auditctl uses wrong syscall to determine uid

With my patch:

antarus@goats2 /tmp $ ./foo
45531
0
LIST_RULES: exit,always dir=/etc/audit (0xa) perm=wa key=etc_audit
LIST_RULES: exit,always watch=/etc/default/auditd perm=wa key=etc_default_auditd
LIST_RULES: exit,always watch=/etc/init.d/auditd perm=wa key=etc_init.d_auditd
LIST_RULES: exit,always watch=/etc/libaudit.conf perm=wa key=etc_libaudit.conf
LIST_RULES: exit,always dir=/etc/audisp (0xb) perm=wa key=etc_audisp
LIST_RULES: exit,always watch=/etc/ssh/ssh_config perm=wa key=ssh
LIST_RULES: exit,always watch=/etc/ssh/sshd_config perm=wa key=ssh
LIST_RULES: exit,always watch=/etc/ssh/ssh_host_dsa_key perm=wa key=ssh
LIST_RULES: exit,always watch=/etc/ssh/ssh_host_rsa_key perm=wa key=ssh
LIST_RULES: exit,always watch=/etc/ssh/ssh_host_key perm=wa key=ssh
LIST_RULES: exit,always watch=/etc/shadow perm=wa key=password
LIST_RULES: exit,always watch=/dev/mem perm=wa key=kernel
LIST_RULES: exit,always arch=3221225534 (0xc000003e) filetype=32768 (0x8000) a1&3072 (0xc00) key=chmod syscall=chmod,fchmod
LIST_RULES: exit,always arch=3221225534 (0xc000003e) filetype=32768 (0x8000) a2&3072 (0xc00) key=chmod syscall=fchmodat

The attachment "Change getuid() to geteuid()" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

I see that this was discussed in the upstream mailing list:

https://www.redhat.com/archives/linux-audit/2012-March/msg00009.html

It looks like these changes were released upstream as part of audit 2.2.1:

https://fedorahosted.org/audit/changeset/682/trunk/src/auditctl.c
https://fedorahosted.org/audit/changeset/684/trunk/src/auditctl.c
https://fedorahosted.org/audit/changeset/687/trunk/src/auditctl.c

Those changeset links were not complete. Here are the complete set of upstream changes:

https://fedorahosted.org/audit/changeset/682/
https://fedorahosted.org/audit/changeset/684/
https://fedorahosted.org/audit/changeset/687/

This bug was fixed in the package audit - 1:2.2.2-1ubuntu1

---------------
audit (1:2.2.2-1ubuntu1) raring; urgency=low

  * Merge from Debian experimental (LP: #1092760). Remaining changes:
    - debian/auditd.init: apply the intent of Peter Moody's patch to add
      support for rules.d directory for splitting out audit.d rules
  * The new upstream release fixes two outstanding Ubuntu bugs:
    - audispd binary has incorrent permissions (LP: #683220)
      + In auditd, relax some permission checks for external apps
    - auditctl uses wrong syscall to determine uid (LP: #957519)
      + In auditctl, check usage against euid rather than uid
  * Fix FTBFS caused by Python mulitarch layout which splits Python header
    files across multiple directories
    - debian/patches/FTBFS-python-multiarch.diff: Use python-config to
      determine the appropriate include directories

audit (1:2.2.2-1) experimental; urgency=low

  * QA upload.
  * New upstream release
    - Add debian/patches/fix-make-check.diff: Try to unbreak make check
    - debian/auditd.install: Install systemd service file
    - debian/libauparse0.symbols: Adjust .symbols file
  * Enable support for Alpha and ARM ABI (Closes: #681457)

audit (1:2.2.1-2) experimental; urgency=low

  * QA upload.
  * Orphan audit package with maintainer approval
  * Split libauparse out of libaudit package and put /etc/libaudit.conf in its
    own package thanks to Alban Browaeys (Closes: #682251)
  * Drop useless debian/patches/rpath.diff and call to chrpath, call
    dh_autoreconf to be sure autofoo are up-to-date instead.
  * debian/auditd.install: Install auvirt executable, thanks to Guido Günther
    (Closes: #688440)
  * Convert to multiarch policy (Closes: #687121)
  * Add missing X-Python-Version header
  * Enable libcap-ng support
  * Let's dh_python2 take care of removing *.p[co] files
  * Drop pam-config stanza for loginuid, it's only intended to be called from
    entry point PAM services (Closes: #676527)
  * Drop debian/auditd.postinst: this was needed before squeeze release
  * Drop useless debian/patches/ld-no-add-needed.diff: libkrb5 is already
    properly passed at link time
  * Drop debian/patches/mode.diff: Upstream is now checking if the mode of the
    executable is either 0750 or 0755 and not only 0750
  * Drop several patches and files that were not used anymore but not dropped
    on disk
  * Refresh and reapply debian/patches/manpage-dash.diff
  * debian/control: Add Vcs-* fields
  * Add debian/gbp.conf file
  * Run wrap-and-sort script
  * Only attempt to build on linux-any architectures

audit (1:2.2.1-1) experimental; urgency=low

  * Non-maintainer upload (with maintainer's blessing)
  * New upstream release
  * Refit patches
  * debian/control: bump Standards-Version (no changes)
  * debian/control: bump versioned build dep on debhelper to 9
  * debian/control: add build dep on dpkg-dev >= 1.16.1~ to get
    dpkg-buildflags support for hardening
  * debian/compat: bump up to 9

audit (1:1.7.18-1.1) unstable; urgency=low

  * Non-maintainer upload.
  * Revert last upload versioned 2.1.3-1 and made by Russell Coker.
 -- Tyler Hicks <email address hidden> Thu, 20 Dec...