Debug/developer scan fails on KRB-1000

[rm-td]

Describe the bug
Latest pull from git as of today 14FEB25 fails on a debug scan.

I am actually trying to discover why Lynis fails on FINT-4315 saying aide.conf has error when setting Checksums=sha256 instead of Checksums=H but anyhow. Debug notes state to run in developer mode "lynis audit system --profile developer.prf" which stops at KRB-1000 with error as follows:

[+] Kerberos
------------------------------------
[DEBUG] Performing test ID KRB-1000 (Check for Kerberos KDC tools)
./lynis: 12: /root/lynis/include/tests_kerberos: KADMINLOCALBINARY: parameter not set

This does not occur when running a normal scan "lynis audit system" with or without a custom.prf

Version

• Distribution Debian 12 latest stable patches, no backports or mods
• Lynis version latest pull from Git dated 14FEB25 showing version 3.1.5

Expected behavior
Debug/developer test to complete successfully.

[rm-td]

Just realised forgot to add output.
This is from running "lynis audit system --profile developer.prf" as debug notes state.
Output normal for the first part, eg kernel, memory and processes, users groups and authentication then stops on kerberos with output as follows:

[+] Kerberos
------------------------------------
[DEBUG] Performing test ID KRB-1000 (Check for Kerberos KDC tools)
./lynis: 12: /root/lynis/include/tests_kerberos: KADMINLOCALBINARY: parameter not set

I dont have any kerberos principals, these aren't AD realm joined so if I don't have the binaries installed then kadmin will not be avaiable. I don't think the script should bork?

This doesnt happen when doing a "normal" scan eg "lynis audit system" either with or without a custom.prf, only happens on developer/debug. Annd the reason for needing a debug scan is linked to another ticket.