FR-6365 - Prevent daemons from running when installing packages

[upils]

This is another attempt at solving LP: #2049695 with 2 distinct improvements.

• As explained in the bug, /dev cannot be unmouted because some processes are left running after the packages installation.
  ubuntu-image was not using a policy-rc.d to prevent daemon/services from running after installing some packages.
  See the invokerc.d documentation and this thread explaining systemd is respecting this policy.
  This PR is using policy-rc.d, start-stop-daemon and initctl to try preventing as many services as possible from starting.

• Even though services should not start anymore, we notice some directories/devices might be mounted during the package installation. Additional mountpoints should now be detected and unmounted.

[codecov]

Codecov Report

Attention: Patch coverage is 88.04665% with 41 lines in your changes are missing coverage. Please review.

Project coverage is 87.35%. Comparing base (f91d7ff) to head (5a9be67).

Files	Patch %	Lines
internal/statemachine/helper.go	81.63%	17 Missing and 1 partial ⚠️
internal/helper/helper.go	77.08%	10 Missing and 1 partial ⚠️
internal/statemachine/mount_helper.go	90.72%	6 Missing and 3 partials ⚠️
internal/statemachine/classic_states.go	97.00%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #183      +/-   ##
==========================================
- Coverage   88.44%   87.35%   -1.10%     
==========================================
  Files          14       15       +1     
  Lines        3714     3937     +223     
==========================================
+ Hits         3285     3439     +154     
- Misses        376      438      +62     
- Partials       53       60       +7     

Flag	Coverage Δ
unittests	87.35% <88.04%> (-1.10%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[upils]

Even though the bug is not fully solved, I think this PR should not contain any more improvements, it is big enough.

Another PR should be open if we want to make u-i even more robust to weird behaviors in package installation. Maybe at some point we will resort to umount -l or killing every processes in the chroot but I would like to avoid that.

[sil2100]

We still need to think if this is the way we want to go, but for now I think it's the right thing. LGTM.

[sil2100]

This one looks good to go. As we discussed elsewhere, I think we need to think about our general approach to the rootfs building: should we continue on being strict and blocking daemons from starting etc., or should we be more destructive and allowing anything but then forcibly killing all processes involved? We'll have to discuss separately.

For now this is better than what we have and a step in a better direction.