Skip to main content
Explain

What is Login Shell in Linux?

You probably are aware of the shell in Linux. This is where you enter commands and execute programs. But what is this login shell and how is it different from the regular shell?

Abhishek Prakash

The login shell is the first process that is executed with your user ID when you log into an interactive session.

This may seem simple at the surface but if you dig deep, it could get confusing a bit. To understand, let's see revisit the login process in Linux systems.  

Linux is a multi-user system where multiple users can log in and use the system at the same time.

The first process in a Linux system, be it init or systemd, starts a getty program. This getty, short for 'get tty' (tty denotes physical or virtual terminals), is responsible for protecting the system from unauthorized access.

login process in Linux

When you try to connect to a Linux system either directly (if you have a server installed on a system locally) or via SSH (if you have the server on a remote location), getty prompts (through login program) you to enter your username and when the user name is entered, it prompts for the password.

Your entries are verified against the information stored in /etc/passwd file. The entries in the /etc/passwd file has some information like username, userid, home directory and the first program that should be started after login succeeds.

etc passwd file in Linux

As you can see in the picture above, the first program to start when the user abhishek logs in. For standard users in Linux, it is the login shell.

There could be other values in the field as well. For example, sshd is a system user, not a real user and it can not log in to the system interactively like a regular user like abhishek.

sshd:x:110:65534::/run/sshd:/usr/sbin/nologin

If there is no entry in the column of the first program/log in shell, it is defaulted to /bin/sh, i.e. the standard shell.

I hope it was not too much information.

Login shell vs non-login shell

Alright, so you logged into a system and know that it's a login shell. But what does it mean? Are there other shells as well? Where are they?

In Linux, when you run a shell script, it runs in its own shell (a non-interactive shell). You can start a new shell from your current shell (an interactive shell).

Changing shell in Linux

In technical terms, these are subshell but more on this topic later. Let's focus on login shell for now.

Profile and RC files for the shell

The login shell reads environment variable and other configuration from /etc/profile and a profile file in the home directory. This allows you to have tab completion, colored output and sets other stuff such as umask etc.

You probably know that there are more than one shell available for Linux systems. Most Linux distributions use bash shell by default but you may install a different shell like zsh or Fish shell.

If your login shell is bash, it reads from /etc/profile and ~/.bash_profile file. If your login shell is zsh, it reads from /etc/zprofile and ~/.zprofile.

The files in /etc directory sets the respective shell configuration for all the users on the system. This is normally set up by the system administrator.

The files in the home directory of the user are user-specific, obviously. This allows users to create alias for frequently used commands or use a custom PATH variable for a program.

The non-login shells originates from the login shell and hence it gets all the environment set by the login shell via the profile files. In addition to that, non-login, interactive shell can define their own environment variables through rc (resource configuration) files in /etc or home directory.

For bash shell, it is usually, /etc/bash.bashrc and ~/.bash_rc files while for zsh shell, it is /etc/zshrc and ~/.zshrc.

Let me show the difference with a practical example.

Notice how the shell prompt changes to green-ish color? It's because it reads /etc/bash.bashrc file and Ubuntu has put additional parameters in this file. Colored prompt is one of them.

To summarize:

  • The profile files are for interactive login shells. The rc files are for interactive non-login shells.
  • Files in /etc directory are executed first and then the files in the home directory.
  • The non-login, interactive shells benefit from both profile and rc files.

How to know if you are in a login shell?

That's very simple actually, at least for the bash shell. For login shell, the name of the shell executable starts with -. For non-login shell, it's just the name of the shell.

You know how to check the shell, right? You check the value of argument 0.

Checking if it is login shell
On desktop Linux, you don't use login shell. Your login is managed by a display manager. This is why when you open a terminal in Linux desktop, you'll see that even the first shell running in the terminal is not login shell.

I have tried to make things clear about login shell here. However, if you never wondered about these things, it may leave some unanswered questions. Feel free to ask it in the comment section and I'll try to answer them.

If you are an expert user reading this and find something technically incorrect or some important point missing, please let me know in the comments.

Abhishek Prakash