From 250cc8f043bd3dcf56356c400653850f03131dd9 Mon Sep 17 00:00:00 2001
From: Marcus Burghardt <maburgha@redhat.com>
Date: Wed, 11 Oct 2023 08:48:02 +0200
Subject: [PATCH] Simplify bash remediation

The group must exist and must be empty. Reduced the number of commands
to achieve these goals.
---
 .../ensure_pam_wheel_group_empty/bash/shared.sh            | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
index 3c3d7881432..7ba3db7f17a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
@@ -7,9 +7,4 @@ if ! grep -q "^${var_pam_wheel_group_for_su}:[^:]*:[^:]*:[^:]*" /etc/group; then
 fi
 
 # group must be empty
-grp_memb=$(groupmems -g ${var_pam_wheel_group_for_su} -l)
-if [ -n "${grp_memb}" ]; then
-    for memb in ${grp_memb}; do
-        deluser ${memb} ${var_pam_wheel_group_for_su}
-    done
-fi
+groupmems -g ${var_pam_wheel_group_for_su} -p