Hello Max.

On 10/11/2013 22:44, Max B wrote:

in shadow-4.1.5.1/src/login.c , which reads /etc/login.defs for FAILLOG_ENAB

#ifndef USE_PAM
<snip>

Does anyone know why this segment of code is unused when USE_PAM is defined??

<snip>

That is because there is a PAM module that does the same thing (and evidently deprecates the previously mentioned code).

See:
http://linux.die.net/man/8/pam_lastlog
and
http://unix.stackexchange.com/questions/77801/show-last-login-information-when-su

Thanks

Gavin