Set user shell even if user is system

linux/system/user.sls ignores 'shell' option if a
user is system. This is quite strange behavior, and it
breaks CIS:
* 5.4.2 Ensure system accounts are non-login

Change-Id: I32dd44ac4fcc1425ea47eb4cf60acf41f6ce0887
Related-Prod: PROD-20764

linux/system/user.sls

@@ -43,6 +43,7 @@ system_user_{{ name }}:
   {%- endif %}
   {%- if user.system is defined and user.system %}
   - system: True
+  - shell: {{ user.get('shell', '/bin/false') }}
   {%- else %}
   - shell: {{ user.get('shell', '/bin/bash') }}
   {%- endif %}