t:s0
tcontext=unconfined_u:object_r:var_log_t:s0 tclass=file permissive=1