kern: Fix credentials leaks on RACCT but no RCTL

Affected system calls: setuid(), setreuid(), setresuid(), jail_attach(),
setloginclass().

In these system calls, the crhold() calls that, on RACCT, make the
just-installed process credentials survive a concurrent change of the
same credentials just after PROC_UNLOCK() were not matched by
a corresponding crfree() when RCTL is off. In fact, in that latter
case, they are simply not necessary, so wrap them with '#ifdef RCTL'
stances. 'kern_rctl.c' causes a compile error if RACCT is not defined
but RCTL is, so ease reading by not nesting '#ifdef's.

Approved by: re (cperciva)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53456

(cherry picked from commit f4315ff8b3fee71eb0098864a84618f2f8ba85d5)
(cherry picked from commit 4db768b01cd78666949bbd67ba611e9e47ed710d)