feat: Implement user-dir sharing between ai user and workspace root

Perfect solution for aios concept:
- workspace.nspawn: Bind=/home/ai:/root
- ai user and workspace root share the SAME home directory
- Same .zshrc, .claude.json, .config, all data/settings/history
- INSIDE_WORKSPACE env var prevents infinite loop
- Flow: ai login → enter workspace → claude starts
- All configuration and memory perfectly shared

cfg/setup-claude.sh

@@ -45,23 +45,6 @@ sleep 2
 arch-chroot $ROOTFS /bin/sh -c 'pkill aigpt'
 arch-chroot $ROOTFS /bin/sh -c 'if command -v sqlite3 &>/dev/null; then sqlite3 /root/.config/syui/ai/gpt/memory.db "PRAGMA journal_mode=WAL; PRAGMA synchronous=NORMAL;"; fi'
 
-# Add claude auto-start for root user (container concept)
+# Note: claude auto-start is configured in ai user's .zshrc (shared with workspace root via bind mount)
-echo "Configuring claude auto-start for root..."
-cat >> $ROOTFS/root/.zshrc <<'EOF'
-
-# MCP auto-setup (run once after .claude.json is created)
-if [[ -f ~/.claude.json ]] && ! grep -q '"aigpt"' ~/.claude.json 2>/dev/null; then
-    if command -v claude &>/dev/null && command -v aigpt &>/dev/null; then
-        claude mcp add aigpt aigpt server &>/dev/null || true
-    fi
-fi
-
-# Auto-start claude in interactive login shell
-if [[ -o login ]] && [[ -o interactive ]]; then
-    if command -v claude &>/dev/null; then
-        claude
-    fi
-fi
-EOF
 
 echo "✓ Claude MCP setup complete"

cfg/setup-user.sh

@@ -30,6 +30,22 @@ EOF
 echo "Enabling systemd-machined..."
 arch-chroot $ROOTFS /bin/sh -c 'systemctl enable systemd-machined'
 
+# Create workspace container configuration (bind ai user dir to container root)
+echo "Creating workspace container configuration..."
+mkdir -p $ROOTFS/etc/systemd/nspawn
+cat > $ROOTFS/etc/systemd/nspawn/workspace.nspawn <<'EOF'
+[Exec]
+Boot=yes
+PrivateUsers=pick
+ResolvConf=copy-host
+
+[Files]
+Bind=/home/ai:/root
+
+[Network]
+VirtualEthernet=no
+EOF
+
 # Setup auto-login for user 'ai'
 echo "Setting up auto-login..."
 arch-chroot $ROOTFS /bin/sh -c 'mkdir -p /etc/systemd/system/getty@tty1.service.d'
@@ -46,23 +62,29 @@ cp -rf ./cfg/zshrc $ROOTFS/root/.zshrc
 # Copy .zshrc for user 'ai'
 cp -rf ./cfg/zshrc $ROOTFS/home/ai/.zshrc
 
-# Add workspace container setup and claude wrapper for ai user
+# Add workspace container auto-start and entry (shared .zshrc for ai user and workspace root)
 cat >> $ROOTFS/home/ai/.zshrc <<'EOF'
 
-# Start workspace container on login
+# MCP auto-setup (run once after .claude.json is created)
-if [[ -o login ]]; then
+if [[ -f ~/.claude.json ]] && ! grep -q '"aigpt"' ~/.claude.json 2>/dev/null; then
-    sudo machinectl start workspace 2>/dev/null || true
+    if command -v claude &>/dev/null && command -v aigpt &>/dev/null; then
+        claude mcp add aigpt aigpt server &>/dev/null || true
+    fi
 fi
 
-# Claude wrapper - always use container's claude (shared config/memory)
+# aios concept: container from start (ai user and workspace root share this .zshrc)
-claude() {
-    sudo machinectl shell workspace /bin/sh -c "claude $*"
-}
-
-# Auto-start claude in interactive login shell
 if [[ -o login ]] && [[ -o interactive ]]; then
-    if command -v claude &>/dev/null; then
+    if [[ -z "$INSIDE_WORKSPACE" ]]; then
-        claude
+        # Running as ai user on aios OS - enter workspace container
+        export INSIDE_WORKSPACE=1
+        sudo machinectl start workspace 2>/dev/null || true
+        sleep 1
+        exec sudo machinectl shell workspace
+    else
+        # Running as root inside workspace container - start claude
+        if command -v claude &>/dev/null; then
+            claude
+        fi
     fi
 fi
 EOF