fix(codex): fix permission denied for non-root users

- chown -R ~/.codex/ to actual user after patching (sudo creates as root)
- Detect SUDO_USER for the invoking user
- Iterate /Users/*/.codex (macOS) and /home/*/.codex (Linux) to fix all

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

codex/ucodex_install.sh

@@ -182,6 +182,29 @@ info "Applying patches..."
 python3 "$INSTALL_DIR/codex_patcher.py" --apply --all --config "$INSTALL_DIR/codex_config.json"
 log "Patches applied"
 
+# Fix ownership: sudo creates files as root, but users need to own their .codex/
+if [ -n "${SUDO_USER:-}" ] && [ "$SUDO_USER" != "root" ]; then
+    SUDO_HOME=$(eval echo "~$SUDO_USER")
+    if [ -d "$SUDO_HOME/.codex" ]; then
+        chown -R "$SUDO_USER" "$SUDO_HOME/.codex"
+        log "Fixed ownership: $SUDO_HOME/.codex -> $SUDO_USER"
+    fi
+fi
+# Also fix for all users that were patched by --all
+if $IS_MACOS; then
+    for udir in /Users/*/.codex; do
+        [ -d "$udir" ] || continue
+        owner=$(stat -f '%Su' "$(dirname "$udir")")
+        chown -R "$owner" "$udir" 2>/dev/null && log "Fixed ownership: $udir -> $owner"
+    done
+else
+    for udir in /home/*/.codex; do
+        [ -d "$udir" ] || continue
+        owner=$(stat -c '%U' "$(dirname "$udir")")
+        chown -R "$owner" "$udir" 2>/dev/null && log "Fixed ownership: $udir -> $owner"
+    done
+fi
+
 # ---- Step 3: Set env vars system-wide ----
 
 echo -e "\n${BOLD}Step 3: Setting environment variables...${NC}"