ipa-compat-manage disable doesn't delete the sudoers entry which can leave things in a bad state. It should remove this when disabling and re-add it when enabling (if required).
This bug is blocked by another bug: https://bugzilla.redhat.com/show_bug.cgi?id=660399
But there is a workaround of using an origin filter that will never match, that is working fine for now. I agree we do not plan to fix the BZ until later so it should be moved to 2.2.
Ticket intention changed: Create Tool for Enabling/Disabling Managed Entry Plugins freeipa-jraquino-0025-Create-a-means-for-disabling-Private-Group-creation.patch
Ignore this patch, it was added to this ticket accidentally, and does not apply to this ticket.
I apologize. I had misread the code and request. I mistakenly thought that this plugin was effected by the same bug that plagues Managed Entry Plugins.
The request is valid, and I am submitting the 1 liner patch that resolves this issue.
This fix can be easily applied to 2.1.
AUTHORITATIVE PATCH: Please ignore the previous one due to a typo freeipa-jraquino-0026-Delete-the-sudoers-entry-when-disabling-Schema-Compat.patch
master: 23781c0
ipa-2-0: df5b7d1
Metadata Update from @rcritten: - Issue assigned to jraquino - Issue set to the milestone: FreeIPA 2.1 - 2011/08 (Final)
Login to comment on this ticket.