security/base-audit: Add the ability to specify ignored jails

security_status_baseaudit_jails_ignore is a space delimited list of jails
to ignore.

If non-empty, the code iterates over security_status_baseaudit_jails_ignore
to avoid partial matches (i.e. ignore foo.bar, but not foo). If there is a
better way to do that without looping, please let me know.

Example use case: I have jails which purposely are older vulnerable versions
for testing.

PR: 257685
Approved by: 000.fbsd@quip.cz (maintainer)