From 2162463382d746ce8bf4d37d5bdd8c87fa3c7fb8 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Fri, 7 Nov 2025 20:00:21 +0000
Subject: [PATCH] Revert workspace.nspawn to simple configuration

- Remove incorrect nested container settings
- Audit error cannot be solved with nspawn config (kernel issue)
- Keep simple config: Boot=yes, Bind mount, no VirtualEthernet
- Works in production (aios as OS), not in test (nested container)
---
 cfg/setup-user.sh | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/cfg/setup-user.sh b/cfg/setup-user.sh
index c298876..bf386f2 100755
--- a/cfg/setup-user.sh
+++ b/cfg/setup-user.sh
@@ -37,13 +37,9 @@ cat > $ROOTFS/etc/systemd/nspawn/workspace.nspawn <<'EOF'
 [Exec]
 Boot=yes
 ResolvConf=copy-host
-Capability=all
-SystemCallFilter=@keyring bpf
-PrivateUsers=no
 
 [Files]
 Bind=/home/ai:/root
-SuppressSync=false
 
 [Network]
 VirtualEthernet=no