fix(codex): patch all users, not just root — add --all flag and fix macOS UID threshold

- Install script now runs patcher with --all to patch every user's ~/.codex/config.toml
- Fix list_users() UID threshold: macOS starts at 500, Linux at 1000
- Fix file ownership: chown config files to the actual user after patching

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

codex/codex_patcher.py

@@ -664,7 +664,8 @@ def list_users():
             home = pw.pw_dir
             if not os.path.isdir(home):
                 continue
-            if pw.pw_uid < 1000 and pw.pw_uid != 0:
+            min_uid = 500 if IS_MACOS else 1000
+            if pw.pw_uid < min_uid and pw.pw_uid != 0:
                 continue
             if pw.pw_shell in ("/usr/sbin/nologin", "/bin/false"):
                 continue
@@ -674,7 +675,7 @@ def list_users():
     return users
 
 
-def patch_user(user_home, config):
+def patch_user(user_home, config, uid=None, gid=None):
     """Patch a single user's ~/.codex/ config."""
     codex_dir = os.path.join(user_home, ".codex")
     os.makedirs(codex_dir, exist_ok=True)
@@ -693,6 +694,12 @@ def patch_user(user_home, config):
     with open(config_path, "w", encoding="utf-8") as f:
         f.write(new_content)
 
+    # Fix ownership so files belong to the user, not root
+    if uid is not None and gid is not None:
+        for path in [codex_dir, config_path, catalog_path]:
+            if os.path.exists(path):
+                os.chown(path, uid, gid)
+
     return True
 
 
@@ -741,7 +748,7 @@ def main():
                 if user.pw_dir == os.path.expanduser("~"):
                     continue
                 try:
-                    patch_user(user.pw_dir, config)
+                    patch_user(user.pw_dir, config, uid=user.pw_uid, gid=user.pw_gid)
                     print(f"  Patched {user.pw_name}: {user.pw_dir}/.codex/config.toml")
                 except Exception as e:
                     print(f"  {RED}Failed {user.pw_name}: {e}{RESET}")