sulogin

sulogin [OPTION...] [TTY]

-p, --putenv NAME=VALUE
    Allows adding or overriding environment variables in the form NAME=VALUE. Can be specified multiple times. These variables will be set in the shell spawned by sulogin.

-e, --force-exit
    Forces sulogin to exit on end-of-file (EOF) from standard input, even if the password prompt was not shown. This can be useful for automated scripts where immediate exit on input termination is desired.

-t, --timeout SECONDS
    Specifies a timeout in seconds. If no input is received within this time after the password prompt is displayed, sulogin will exit. A value of 0 means no timeout.

-r, --force-root
    Forces sulogin to provide a root shell, even if it is not invoked with root privileges. This option is typically used in specific embedded systems or highly controlled recovery scenarios where sulogin might be started by a non-root process but still needs to grant root access for system repair.

TTY
    Specifies the terminal device to open for input and output. For example, /dev/tty1. If not specified, sulogin uses the current controlling terminal.

sulogin provides a single-user shell, typically the root shell, during system boot failures. It is commonly invoked by init or systemd when critical boot processes like filesystem checks (fsck) fail, or when the system enters an emergency or rescue mode. Its primary purpose is to allow system administrators to diagnose and repair issues that prevent the system from booting into multi-user mode.

It operates in a minimalistic environment, often before many services or filesystems are fully mounted. sulogin prompts for the root password, if one is configured, before granting access. If the root password is empty, access is usually granted immediately, making it a crucial tool for recovery operations even in severely damaged systems.

sulogin is typically invoked automatically by init or systemd during boot issues, rather than being manually run by users.

As it provides direct root access, often in a recovery context, it requires careful security considerations. If the root password is not set, sulogin might grant immediate root access, which is a security risk if the console is not physically secured.

The shell provided is usually a minimal environment, and not all system utilities or paths may be immediately available or fully functional until more filesystems are mounted or services started.

sulogin can be influenced by the following environment variables:
SULOGIN_PROMPT: If set, this variable overrides the default password prompt string displayed by sulogin.
SULOGIN_PASSWORD: If set, this variable can be used to provide the root password directly. Note: This is generally insecure and should only be used in highly controlled, automated, and typically offline recovery scripts where direct user interaction is not possible and security risks are mitigated by other means.

sulogin returns the following exit status codes:
0: success
1: operation not permitted (e.g., failed authentication)
2: usage error
3: I/O error
4: unable to open TTY
5: timeout
6: internal error

sulogin is a long-standing utility, part of the util-linux project, which provides a collection of essential Linux system utilities. Its fundamental role as a system recovery mechanism has remained consistent throughout the evolution of Linux, adapting to work with different init systems like SysVinit and systemd. It continues to be a critical component for diagnosing and repairing boot-time issues.

login(1), init(8), systemd(1), fsck(8), passwd(5)