pam_lastlog does not write to /var/log/lastlog

I am using pamela with JupyterHub to open PAM sessions for my users. I am on CentOS 8 and I am using the login service. I can see in /var/log/secure > pam_unix(login:session): session opened for user testuser by (uid=0) and in /var/log/messages > systemd\[1\]: Started Session 8341 of user testuser Furthermore there are no erros logged in /var/log/{messages|secure|audit/audit.log}. But with a new user succesfull logged in to JupyterHub, the lastlog command still says that this user has never logged in. So I think I miss some requirements for pam_lastlog in order to write information to /var/log/lastlog. pam_open_session is called in a subprocess with root privileges. Maybe this subprocess needs to be tied to a pts or tty in order to write useful information to /var/log/lastlog? This is the /etc/pamd.d/login file: #%PAM-1.0 auth substack system-auth auth include postlogin account required pam_nologin.so account include system-auth password include system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so session optional pam_console.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open session required pam_namespace.so session optional pam_keyinit.so force revoke session include system-auth session include postlogin -session optional pam_ck_connector.so this is in /etc/pamd.d/postlogin #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authselect is run. session optional pam_umask.so silent session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet session [default=1] pam_lastlog.so nowtmp showfailed session optional pam_lastlog.so silent noupdate showfailed and this is in /etc/pamd.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authselect is run. auth required pam_env.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so