Provided by: sysvinit-utils_2.87dsf-4ubuntu17_i386
sulogin - Single-user login
sulogin [ -e ] [ -p ] [ -t SECONDS ] [ TTY ]
sulogin is invoked by init(8) when the system goes into single user
mode. (This is done through an entry in inittab(5).) Init also tries
to execute sulogin when the boot loader (e.g., grub(8)) passes it the
The user is prompted
Give root password for system maintenance
(or type Control-D for normal startup):
If the root account is locked, as is the default on Ubuntu, no password
prompt is displayed and sulogin behaves as if the correct password were
sulogin will be connected to the current terminal, or to the optional
device that can be specified on the command line (typically
If the -t option is used then the program only waits the given number
of seconds for user input.
If the -p option is used then the single-user shell is invoked with a
dash as the first character in argv. This causes the shell process
to behave as a login shell. The default is not to do this, so that the
shell will not read /etc/profile or $HOME/.profile at startup.
After the user exits the single-user shell, or presses control-D at the
prompt, the system will (continue to) boot to the default runlevel.
sulogin looks for the environment variable SUSHELL or sushell to
determine what shell to start. If the environment variable is not set,
it will try to execute root’s shell from /etc/passwd. If that fails it
will fall back to /bin/sh.
This is very valuable together with the -b option to init. To boot the
system into single user mode, with the root file system mounted
read/write, using a special "fail safe" shell that is statically linked
(this example is valid for the LILO bootprompt)
boot: linux -b rw sushell=/sbin/sash
sulogin checks the root password using the standard method (getpwnam)
first. Then, if the -e option was specified, sulogin examines these
files directly to find the root password:
/etc/shadow (if present)
If they are damaged or nonexistent, sulogin will start a root shell
without asking for a password. Only use the -e option if you are sure
the console is physically protected against unauthorized access.
Miquel van Smoorenburg <email@example.com>
17 Jan 2006 SULOGIN(8)