Although the implementation for AuditClient.Delete is only used to back
AuditClient.DeleteAll, we'd like to be able to delete individual rules.
This commit adds checking of the netlink error field and reports when
the deletion has failed.  When DeleteAll is called, we ignore the ENOENT
return since it could've raced somewhere and we don't actually care
since we're deleting all of the rules.

Rule.Build assumes that if no syscalls are specified they all are set.
This is really only the case when the exit list is used since the
syscall numbers aren't available in the other lists.  When we assume
that all of the syscalls are enabled, we end up generating wireformat
rules for e.g. 'task,never' that have all of the syscall bits set.  That
doesn't match what is already used when 'auditctl -a task,never' is
used.  It may be ignored by the kernel when such a rule is added, but
it would cause problems when that rule is deleted.

We currently don't handle the '-d' or '-W' options that would remove
list rules or file watches.  This commit adds support to handle those
properly.  rule.ToCommandLine still returns the expected result, but
I've added a rule.ToCommandLineAddRemove that takes a bool indicating
whether the rule would be added or removed.  This was required to do
testing of deletion rules.