Use real executed program in logs instead of the script that was executed.

For example, this used to give false logs of matching fingerprint for
foo.sh while foo.sh don't have an entry, and the program executed (and
matching the fingerprint) is the interpreter - /bin/sh.

sys/kern/kern_exec.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_exec.c,v 1.205 2005/07/16 22:47:18 christos Exp $	*/
+/*	$NetBSD: kern_exec.c,v 1.206 2005/07/29 22:37:11 elad Exp $	*/
 
 /*-
  * Copyright (C) 1993, 1994, 1996 Christopher G. Demetriou
@@ -33,7 +33,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.205 2005/07/16 22:47:18 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.206 2005/07/29 22:37:11 elad Exp $");
 
 #include "opt_ktrace.h"
 #include "opt_syscall_debug.h"
@@ -270,8 +270,9 @@ check_exec(struct proc *p, struct exec_package *epp, int flag)
 
 
 #ifdef VERIFIED_EXEC
-        /* Evaluate signature for file... */
-        if ((error = veriexec_verify(p, vp, epp->ep_vap, epp->ep_name,
+        if ((error = veriexec_verify(p, vp, epp->ep_vap,
+				     (flag == VERIEXEC_INDIRECT) ?
+				     epp->ep_ndp->ni_dirp : epp->ep_name,
 				     flag, NULL)) != 0)
                 goto bad2;
 #endif