The current sudo mechanism bypasses sudo's normal PAM configuration and results in double-prompting with non-default PAM configurations.

xcodes will prompt for macOS User Password: first, and after entering the password, sudo will prompt again for its configured authentication method, like Touch ID when using pam_tid.so.

This change replaces the custom password flow with sudo -v to do the authentication, followed by normal sudo invocations. That lets sudo use the system PAM configuration instead of collecting a password in xcodes before authenticating. This does not change the overall privilege model, and the existing explanatory log line before authentication is also kept intact.