Allow relaxing machine-id matching for `/var` partitions

[septatrix]

The current spec mandates that var-partitions are only mounted "under the condition that its partition UUID matches the first 128 bits of HMAC-SHA256(machine-id, 0x4d21b016b53445c2a9fb5c16e091fd2d)".

This is problematic for image-based appliances with a hermetic usr-partition and a tmpfs for root. In that scenario there is no sensible way to persist the machine-id. Especially for single-OS installations the requirement that the machine-id and partition UUID must match is useless and one should be able to ignore that. This could be for example a new partition type or a GPT flag.

Somewhat related is where I already explained a possible solution using a GPT flag: #117 (comment).

[poettering]

feel free to prep a patch that adds a flag for that to the var partition. i'd merge that. (and prep a patch for the dissect logic in systemd otherwise it will be useless i guess)

[septatrix]

Since the introduction of the systemd.machine_id=firmware switch (and EFI add-ons) this has become a lower priority for me. I think this will still be useful but in some edge cases or for devices which do not use UEFI/DMI but I am not sure when I will come around to prepping patches. This should also happen in coordination with @AdrianVovk's #117 which might be able to make use of such a flag as well.