The NoLogin authentication component
  (pam_sm_authenticate()), always returns success for
  the superuser, and returns success for all other users if the file
  /etc/nologin does not exist. If
  /etc/nologin does exist, then its contents are echoed
  to non-superusers before failure is returned. If a "nologin"
  capability is specified in
  login.conf(5), then the file
  thus specified is used instead. This usually defaults to
  /etc/nologin.
The following options may be passed to the authentication
  module:
  - debug
- syslog(3) debugging
      information at LOG_DEBUGlevel.
- no_warn
- suppress warning messages to the user. These messages include reasons why
      the user's authentication attempt was declined.