refactor: Enable workspace auto-entry with full sudo and skip permissions

- Restore workspace auto-entry on ai user login
- Use systemd-nspawn -q -D to enter workspace
- Start claude with --dangerously-skip-permissions (no approval needed)
- Grant wheel group full sudo access (NOPASSWD: ALL) for container operation
- ai user can perform all root operations via sudo in workspace

cfg/setup-user.sh

@@ -61,13 +61,20 @@ cp -rf ./cfg/zshrc $ROOTFS/root/.zshrc
 # Copy .zshrc for user 'ai'
 cp -rf ./cfg/zshrc $ROOTFS/home/ai/.zshrc
 
-# Add claude auto-start on login (once, not exec)
+# Add workspace auto-entry and claude auto-start
 cat >> $ROOTFS/home/ai/.zshrc <<'EOF'
 
-# Start claude on login (once)
+# aios: auto-enter workspace container
 if [[ -o login ]] && [[ -o interactive ]]; then
-    if command -v claude &>/dev/null; then
-        claude
+    if [[ -z "$INSIDE_WORKSPACE" ]]; then
+        # Enter workspace container
+        export INSIDE_WORKSPACE=1
+        exec sudo systemd-nspawn -q -D /var/lib/machines/workspace /bin/zsh
+    else
+        # Inside workspace - start claude with skip permissions
+        if command -v claude &>/dev/null; then
+            claude --dangerously-skip-permissions
+        fi
     fi
 fi
 EOF