Implement aios initial direction: AI-managed OS with shared memory

This commit implements the new direction for aios:
- AI conversation interface replaces traditional shell
- aigpt integration for shared memory across containers
- systemd-nspawn for environment isolation

Changes:
- Added aios-install.sh: Complete installer script
- Added cfg/mcp.json: MCP server configuration for aigpt
- Added cfg/config.toml: aios configuration with permission system
- Added cfg/nspawn/aios.nspawn: systemd-nspawn configuration
- Updated build.zsh: Integrated aigpt installation and setup
- Updated README.md: Documented new architecture and philosophy

Architecture:
User → AI Chat → Commands → Execution
         ↓
     aigpt (shared memory)
         ↓
  systemd-nspawn (isolated environment)

Philosophy:
Simply insert AI into existing flows (shell → AI chat)

cfg/config.toml

@@ -0,0 +1,59 @@
+# aios configuration
+
+[general]
+version = "0.1.0"
+name = "aios"
+description = "AI-managed OS with shared memory"
+
+[paths]
+config_dir = "~/.config/syui/ai"
+memory_db = "~/.config/syui/ai/gpt/memory.db"
+mcp_config = "~/.config/syui/ai/mcp.json"
+
+[permissions]
+# Level 0: Auto-allow (no approval required)
+auto_allow = [
+    "pacman -Q*",
+    "pacman -Ss*",
+    "systemctl status*",
+    "ls", "cat", "grep", "find",
+    "ps", "top", "htop",
+    "df", "free", "uname"
+]
+
+# Level 1: Notify (log only, no approval)
+notify = [
+    "pacman -S*",
+    "pacman -Sy*",
+    "git clone*",
+    "cargo install*",
+    "systemctl start*",
+    "systemctl enable*"
+]
+
+# Level 2: Require approval
+require_approval = [
+    "pacman -R*",
+    "rm -rf*",
+    "systemctl stop*",
+    "systemctl disable*",
+    "dd*"
+]
+
+# Level 3: Deny
+deny = [
+    "rm -rf /",
+    "rm -rf /*",
+    "mkfs*",
+    ":(){ :|:& };:"
+]
+
+[aigpt]
+enable_layer4 = true
+wal_mode = true
+cache_size_mb = 64
+
+[container]
+runtime = "systemd-nspawn"
+private_users = true
+virtual_ethernet = true

cfg/mcp.json

@@ -0,0 +1,12 @@
+{
+  "mcpServers": {
+    "aigpt": {
+      "command": "aigpt",
+      "args": ["server", "--enable-layer4"],
+      "env": {
+        "AIGPT_DB": "/root/.config/syui/ai/gpt/memory.db"
+      },
+      "description": "AI memory and personality system"
+    }
+  }
+}

cfg/nspawn/aios.nspawn

@@ -0,0 +1,16 @@
+# systemd-nspawn configuration for aios
+# Place this file in /etc/systemd/nspawn/aios.nspawn
+
+[Exec]
+Boot=yes
+PrivateUsers=pick
+ResolvConf=copy-host
+
+[Files]
+# Bind mount shared memory directory
+# Host: ~/.config/syui/ai -> Container: /root/.config/syui/ai
+Bind=%h/.config/syui/ai:/root/.config/syui/ai
+
+[Network]
+Private=yes
+VirtualEthernet=yes