[apparmor] audit and quiet rules

[John Johansen]

Currently apparmor's audit and quiet rules are tied to granting or denying a specific set
of permissions.
  ie.
     audit /foo r,   means audit and allow reads of access to /foo
     deny  /foo w,   means deny write to /w and quiet (don't audit) logging of the failed
                     access.

I would like to propose extending the language to allow specifying an auditing and quieting,
separate from an explicit permission grant, via new audit_rulea and quiet_rules

  eg.
    audit_rules /* r,

    would mean add audit to any portion of a rule that intersects with the rule specified
    in audit_rules.