mkosi: Create testuser at runtime

Now that we have userdb credentials, let's ship testuser as a userdb
credential instead of including it in the image.

mkosi.credentials/userdb.group.testuser

@@ -0,0 +1,5 @@
+{
+    "groupName": "testuser",
+    "gid": 4711,
+    "disposition": "regular"
+}

mkosi.credentials/userdb.user.testuser

@@ -0,0 +1,14 @@
+{
+    "userName": "testuser",
+    "uid": 4711,
+    "disposition": "regular",
+    "enforcePasswordPolicy": false,
+    "memberOf": [
+        "wheel",
+        "systemd-journal"
+    ],
+    "shell": "/bin/bash",
+    "privileged": {
+        "hashedPassword": ["$1$kqp7NF1f$tNnQcshPX53CSfRKTQD0R1"]
+    }
+}

mkosi.extra/usr/lib/tmpfiles.d/testuser.conf

@@ -1,3 +0,0 @@
-# SPDX-License-Identifier: LGPL-2.1-or-later
-
-z! /home/testuser 700 testuser testuser

mkosi.postinst.chroot

@@ -5,14 +5,6 @@ set -o nounset
 
 find "$BUILDDIR" \( -name "*.rpm" -o -name "*.deb" -o -name "*.pkg.tar" -o -name systemd.raw \) -exec cp -t "$OUTPUTDIR" {} \;
 
-useradd \
-    --uid 4711 \
-    --user-group \
-    --create-home \
-    --password "$(openssl passwd -1 testuser)" \
-    --shell /bin/bash \
-    testuser
-
 if command -v authselect >/dev/null; then
     # authselect 1.5.0 renamed the minimal profile to the local profile without keeping backwards compat so
     # let's use the new name if it exists.