Just a suggestion about /bin/login: It seems to be logging security-related messages such as "LOGIN FAILURES ON ttyp2" or "ROOT LOGIN REFUSED ON ttyp2" at a "kern.err" level, which happens to be the same facility and level used by the Sun Kernel for all the boot messages. As a result, it's difficult to isolate these messages to a single security-related log without accumulating the boot messages as well. For information, Sun's login logs these messages at an "auth.crit" level, which makes it very easy to isolate security-related messages to a single log. I hope someone finds this comment helpful. Brian (Speaking for myself, not RPI)
