feat: support shared profile groups with separate auth

[Jacques2Marais]

Summary

• add shared-profile initialization via codex-profile init PROFILE --share-with SOURCE
• symlink shared top-level CODEX_HOME entries while keeping auth.json separate in the new profile
• document the workflow and cover it with shell tests

Testing

• LC_ALL=C LANG=C make test

Closes #3

[Ducksss]

I think this is worth accepting, but as a narrow linked-profile mode rather than “symlink most of CODEX_HOME”.

Proposed shape:

• codex-profile init personal-2 --share-with personal-1
• create ~/.codex-personal-2 as a real private directory
• symlink only an explicit allowlist from the source profile:
  • config.toml
  • AGENTS.md
  • AGENTS.override.md
  • instructions.md
  • custom-instructions.md
  • rules/
  • plugins/
• always keep auth.json, sessions/, logs/, electron-user-data/, caches, and connector/app state separate
• fail if source profile is missing, source equals target, or a target path already exists

That preserves the project’s “don’t read/copy auth tokens” boundary while solving the live shared-config use case. I’d skip session/log sharing for the first version; add it later only if there’s real demand.