units: conditionalize static device node logic on CAP_SYS_MODULES instead of CAP_MKNOD

units: conditionalize static device node logic on CAP_SYS_MODULES instead of CAP_MKNOD

npsawn containers generally have CAP_MKNOD, since this is required
to make PrviateDevices= work. Thus, it's not useful anymore to
conditionalize the kmod static device node units.

Use CAP_SYS_MODULES instead which is not available for nspawn
containers. However, the static device node logic is only done for being
able to autoload modules with it, and if we can't do that there's no
point in doing it.