r/vmhost: Remove system call filters from unit

The `vm-autostart` script fails with `bad system call` errors when
trying to start libvirt domains.  Removing the system call filters works
around this.  Ideally, we should figure out exactly which system call is
being rejected and allow it, but that's rather difficult to do and
probably not really worth the effort in this case.

roles/vmhost/files/vm-autostart.service

@@ -37,8 +37,6 @@ RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes
 SystemCallArchitectures=native
-SystemCallFilter=@system-service
-SystemCallFilter=~@privileged @resources
 UMask=0027
 
 [Install]