z/OS UNIX REXX exec

As documented in Using REXX and z/OS UNIX System Services (SA22-7806), z/OS® UNIX offers the seteuid SYSCALL command to set the effective UID of the current process. There are few things to keep in mind when using the seteuid command.

The seteuid command uses the z/OS UNIX UID, not the MVS™ user ID. You must first determine the UID of the target user ID, which can be done with the getpwnam SYSCALL command.
The user ID executing the seteuid command must have READ permission to the BPX.SRV.<userid> profile in the SURROGAT class of your security product to be able to switch to the user ID identified by <userid> without specifying a password. Note that when multiple user IDs share the same UID, there is no way to determine which one of the user IDs will be checked.

/* rexx */
myID='ibmuser'
say userid()
address SYSCALL 'getpwnam' myID 'pw.'
say pw.1 pw.2 pw.3 pw.4 pw.5
address SYSCALL 'seteuid' pw.2  /* PW_UID = 2 */
say retval errno errnojr
say userid()

This sample logon exit, executed by the started task user ID, will result in the following console messages:

+FEK910I LOGON EXIT: invoking logon processing exit in thread 515
+FEK910I LOGON EXIT: STCRSE
+FEK910I LOGON EXIT: IBMUSER  1 0 / /bin/sh
+FEK910I LOGON EXIT: 0 0 0
+FEK910I LOGON EXIT: IBMUSER
+FEK910I LOGON EXIT: completed logon processing exit in thread 515