Logging Root Execs

This patch was orignally made by Warren Toomey for FreeBSD 1.X kernel.
The patch is modified for FreeBSD 2.X kernel after the patch.

Monitoring root execve systemcall may provide an audit trail of commands
that the intruder performed as root.  Of course, this patch does not help
to stop an attack on your system.


To enable the logging, type as follows:
	sysctl -w kern.log_root_exec=1

KATO Takenori <kato@FreeBSD.org>