sulogin -- Single-user login


sulogin [ -e ] [ -p ] [ -t timeout ] [ tty-device ]


sulogin is invoked by init(8) when the system goes into single user mode (this is done through an entry in inittab(5)). Init also tries to execute sulogin when it is passed the -b flag from the bootmonitor (eg, LILO).

The user is prompted
Give root password for system login (or type Control-D for normal startup):
sulogin will be connected to the current terminal, or to the optional device that can be specified on the command line (typically /dev/console).

If the -p flag was set, the single-user shell will be invoked with a dash as the first character in argv[0]. That will cause most shells to behave as a login shell. The default is not to do this, so that the shell will not read /etc/profile or $HOME/.profile at startup.

After the user exits the single-user shell, or presses control-d at the prompt, the system will (continue to) boot to the default runlevel.


sulogin looks for the environment variable SUSHELL or sushell to determine what shell to start. If the environment variable is not set, it will try to execute root’s shell from /etc/passwd. If that fails it will fall back to /bin/sh.

This is very valuable together with the -b flag to init. To boot the system into single user mode, with the root file system mounted read/write, using a special "failsafe" shell that is statically linked (this example is valid for the LILO bootprompt)

boot: linux -b rw sushell=/sbin/sash


sulogin checks the root password using the standard method (getpwnam) first. Then, if the -e option was specified, sulogin examines these files directly to find the root password:

/etc/passwd, /etc/shadow (if present)

If they are damaged or non-existant, sulogin will start a root shell without asking for a password. Only use the -e option if you are sure the console is physically protected against unauthorized access.


Miquel van Smoorenburg <>


init(8), inittab(5).

openSUSE Logo