Fix systemd unit file umask handling in install.sh

[jferrazbr]

Issue: #244

Problem

PR #245 changed the installer to adjust the umask and run "chmod 0644" after creating the systemd unit file. The goal was to avoid the systemd warning:

"Configuration file /etc/systemd/system/rancher-system-agent.service is marked world-inaccessible."

However, the "chmod" and umask restore lines were placed inside the here-doc. This caused two problems reported by @pedromfcarvalho:

1. These lines were written into "/etc/systemd/system/rancher-system-agent.service" as plain text, which made systemd report:
   • "/etc/systemd/system/rancher-system-agent.service:20: Missing '=', ignoring line."
   • "/etc/systemd/system/rancher-system-agent.service:21: Missing '=', ignoring line."
2. The original shell umask was never restored, because the "umask" command was not executed by the shell.

Solution

• Keep "umask 022" before the here-doc so the created unit file uses the correct default permissions.
• Move the "umask" restoration to after the here-doc end marker ("EOF") so it is executed by the shell and does not end up in the unit file.
• Remove the explicit "chmod 0644" and rely on "umask 022" to set the correct file mode for the unit file.

Testing

Engineering Testing

Manual Testing

On a Ubuntu node on DigitalOcean:

1. Copied the modified "install.sh" to the node and ran it using the same server URL, token and role flags as in the Rancher custom cluster registration command.
2. Verified the systemd unit syntax:
   • Ran "systemd-analyze verify rancher-system-agent.service" and saw no errors or warnings.
3. Verified the systemd logs:
   • Ran "journalctl -u rancher-system-agent" and confirmed that:
     • The "Configuration file ... is marked world-inaccessible" warning is gone.
     • There are no "Missing '='" messages for the unit file.