--- Apps/shellsnoop.orig	2014-06-04 09:00:10.000000000 -0400
+++ Apps/shellsnoop	2014-06-04 09:01:29.000000000 -0400
@@ -140,7 +140,7 @@
  /*
   * Remember this PID is a shell child
   */
- syscall::exec:entry, syscall::exece:entry
+ syscall::exec:entry
  /execname == "sh"   || execname == "ksh"  || execname == "csh"  || 
   execname == "tcsh" || execname == "zsh"  || execname == "bash"/
  {
@@ -151,7 +151,7 @@
 	OPT_debug == 1 ? printf("PID %d CMD %s started. (%s)\n",
 	    pid, execname, stringof(this->parent)) : 1;
  }
- syscall::exec:entry, syscall::exece:entry
+ syscall::exec:entry
  /(OPT_pid == 1 && PID != ppid) || (OPT_uid == 1 && UID != uid)/
  {
 	/* forget if filtered */
@@ -256,12 +256,12 @@
  /*
   *  Cleanup
   */
- syscall::rexit:entry
+ syscall::exit:entry
  {
 	child[pid] = 0;
 
 	/* debug */
-	this->parent = (char *)curthread->t_procp->p_parent->p_user.u_comm;
+	this->parent = (char *)curthread->td_proc->p_pptr->p_comm;
 	OPT_debug == 1 ? printf("PID %d CMD %s exited. (%s)\n",
 	 pid, execname, stringof(this->parent)) : 1;
  }