machine: policykit string fixes

machined: beef up PolicyKit actions Introduce separate actions for creating login or shell sessions for the local host or a local container. By default allow local unprivileged clients to create new login sessions (which is safe, since getty will ask for username and authentication). Also, imply login privs from shell privs, as well as shell and login privs from manage privs.

machined: introduce pseudo-machine ".host" refererring to the host system Some of the operations machined/machinectl implement are also very useful when applied to the host system (such as machinectl login, machinectl shell or machinectl status), hence introduce a pseudo-machine by the name of ".host" in machined that refers to the host system, and may be used top execute operations on the host system with. This copies the pseudo-image ".host" machined already implements for image related commands. (This commit also adds a PK privilege for opening a PTY in a container, which was previously not accessible for non-root.)

machined: add new OpenShell() bus call This new bus call opens an interactive shell in a container. It works like the existing OpenLogin() call, but does not involve getty, and instead opens an arbitrary command line. This is similar to "systemd-run -t -M" but is controlled by a specific PolicyKit privilege.

machined: open up most of machined's commands to unprivileged clients via PolicyKit

Remove "to allow" from policy messages It carries no additional information and forces a passive sentence structure which is longer and harder to parse.

machined: fix grammar in org.freedesktop.machine1.policy.in [zj: change "in into" to "into".] https://bugs.freedesktop.org/show_bug.cgi?id=87722

machined: introduce polkit for OpenLogin() call This way "machinectl login" can be opened up to run without privileges.