fix: bootstrap linux sandbox prerequisites

[jy-tan]

Summary

Repair Linux sandbox bootstrap in drift-action so replay runs can recover when bubblewrap is installed but user namespace support is still missing on GitHub-hosted runners.

This came up once strict Fence-backed replays started exercising more Linux runners that had bwrap on PATH but still failed with setting up uid map: Permission denied. The action now repairs that gap on hosted runners, while warning instead of mutating self-hosted machines automatically.

Changes

• add a bwrap --unshare-user preflight after dependency installation so the action verifies that Fence sandboxing can actually start, not just that bwrap exists
• install uidmap, append /etc/subuid and /etc/subgid entries, and set the bwrap setuid bit when the preflight fails on GitHub-hosted Linux runners
• avoid automatic system mutation on self-hosted runners by surfacing a warning with the required manual setup instead
• expand the action tests to cover preflight success, hosted-runner repair, self-hosted warning behavior, and the richer mocked @actions/exec interactions

[cubic-dev-ai]

No issues found across 7 files