Consider removing passwd/shadow files from factory and utilize systemd-firstboot

Currently we have tmpfiles rule for copying over /etc/{passwd,shadow} from the factory, resulting in a password-less root account that one cannot really login.

We should probably consider removing the rule to trigger systemd-firstboot's prompt on first boot, so that the user could create a password from tty and systemd will create the two files instead.