users: Invalidate nscd cache after nslcd service startup

Fixes an issue where LDAP group membership info is not available long time
after system restart. This can happen when nscd cache is expired and name
service queries are made while nslcd is not yet started. As a result, nscd
group cache contains only local system groups and not LDAP groups. The issue
arises more likely in slow systems where slapd/nslcd startup can take minutes.
Could also depend on how long the device has been shut down before.

Tests performed:
  - stop nscd service, start nslcd service, check form the logs that
nscd reload errors are ignored and nslcd service starts successfully.

  - Test when nscd group cache is invalidated while nslcd is not running.
Run commands:
```
systemctl reload nscd
id tester
systemctl stop nslcd
nscd -i group
id tester
systemctl start nslcd
id tester
```

Result before patch applied.
```
uid=10001(tester) gid=100(users) groups=10002(admin),100(users)
uid=10001(tester) gid=100(users) groups=100(users)
uid=10001(tester) gid=100(users) groups=100(users)
```

Result after patch applied, tester is in the admins group at the end.
```
uid=10001(tester) gid=100(users) groups=10002(admin),100(users)
uid=10001(tester) gid=100(users) groups=100(users)
uid=10001(tester) gid=100(users) groups=10002(admin),100(users)
```

Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>

plinth/modules/users/data/usr/lib/systemd/system/nslcd.service.d/freedombox.conf

@@ -0,0 +1,4 @@
+[Service]
+# Invalidate LDAP related caches.
+ExecStartPost=-nscd --invalidate=passwd
+ExecStartPost=-nscd --invalidate=group