- Import commit 523777609a04fe9e590420e89f94ef07e3719baa:
e5e362a udev: exclude MD from block device ownership event locking
8839413 udev: really exclude device-mapper from block device ownership event locking
66782e6 udev: exclude device-mapper from block device ownership event locking (bsc#972727)
1386f57 tmpfiles: explicitly set mode for /run/log
faadb74 tmpfiles: don't allow read access to journal files to users not in systemd-journal
9b1ef37 tmpfiles: don't apply sgid and executable bit to journal files, only the directories they are contained in
011c39f tmpfiles: add ability to mask access mode by pre-existing access mode on files/directories
07e2d60 tmpfiles: get rid of "m" lines
d504e28 tmpfiles: various modernizations
f97250d systemctl: no need to pass --all if inactive is explicitly requested in list-units (bsc#967122)
2686573 fstab-generator: fix automount option and don't start associated mount unit at boot (bsc#970423)
5c1637d login: support more than just power-gpio-key (fate#318444) (bsc#970860)
2c95ecd logind: add standard gpio power button support (fate#318444) (bsc#970860)
af3eb93 Revert "log-target-null-instead-kmsg"
555dad4 shorten hostname before checking for trailing dot (bsc#965897)
522194c Revert "log: honour the kernel's quiet cmdline argument" (bsc#963230)
cc94e47 transaction: downgrade warnings about wanted unit which are not found (bsc#960158)
eb3cfb3 Revert "vhangup-on-all-consoles"
0c28752 remove WorkingDirectory parameter from emergency, rescue and console-shell.service (bsc#959886)
1d6d840 Fix wrong substitution variable name in systemd-udev-root-symlink.service.in (boo#964355)

- Don't allow read access to journal files to users (boo#972612 CVE-2014-9770 CVE-2015-8842)
Remove the world read bit from the permissions of (persistent)
archived journals. This was incorrectly set due to backported commit
18afa5c2a7a6c215.
For the same reasons we also have to fix the permissions of
/run/log/journal/<machine-id> directory to make sure that regular
user won't access to its content.