Well... Just an idea.
In bash you can unset $PATH in your .bashrc and set a special bash function "command_not_found_handle" with setting local variable PATH and then invoking the command: sudo "$@" .
Well, i did try but to no avail.
I found and example function to avoid sudo completly and log root commands, but it runs in infinite loop using posix shell (/sbin/sh) and trap <function> DEBUG
I'm unable to determine why is it working in everything besides posix shell :wall:
This is the code (this works in ksh and bash, but i'm not changing default root shell, since if /usr is not avalible machine won't boot.)
This is .profile