ephemeral: change systemd units to handle ConditionFirstBoot

[cgwalters]

Basically bcvk doesn't work with FCOS because

$ podman run --rm -ti quay.io/fedora/fedora-bootc:42 ls -al /etc/machine-id
-rw-r--r--. 1 root root 0 Jan  1  1970 /etc/machine-id
$ podman run --rm -ti quay.io/fedora/fedora-coreos:stable ls -al /etc/machine-id
ls: cannot access '/etc/machine-id': No such file or directory

So this triggers ConditionFirstBoot which then runs a preset, and removes our generated units:

$ bcvk ephemeral run-ssh --bind-storage-ro quay.io/fedora/fedora-bootc:42 ls -al /etc/systemd/system/local-fs.target.wants/
total 16
drwxr-xr-x 1 root root  80 Oct 30 13:22  .
drwxr-xr-x 1 root root 256 Oct 30 13:22  ..
lrwxrwxrwx 2 root root  46 Jan  1  1970  ostree-remount.service -> /usr/lib/systemd/system/ostree-remount.service
lrwxrwxrwx 1 root root  43 Oct 30 13:22 'run-virtiofs\x2dmnt\x2dhoststorage.mount' -> '../run-virtiofs\x2dmnt\x2dhoststorage.mount'
$ bcvk ephemeral run-ssh --bind-storage-ro localhost/fedora-coreos ls -al /etc/systemd/system/local-fs.target.wants
total 4
drwxr-xr-x 1 root root 60 Oct 30 13:23 .
drwxr-xr-x 1 root root 80 Oct 30 13:23 ..
lrwxrwxrwx 2 root root 46 Jan  1  1970 ostree-remount.service -> /usr/lib/systemd/system/ostree-remount.service
$

A few options here. First, the way we're auto-injecting units in ephemeral right now is unclean and should be fixed regardless.

We could use the systemd.extra-unit.* credential for this (as we're doing elsewhere), but this has the downside that it won't work with the systemd in C9S. That said, honestly it may be easier to ask for that to be fixed or to basically shim it elsewhere (for example, we could inject code into the initramfs to generate whatever units we want).