Does Linux have some C interface similar to setuid, which allows a program to switch to a different user using e.g. the username/password? The problem with setuid is that it can only be used by superusers.
I am running a simple web service which requires jobs to be executed as the logged in user. So the main process runs as root, and after the user logs in it forks and calls setuid to switch to the appropriate uid. However, I am not quite comfortable with the main proc running as root. I would rather have it run as another user, and have some mechanism to switch to another user similar to su (but without starting a new process).
No, there is no way to change UID using only a username and password. (The concept of a “password” is not recognized by the kernel in any fashion — it only exists in userspace.) To switch from one non-root UID to another, you must become root as an intermediate step, typically by
exec()-uting a setuid binary.Another option in your situation may be to have the main server run as an unprivileged user, and have it communicate with a back-end process running as root.