Right now maintain_kubeusers checks $home/crontab.disabled before disabling k8s, and after disabling indicates success by touching $home/k8s.disabled.
As part of T332514, maintain_kubeusers that needs to change -- it should instead check the s51051__disable_tool.toolstate for the 'crontab_disabled' flag and then set 'kubernetes_disabled' when finished.