For UNIX users that exist only to run daemons, it is customary to set the user's shell to /bin/false or /usr/sbin/nologin. Setting RUN_AS_USER to such an account will fail to start the wrapped java process because "su - USERNAME" fails to switch to a user without a valid shell.
For Linux, this is usually solved by using "su -s /bin/sh - USERNAME", overriding the user's shell in the context of this command. Unfortunately, this is not a cross-platform solution, as there does not exist an equivalent option for su on Mac OS X, and I do not know about the other supported platforms.
Using sudo instead of su solves this problem on all platforms I have access to, but I am unsure about possible ramifications.
It might be fixed already ; please could you check?
The configuration variable SU_OPTS introduced in version 3.5.26 can be used to mitigate the problem (at least on systems supporting a corresponding option for "su"). The behavior is documented in the script, so I think this issue can be closed.